753.852211][T21960] anon 176128
[  753.852211][T21960] file 28672
[  753.852211][T21960] kernel_stack 0
[  753.852211][T21960] slab 4096000
[  753.852211][T21960] sock 0
[  753.852211][T21960] shmem 122880
[  753.852211][T21960] file_mapped 135168
[  753.852211][T21960] file_dirty 135168
[  753.852211][T21960] file_writeback 0
[  753.852211][T21960] anon_thp 0
[  753.852211][T21960] inactive_anon 0
[  753.852211][T21960] active_anon 176128
[  753.852211][T21960] inactive_file 0
[  753.852211][T21960] active_file 147456
[  753.852211][T21960] unevictable 0
[  753.852211][T21960] slab_reclaimable 2433024
[  753.852211][T21960] slab_unreclaimable 1662976
[  753.852211][T21960] pgfault 77880
[  753.852211][T21960] pgmajfault 0
[  753.852211][T21960] workingset_refault 0
[  753.852211][T21960] workingset_activate 0
[  753.852211][T21960] workingset_nodereclaim 0
[  753.852211][T21960] pgrefill 168
[  753.852211][T21960] pgscan 5119
[  753.852211][T21960] pgsteal 4281
[  753.852211][T21960] pgactivate 198
[  753.949936][T21960] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=21960,uid=0
10:29:26 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x806}, 0x0)

[  753.965944][T21960] Memory cgroup out of memory: Killed process 21960 (syz-executor.0) total-vm:72452kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
10:29:26 executing program 4:
r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x3}, 0x10)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = socket(0x11, 0x3, 0xfffffffffffffc01)
recvfrom$unix(r3, &(0x7f0000000240), 0x0, 0x40012003, 0x0, 0x713)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r5, &(0x7f0000000100)={&(0x7f0000000040)=@nfc={0x27, 0x2}, 0x80, 0x0}, 0x0)
recvmsg$kcm(r5, &(0x7f0000003800)={&(0x7f0000003480)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r6=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f00000037c0)=[{&(0x7f0000003500)=""/192, 0xc0}, {&(0x7f00000035c0)=""/253, 0xfd}, {&(0x7f00000036c0)}, {&(0x7f0000003700)=""/139, 0x8b}], 0x4, &(0x7f0000004880)=""/135, 0x87}, 0x21)
ioctl$sock_inet6_tcp_SIOCATMARK(r6, 0x8905, &(0x7f0000004940))
ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070")
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000300)={<r7=>0x0, @multicast1}, &(0x7f0000000340)=0xc)
setsockopt$inet6_mreq(r4, 0x29, 0x14, &(0x7f00000001c0)={@loopback, r7}, 0x14)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x19, r7, 0x1, 0x7}, 0x14)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f00000000c0)=0x4)
setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000180)={0x62, {{0xa, 0x4e24, 0x4, @local, 0x4}}}, 0x88)
write$binfmt_script(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="5ede0bd1ae650eafadb75a3416f4fb886753b20066708bad12e4eeb0d156a4bf710afc8a6e0de9d6eb65960b34f118fbe161d48a53fb182e0d1199d428d7839b7d653e422797b08c97a61eae5e674a8232eb81dd2ddedb89d530526c581cdc6ef0fdd75f5955c62b0ee42cdabf4045f5d158ad26b4d58d030087d4d9ceb08c6377c356d570a9f038e97ec5aa08857546489f6b2a92905735b03414ee3043757c574c20821523d8c5595ca117ec1cf4bde0dc1f1adb2c21deacfb67fc93bb1508f2cdb597180b18af62408e97fa38ed29ec7d509bf9e3b4d424f5b58f2001"], 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r8=>0xffffffffffffffff})
getpeername(r8, 0x0, &(0x7f0000003840))
recvmmsg(r8, &(0x7f0000002100)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)=""/33, 0x21}, {&(0x7f00000003c0)=""/118, 0x76}], 0x2}, 0xdd65}, {{&(0x7f0000000480)=@pppol2tpin6={0x18, 0x1, {0x0, <r9=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000001940)=[{&(0x7f0000000500)=""/19, 0x13}, {&(0x7f0000000540)=""/80, 0x50}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/118, 0x76}, {&(0x7f0000001640)=""/146, 0x92}, {&(0x7f0000001700)=""/204, 0xcc}, {&(0x7f0000001800)=""/191, 0xbf}, {&(0x7f00000018c0)=""/93, 0x5d}], 0x8, &(0x7f00000019c0)=""/81, 0x51}, 0x9}, {{&(0x7f0000001a40)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000001b80)=[{&(0x7f0000001ac0)=""/159, 0x9f}], 0x1, &(0x7f0000001bc0)=""/20, 0x14}, 0xc0000}, {{&(0x7f0000001c00)=@isdn, 0x80, &(0x7f0000002080)=[{&(0x7f0000001c80)=""/141, 0x8d}, {&(0x7f0000001d40)=""/238, 0xee}, {&(0x7f0000001e40)=""/247, 0xf7}, {&(0x7f0000001f40)=""/16, 0x10}, {&(0x7f0000001f80)=""/200, 0xc8}], 0x5}, 0x8000}], 0x4, 0x101, &(0x7f0000002200)={0x77359400})
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r9, 0x84, 0x16, &(0x7f0000002240)={0x7, [0x5, 0x2, 0x5, 0x2, 0x92, 0x7f, 0xfff]}, 0x12)

10:29:26 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  754.170274][T22592] IPVS: ftp: loaded support on port[0] = 21
10:29:26 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:27 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r1}], 0x1, 0x81)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="a1fed049ba570b320afd31b7678b106d", 0x10)
write(r0, &(0x7f0000000000)="2400000052001f0014f9f407000904000a00071004000100feffffff0800000000000000", 0x24)

10:29:27 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
r1 = socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0xed5e0000, 0x0, 0x0, 0x20000fff, 0x0, 0x0, [0x0, 0x5]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003540)=[{0x0, 0x0, 0x0}], 0x1, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000000c0)={0xed5e0000, 0x0, 0x0, 0x20000fff, 0x0, 0x0, [0x0, 0x5]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003540)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}], 0x1, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={0xffffffffffffffff, r2, 0xc19e7917a4a35be1, 0x3}, 0x10)
sendmmsg$alg(r1, &(0x7f0000000140), 0x49249249249232f, 0x0)
r3 = socket(0x10, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000140), 0x49249249249232f, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, 0x0, 0x0)
mmap(&(0x7f0000001000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f00000002c0)=@generic={0x7, 0x0, 0x3})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
openat$cgroup_int(r4, &(0x7f0000000040), 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000480)=ANY=[], 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x8000, 0x0, 0x5}, 0x10)
r5 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000001280)={@mcast1, 0x3f})
writev(r5, &(0x7f0000000700)=[{&(0x7f0000000000)='g', 0x1}], 0x1)

[  755.511271][T22592] chnl_net:caif_netlink_parms(): no params data found
[  755.688048][T22592] bridge0: port 1(bridge_slave_0) entered blocking state
[  755.695208][T22592] bridge0: port 1(bridge_slave_0) entered disabled state
[  755.703275][T22592] device bridge_slave_0 entered promiscuous mode
[  755.719722][T22592] bridge0: port 2(bridge_slave_1) entered blocking state
[  755.726793][T22592] bridge0: port 2(bridge_slave_1) entered disabled state
[  755.748618][T22592] device bridge_slave_1 entered promiscuous mode
[  755.865249][T22592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  755.877140][T22592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  755.897071][T22615] IPVS: ftp: loaded support on port[0] = 21
[  756.076934][T22592] team0: Port device team_slave_0 added
[  756.201900][T22592] team0: Port device team_slave_1 added
[  756.249906][T11615] device bridge_slave_1 left promiscuous mode
[  756.256696][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  756.317354][T11615] device bridge_slave_0 left promiscuous mode
[  756.324250][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  758.568317][T11615] device hsr_slave_0 left promiscuous mode
[  758.607827][T11615] device hsr_slave_1 left promiscuous mode
[  758.658794][T11615] team0 (unregistering): Port device team_slave_1 removed
[  758.671937][T11615] team0 (unregistering): Port device team_slave_0 removed
[  758.683474][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  758.742478][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  758.835849][T11615] bond0 (unregistering): Released all slaves
[  758.959977][T22592] device hsr_slave_0 entered promiscuous mode
[  759.008018][T22592] device hsr_slave_1 entered promiscuous mode
[  759.077644][T22592] debugfs: Directory 'hsr0' with parent '/' already present!
[  759.305343][T22615] chnl_net:caif_netlink_parms(): no params data found
[  759.335251][T22592] 8021q: adding VLAN 0 to HW filter on device bond0
[  759.370369][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  759.378783][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  759.394286][T22592] 8021q: adding VLAN 0 to HW filter on device team0
[  759.417721][T22615] bridge0: port 1(bridge_slave_0) entered blocking state
[  759.424806][T22615] bridge0: port 1(bridge_slave_0) entered disabled state
[  759.440516][T22615] device bridge_slave_0 entered promiscuous mode
[  759.454832][T22615] bridge0: port 2(bridge_slave_1) entered blocking state
[  759.464120][T22615] bridge0: port 2(bridge_slave_1) entered disabled state
[  759.478251][T22615] device bridge_slave_1 entered promiscuous mode
[  759.516978][T22615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  759.539619][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  759.558281][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  759.566734][T14293] bridge0: port 1(bridge_slave_0) entered blocking state
[  759.573881][T14293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  759.589773][T22615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  759.607174][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  759.655453][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  759.684652][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  759.721311][T13143] bridge0: port 2(bridge_slave_1) entered blocking state
[  759.728450][T13143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  759.750406][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  759.786188][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  759.804668][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  759.816101][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  759.833880][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  759.846334][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  759.862660][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  759.874579][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  759.891944][T22615] team0: Port device team_slave_0 added
[  759.906388][T22592] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  759.921618][T22592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  759.937446][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  759.953856][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  759.972849][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  759.984882][T22615] team0: Port device team_slave_1 added
[  760.040528][T22615] device hsr_slave_0 entered promiscuous mode
[  760.077999][T22615] device hsr_slave_1 entered promiscuous mode
[  760.117625][T22615] debugfs: Directory 'hsr0' with parent '/' already present!
[  760.137424][T22592] 8021q: adding VLAN 0 to HW filter on device batadv0
[  760.248156][T22615] 8021q: adding VLAN 0 to HW filter on device bond0
[  760.262802][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  760.296161][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  760.324373][T22615] 8021q: adding VLAN 0 to HW filter on device team0
[  760.345642][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  760.355972][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  760.365137][T14293] bridge0: port 1(bridge_slave_0) entered blocking state
[  760.372276][T14293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  760.388928][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  760.397421][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  760.413619][T22625] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  760.425680][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  760.434788][T14293] bridge0: port 2(bridge_slave_1) entered blocking state
[  760.441904][T14293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  760.449983][T22625] CPU: 0 PID: 22625 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  760.457881][T22625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  760.467940][T22625] Call Trace:
[  760.471245][T22625]  dump_stack+0x172/0x1f0
[  760.475613][T22625]  dump_header+0x10b/0x82d
[  760.480058][T22625]  oom_kill_process.cold+0x10/0x15
[  760.485170][T22625]  out_of_memory+0x334/0x1340
[  760.489841][T22625]  ? cgroup_file_notify+0x140/0x1b0
[  760.495031][T22625]  ? oom_killer_disable+0x280/0x280
[  760.500242][T22625]  mem_cgroup_out_of_memory+0x1d8/0x240
[  760.505777][T22625]  ? memcg_stat_show+0xc40/0xc40
[  760.510720][T22625]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  760.516505][T22625]  ? cgroup_file_notify+0x140/0x1b0
[  760.521777][T22625]  memory_max_write+0x262/0x3a0
[  760.526607][T22625]  ? mem_cgroup_write+0x370/0x370
[  760.531612][T22625]  ? lock_acquire+0x190/0x410
[  760.536280][T22625]  ? kernfs_fop_write+0x227/0x480
[  760.541289][T22625]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  760.546815][T22625]  cgroup_file_write+0x241/0x790
[  760.551753][T22625]  ? mem_cgroup_write+0x370/0x370
[  760.556770][T22625]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  760.562389][T22625]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  760.568013][T22625]  kernfs_fop_write+0x2b8/0x480
[  760.572946][T22625]  __vfs_write+0x8a/0x110
[  760.577272][T22625]  ? kernfs_fop_open+0xd80/0xd80
[  760.582276][T22625]  __kernel_write+0x11b/0x3b0
[  760.586947][T22625]  write_pipe_buf+0x15d/0x1f0
[  760.591650][T22625]  ? do_splice_direct+0x2a0/0x2a0
[  760.596676][T22625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  760.602923][T22625]  ? splice_from_pipe_next.part.0+0x262/0x300
[  760.608994][T22625]  __splice_from_pipe+0x397/0x7d0
[  760.614014][T22625]  ? do_splice_direct+0x2a0/0x2a0
[  760.619039][T22625]  ? do_splice_direct+0x2a0/0x2a0
[  760.624055][T22625]  splice_from_pipe+0x108/0x170
[  760.628910][T22625]  ? splice_shrink_spd+0xd0/0xd0
[  760.633930][T22625]  ? security_file_permission+0x8f/0x380
[  760.639690][T22625]  default_file_splice_write+0x3c/0x90
[  760.645144][T22625]  ? generic_splice_sendpage+0x50/0x50
[  760.650589][T22625]  direct_splice_actor+0x123/0x190
[  760.655684][T22625]  splice_direct_to_actor+0x366/0x970
[  760.661068][T22625]  ? generic_pipe_buf_nosteal+0x10/0x10
[  760.666614][T22625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  760.672837][T22625]  ? do_splice_to+0x180/0x180
[  760.677502][T22625]  ? rw_verify_area+0x126/0x360
[  760.682342][T22625]  do_splice_direct+0x1da/0x2a0
[  760.687175][T22625]  ? splice_direct_to_actor+0x970/0x970
[  760.692713][T22625]  ? rcu_read_lock_any_held+0xcd/0xf0
[  760.698084][T22625]  ? __this_cpu_preempt_check+0x3a/0x210
[  760.703795][T22625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  760.710025][T22625]  ? __sb_start_write+0x1e5/0x460
[  760.715043][T22625]  do_sendfile+0x597/0xd00
[  760.719462][T22625]  ? do_compat_pwritev64+0x1c0/0x1c0
[  760.724739][T22625]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  760.730962][T22625]  ? put_timespec64+0xda/0x140
[  760.735722][T22625]  __x64_sys_sendfile64+0x1dd/0x220
[  760.740935][T22625]  ? __ia32_sys_sendfile+0x230/0x230
[  760.746249][T22625]  ? do_syscall_64+0x26/0x760
[  760.750940][T22625]  ? lockdep_hardirqs_on+0x421/0x5e0
[  760.756208][T22625]  ? trace_hardirqs_on+0x67/0x240
[  760.761225][T22625]  do_syscall_64+0xfa/0x760
[  760.765739][T22625]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  760.771618][T22625] RIP: 0033:0x459f49
[  760.775503][T22625] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  760.795098][T22625] RSP: 002b:00007f5f5c921c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  760.803506][T22625] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  760.811471][T22625] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  760.819432][T22625] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  760.827393][T22625] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f5f5c9226d4
[  760.835360][T22625] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  760.846941][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  760.852298][T22625] memory: usage 5800kB, limit 0kB, failcnt 460
[  760.869559][T22625] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  760.878332][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  760.887154][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  760.895699][T22625] Memory cgroup stats for /syz3:
[  760.895812][T22625] anon 4259840
[  760.895812][T22625] file 118784
[  760.895812][T22625] kernel_stack 65536
[  760.895812][T22625] slab 1507328
[  760.895812][T22625] sock 81920
[  760.895812][T22625] shmem 24576
[  760.895812][T22625] file_mapped 0
[  760.895812][T22625] file_dirty 135168
[  760.895812][T22625] file_writeback 0
[  760.895812][T22625] anon_thp 4194304
[  760.895812][T22625] inactive_anon 0
[  760.895812][T22625] active_anon 4259840
[  760.895812][T22625] inactive_file 98304
[  760.895812][T22625] active_file 0
[  760.895812][T22625] unevictable 135168
[  760.895812][T22625] slab_reclaimable 540672
[  760.895812][T22625] slab_unreclaimable 966656
[  760.895812][T22625] pgfault 58839
[  760.895812][T22625] pgmajfault 0
[  760.895812][T22625] workingset_refault 0
[  760.895812][T22625] workingset_activate 0
[  760.895812][T22625] workingset_nodereclaim 0
[  760.895812][T22625] pgrefill 8688
[  760.895812][T22625] pgscan 40160
[  760.895812][T22625] pgsteal 9652
[  760.990667][T22625] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22623,uid=0
[  760.993605][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  761.014890][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  761.020164][T22625] Memory cgroup out of memory: Killed process 22623 (syz-executor.3) total-vm:72720kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  761.023672][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  761.049327][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  761.049781][ T1070] oom_reaper: reaped process 22623 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  761.057816][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  761.079601][T22615] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  761.091521][T22615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
10:29:33 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:33 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x900}, 0x0)

10:29:33 executing program 0:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xc0, &(0x7f0000000000)=[{&(0x7f0000000100)="2e0000003500050ad25a80648c6356c10424fc002f0000000a000000053582c1b0acea8b0900018004021700d1bd", 0x2e}], 0x1}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x9, [0x2, 0xff, 0x0, 0x2, 0x3d9, 0x1, 0x4, 0x8, 0x7f]}, &(0x7f0000000080)=0x16)

10:29:33 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
r1 = socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0xed5e0000, 0x0, 0x0, 0x20000fff, 0x0, 0x0, [0x0, 0x5]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003540)=[{0x0, 0x0, 0x0}], 0x1, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000000c0)={0xed5e0000, 0x0, 0x0, 0x20000fff, 0x0, 0x0, [0x0, 0x5]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003540)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}], 0x1, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={0xffffffffffffffff, r2, 0xc19e7917a4a35be1, 0x3}, 0x10)
sendmmsg$alg(r1, &(0x7f0000000140), 0x49249249249232f, 0x0)
r3 = socket(0x10, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000140), 0x49249249249232f, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, 0x0, 0x0)
mmap(&(0x7f0000001000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f00000002c0)=@generic={0x7, 0x0, 0x3})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
openat$cgroup_int(r4, &(0x7f0000000040), 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000480)=ANY=[], 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x8000, 0x0, 0x5}, 0x10)
r5 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000001280)={@mcast1, 0x3f})
writev(r5, &(0x7f0000000700)=[{&(0x7f0000000000)='g', 0x1}], 0x1)

10:29:33 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
r1 = socket(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0xed5e0000, 0x0, 0x0, 0x20000fff, 0x0, 0x0, [0x0, 0x5]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003540)=[{0x0, 0x0, 0x0}], 0x1, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000000c0)={0xed5e0000, 0x0, 0x0, 0x20000fff, 0x0, 0x0, [0x0, 0x5]})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003540)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}], 0x1, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={0xffffffffffffffff, r2, 0xc19e7917a4a35be1, 0x3}, 0x10)
sendmmsg$alg(r1, &(0x7f0000000140), 0x49249249249232f, 0x0)
r3 = socket(0x10, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000140), 0x49249249249232f, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, 0x0, 0x0)
mmap(&(0x7f0000001000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f00000002c0)=@generic={0x7, 0x0, 0x3})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
openat$cgroup_int(r4, &(0x7f0000000040), 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000480)=ANY=[], 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x8000, 0x0, 0x5}, 0x10)
r5 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000001280)={@mcast1, 0x3f})
writev(r5, &(0x7f0000000700)=[{&(0x7f0000000000)='g', 0x1}], 0x1)

[  761.107107][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  761.144825][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  761.157029][T22592] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  761.189209][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  761.195705][T22592] CPU: 1 PID: 22592 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  761.204867][T22592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  761.214930][T22592] Call Trace:
[  761.218234][T22592]  dump_stack+0x172/0x1f0
[  761.222583][T22592]  dump_header+0x10b/0x82d
[  761.227013][T22592]  ? oom_kill_process+0x94/0x3f0
[  761.231979][T22592]  oom_kill_process.cold+0x10/0x15
[  761.237110][T22592]  out_of_memory+0x334/0x1340
[  761.241820][T22592]  ? lock_downgrade+0x920/0x920
[  761.246695][T22592]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  761.252607][T22592]  ? oom_killer_disable+0x280/0x280
[  761.257835][T22592]  mem_cgroup_out_of_memory+0x1d8/0x240
[  761.263397][T22592]  ? memcg_stat_show+0xc40/0xc40
[  761.268351][T22592]  ? do_raw_spin_unlock+0x57/0x270
[  761.273478][T22592]  ? _raw_spin_unlock+0x2d/0x50
[  761.278357][T22592]  try_charge+0xf4b/0x1440
[  761.282812][T22592]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  761.288402][T22592]  ? __rcu_read_unlock+0x220/0x6b0
[  761.293548][T22592]  ? __kasan_check_read+0x11/0x20
[  761.298596][T22592]  ? get_mem_cgroup_from_mm+0x156/0x320
[  761.304947][T22592]  mem_cgroup_try_charge+0x136/0x590
[  761.310260][T22592]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  761.315909][T22592]  __handle_mm_fault+0x1f0d/0x4040
[  761.321041][T22592]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  761.326600][T22592]  ? handle_mm_fault+0x292/0xaa0
[  761.331559][T22592]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  761.337815][T22592]  ? __kasan_check_read+0x11/0x20
[  761.342860][T22592]  handle_mm_fault+0x3b7/0xaa0
[  761.347643][T22592]  __do_page_fault+0x536/0xdd0
[  761.352431][T22592]  do_page_fault+0x38/0x590
[  761.356946][T22592]  page_fault+0x39/0x40
[  761.361107][T22592] RIP: 0033:0x43049c
[  761.365005][T22592] Code: 83 c0 17 41 55 41 54 55 53 48 89 c5 48 83 e5 f0 48 89 fb 48 81 ec 98 00 00 00 48 83 f8 20 b8 20 00 00 00 48 0f 42 e8 48 85 ff <48> 89 74 24 08 0f 84 3a 08 00 00 48 3b 2d 4a 68 64 00 77 70 89 ef
[  761.384611][T22592] RSP: 002b:00007ffdf9ebff90 EFLAGS: 00010202
[  761.390686][T22592] RAX: 0000000000000020 RBX: 0000000000716640 RCX: 00000000004592b4
[  761.398669][T22592] RDX: 00007ffdf9ec0080 RSI: 0000000000008030 RDI: 0000000000716640
[  761.406652][T22592] RBP: 0000000000008040 R08: 0000000000000001 R09: 0000000001476940
[  761.414630][T22592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdf9ec1260
[  761.422613][T22592] R13: 00007ffdf9ec1250 R14: 0000000000000000 R15: 00007ffdf9ec1260
[  761.437627][    C0] net_ratelimit: 6 callbacks suppressed
[  761.437635][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  761.449072][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:29:33 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$vsock_dgram(0x28, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
syz_genetlink_get_family_id$ipvs(0x0)
r3 = socket$inet6(0xa, 0x8000a, 0x3ff)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, 0x0)
recvfrom$rxrpc(0xffffffffffffffff, &(0x7f0000000280)=""/158, 0x9e, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
setsockopt$bt_BT_CHANNEL_POLICY(r2, 0x112, 0xa, &(0x7f0000000480)=0x100, 0x3aa1c51c680336b9)
ioctl(0xffffffffffffffff, 0x2000008912, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00')
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000004}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x100, 0x70bd27, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4004800)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f00000000c0)={'veth1_to_bridge\x00', 0x400})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x0, 0x0, 0x0, 0x1}, 0x20)
syz_emit_ethernet(0x1, &(0x7f0000000580)=ANY=[@ANYRESOCT=0x0], 0x0)
socket$packet(0x11, 0x3, 0x300)
unshare(0x40000000)
getsockopt$sock_timeval(r2, 0x1, 0x0, &(0x7f0000000400), &(0x7f0000000440)=0x10)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x1eb3ca58abd14921)
r5 = socket$inet6(0xa, 0x208000a, 0x80000001)
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0x0, 0x8, 0x0, 0xfffffffffffffd92}, 0x8)
socket$nl_generic(0xa, 0x5, 0x84)
sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r4, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x7}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x4000000)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f0000000700)=ANY=[@ANYBLOB="1ab78ac9c3bbf44ba74eadda564ef901f51000000001000000739fc57c1c839314d23246e6e5c56350e641cd4c5f4c04b4c032a5a8f187c040e1438d00e363943c7dcb7a0e743bf9c8cdd199cec1536ede371a2706c6f3fa38ec4d369d12cca4136fa75c998e9f7a13f12e93d4aee98c343f91cb1c3ad579e1a9274c07d281dc983020afbde97a62f430edc31e567f63df1882881c5fd74e58b8e51aa4b0ab3e3c10018a15104c8daa693531199ac7a522948ceead09c74d0233d7eb7209d3e4dc4dba82e0c05f011f3b3a6743d27717ecf90a467c71a55767a475d9bbdd346f63a92badf10d44a5c2023ff21f1798c8bb4755a8"]})
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYBLOB="06a0429a85003fe8f7907cd93088866f9cabfd29355b324748040fe52b318e578b760eb4bc765cef5b1744dbc52b721a24f1552e80216953c678f6d1bd006fe18b67176332635673f6773bece87c30ac9c6af6a09dc9b959c818343300b32863ad3ab11415ac568a1b6a98b23feba267f42a57104c4948eb7e43c17a63312aa30249467e2e"])
ioctl$FICLONE(r2, 0x40049409, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, 0x0, 0x0)
syz_emit_ethernet(0x1e, &(0x7f0000000140)=ANY=[@ANYBLOB="c502aaaa8abbaaaa0203ff4500"/30], 0x0)
close(r1)
poll(&(0x7f0000000040)=[{}], 0x20000000000000e6, 0x0)

[  761.455971][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  761.461783][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  761.467635][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  761.473418][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  761.473610][T22615] 8021q: adding VLAN 0 to HW filter on device batadv0
[  761.486105][T22592] memory: usage 1372kB, limit 0kB, failcnt 468
[  761.495669][T22592] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  761.517993][T22592] Memory cgroup stats for /syz3:
[  761.518096][T22592] anon 61440
[  761.518096][T22592] file 118784
[  761.518096][T22592] kernel_stack 0
[  761.518096][T22592] slab 1507328
[  761.518096][T22592] sock 81920
[  761.518096][T22592] shmem 24576
[  761.518096][T22592] file_mapped 0
[  761.518096][T22592] file_dirty 135168
[  761.518096][T22592] file_writeback 0
[  761.518096][T22592] anon_thp 0
[  761.518096][T22592] inactive_anon 0
[  761.518096][T22592] active_anon 61440
[  761.518096][T22592] inactive_file 98304
10:29:34 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071")
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r1}], 0x1, 0x81)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000000)=0x8, 0x4)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r3 = socket(0x400000000000010, 0x802, 0x0)
write(r3, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24)
setsockopt$sock_linger(r2, 0x1, 0x2b, &(0x7f0000000100), 0x8)

[  761.518096][T22592] active_file 0
[  761.518096][T22592] unevictable 135168
[  761.518096][T22592] slab_reclaimable 540672
[  761.518096][T22592] slab_unreclaimable 966656
[  761.518096][T22592] pgfault 58839
[  761.518096][T22592] pgmajfault 0
[  761.518096][T22592] workingset_refault 0
[  761.518096][T22592] workingset_activate 0
[  761.518096][T22592] workingset_nodereclaim 0
[  761.518096][T22592] pgrefill 8688
[  761.518096][T22592] pgscan 40160
[  761.518096][T22592] pgsteal 9652
[  761.518096][T22592] pgactivate 11286
10:29:34 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xa00}, 0x0)

[  761.715836][T22637] IPVS: ftp: loaded support on port[0] = 21
[  761.721956][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  761.722011][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  761.828019][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  761.833910][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  761.853219][T22592] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22592,uid=0
[  761.878740][T22592] Memory cgroup out of memory: Killed process 22592 (syz-executor.3) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  761.925893][ T1070] oom_reaper: reaped process 22592 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
10:29:34 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xe00}, 0x0)

[  762.026469][T22655] IPVS: ftp: loaded support on port[0] = 21
[  762.296488][T22670] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  762.315586][T22670] CPU: 0 PID: 22670 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  762.323514][T22670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  762.333571][T22670] Call Trace:
[  762.336874][T22670]  dump_stack+0x172/0x1f0
[  762.341211][T22670]  dump_header+0x10b/0x82d
[  762.345632][T22670]  oom_kill_process.cold+0x10/0x15
[  762.350756][T22670]  out_of_memory+0x334/0x1340
[  762.355438][T22670]  ? __sched_text_start+0x8/0x8
[  762.360304][T22670]  ? oom_killer_disable+0x280/0x280
[  762.365529][T22670]  mem_cgroup_out_of_memory+0x1d8/0x240
[  762.371075][T22670]  ? memcg_stat_show+0xc40/0xc40
[  762.376033][T22670]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  762.381843][T22670]  ? cgroup_file_notify+0x140/0x1b0
[  762.387045][T22670]  memory_max_write+0x262/0x3a0
[  762.391992][T22670]  ? mem_cgroup_write+0x370/0x370
[  762.397018][T22670]  ? lock_acquire+0x190/0x410
[  762.401701][T22670]  ? kernfs_fop_write+0x227/0x480
[  762.406747][T22670]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  762.412307][T22670]  cgroup_file_write+0x241/0x790
[  762.417272][T22670]  ? mem_cgroup_write+0x370/0x370
[  762.422405][T22670]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  762.428032][T22670]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  762.433678][T22670]  kernfs_fop_write+0x2b8/0x480
[  762.438515][T22670]  __vfs_write+0x8a/0x110
[  762.442828][T22670]  ? kernfs_fop_open+0xd80/0xd80
[  762.447746][T22670]  __kernel_write+0x11b/0x3b0
[  762.452406][T22670]  write_pipe_buf+0x15d/0x1f0
[  762.457086][T22670]  ? do_splice_direct+0x2a0/0x2a0
[  762.462113][T22670]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  762.468377][T22670]  ? splice_from_pipe_next.part.0+0x262/0x300
[  762.474455][T22670]  __splice_from_pipe+0x397/0x7d0
[  762.479465][T22670]  ? do_splice_direct+0x2a0/0x2a0
[  762.484485][T22670]  ? do_splice_direct+0x2a0/0x2a0
[  762.489512][T22670]  splice_from_pipe+0x108/0x170
[  762.494345][T22670]  ? splice_shrink_spd+0xd0/0xd0
[  762.499268][T22670]  ? security_file_permission+0x8f/0x380
[  762.504881][T22670]  default_file_splice_write+0x3c/0x90
[  762.510331][T22670]  ? generic_splice_sendpage+0x50/0x50
[  762.515783][T22670]  direct_splice_actor+0x123/0x190
[  762.520899][T22670]  splice_direct_to_actor+0x366/0x970
[  762.526251][T22670]  ? generic_pipe_buf_nosteal+0x10/0x10
[  762.531792][T22670]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  762.538016][T22670]  ? do_splice_to+0x180/0x180
[  762.542687][T22670]  ? rw_verify_area+0x126/0x360
[  762.547529][T22670]  do_splice_direct+0x1da/0x2a0
[  762.552374][T22670]  ? splice_direct_to_actor+0x970/0x970
[  762.558009][T22670]  ? rcu_read_lock_any_held+0xcd/0xf0
[  762.563392][T22670]  ? __this_cpu_preempt_check+0x3a/0x210
[  762.569013][T22670]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  762.575237][T22670]  ? __sb_start_write+0x1e5/0x460
[  762.580266][T22670]  do_sendfile+0x597/0xd00
[  762.584670][T22670]  ? do_compat_pwritev64+0x1c0/0x1c0
[  762.589943][T22670]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  762.596175][T22670]  ? put_timespec64+0xda/0x140
[  762.600927][T22670]  __x64_sys_sendfile64+0x1dd/0x220
[  762.606116][T22670]  ? __ia32_sys_sendfile+0x230/0x230
[  762.611414][T22670]  ? do_syscall_64+0x26/0x760
[  762.616086][T22670]  ? lockdep_hardirqs_on+0x421/0x5e0
[  762.621368][T22670]  ? trace_hardirqs_on+0x67/0x240
[  762.626381][T22670]  do_syscall_64+0xfa/0x760
[  762.630884][T22670]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  762.636777][T22670] RIP: 0033:0x459f49
[  762.640662][T22670] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  762.660256][T22670] RSP: 002b:00007fd1eebf9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  762.668657][T22670] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  762.676620][T22670] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  762.684580][T22670] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  762.692632][T22670] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fd1eebfa6d4
[  762.700589][T22670] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  762.713763][T22670] memory: usage 3204kB, limit 0kB, failcnt 227
[  762.720320][T22670] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  762.727344][T22670] Memory cgroup stats for /syz2:
[  762.727666][T22670] anon 147456
[  762.727666][T22670] file 0
[  762.727666][T22670] kernel_stack 131072
[  762.727666][T22670] slab 3092480
[  762.727666][T22670] sock 4096
[  762.727666][T22670] shmem 20480
[  762.727666][T22670] file_mapped 0
[  762.727666][T22670] file_dirty 0
[  762.727666][T22670] file_writeback 0
[  762.727666][T22670] anon_thp 0
[  762.727666][T22670] inactive_anon 90112
[  762.727666][T22670] active_anon 147456
[  762.727666][T22670] inactive_file 0
[  762.727666][T22670] active_file 122880
[  762.727666][T22670] unevictable 0
[  762.727666][T22670] slab_reclaimable 1622016
[  762.727666][T22670] slab_unreclaimable 1470464
[  762.727666][T22670] pgfault 64383
[  762.727666][T22670] pgmajfault 0
[  762.727666][T22670] workingset_refault 0
[  762.727666][T22670] workingset_activate 0
[  762.727666][T22670] workingset_nodereclaim 0
[  762.727666][T22670] pgrefill 11187
[  762.727666][T22670] pgscan 19977
[  762.727666][T22670] pgsteal 3058
[  762.727666][T22670] pgactivate 11385
[  762.732880][T22670] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22615,uid=0
[  762.857188][T22670] Memory cgroup out of memory: Killed process 22615 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  762.882498][ T1070] oom_reaper: reaped process 22615 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  763.020144][T22674] IPVS: ftp: loaded support on port[0] = 21
10:29:35 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:35 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x8010000400000084)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r1}], 0x1, 0x81)
write$nbd(r1, &(0x7f0000000000)={0x67446698, 0x1, 0x2, 0x1, 0x3, "fea4ee3a02adf9a0b79d6e75e41a6b132c6ccb62aa45fc6a9f9634bd27ef7eae"}, 0x30)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0xe23, 0x8, @dev={0xfe, 0x80, [], 0x1f}, 0x2}], 0x1c)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x0, &(0x7f0000000140)={0x9, {{0x2, 0x4e21, @multicast1}}, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xc}}}}, 0x108)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f00000002c0)={<r6=>0x0, 0x8000}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000380)={r6, @in={{0x2, 0x4e24, @empty}}, 0x800, 0x28}, &(0x7f0000000700)=0x90)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000440)={0x0, @in={{0xa, 0x0, @multicast1}}, 0x0, 0x0, 0x0, 0x2, 0x2e}, 0x98)

10:29:35 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:35 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x1100}, 0x0)

[  763.634834][T22674] chnl_net:caif_netlink_parms(): no params data found
10:29:36 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x1800}, 0x0)

[  763.812177][T22674] bridge0: port 1(bridge_slave_0) entered blocking state
[  763.828342][T22674] bridge0: port 1(bridge_slave_0) entered disabled state
[  763.845868][T22674] device bridge_slave_0 entered promiscuous mode
[  764.847208][T22674] bridge0: port 2(bridge_slave_1) entered blocking state
[  764.854560][T22674] bridge0: port 2(bridge_slave_1) entered disabled state
[  764.862757][T22674] device bridge_slave_1 entered promiscuous mode
[  764.884255][T22674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  764.904753][T22674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  765.273734][T22695] IPVS: ftp: loaded support on port[0] = 21
[  765.291907][T22674] team0: Port device team_slave_0 added
[  765.300407][T22674] team0: Port device team_slave_1 added
[  765.710831][T22674] device hsr_slave_0 entered promiscuous mode
[  765.768185][T22674] device hsr_slave_1 entered promiscuous mode
[  765.827660][T22674] debugfs: Directory 'hsr0' with parent '/' already present!
[  766.561827][T22695] chnl_net:caif_netlink_parms(): no params data found
[  766.894796][T22695] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.902093][T22695] bridge0: port 1(bridge_slave_0) entered disabled state
[  766.910226][T22695] device bridge_slave_0 entered promiscuous mode
[  766.918387][T22695] bridge0: port 2(bridge_slave_1) entered blocking state
[  766.925437][T22695] bridge0: port 2(bridge_slave_1) entered disabled state
[  766.933284][T22695] device bridge_slave_1 entered promiscuous mode
[  766.954237][T22695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  766.965322][T22695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.280704][T22695] team0: Port device team_slave_0 added
[  767.295537][T22695] team0: Port device team_slave_1 added
[  767.629586][T22695] device hsr_slave_0 entered promiscuous mode
[  767.679320][T22695] device hsr_slave_1 entered promiscuous mode
[  767.717684][T22695] debugfs: Directory 'hsr0' with parent '/' already present!
[  767.731846][T22674] 8021q: adding VLAN 0 to HW filter on device bond0
[  768.042287][T22674] 8021q: adding VLAN 0 to HW filter on device team0
[  768.050910][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  768.059695][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  768.075823][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  768.087136][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  768.095847][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  768.102979][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  768.111306][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  768.120136][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  768.128559][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  768.135586][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  768.157345][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  768.165495][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  768.174268][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  768.184309][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  768.193473][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  768.202674][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  768.223066][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  768.232599][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  768.247698][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  768.256160][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  768.264809][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  768.273668][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  768.313616][T22674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  768.341275][T22695] 8021q: adding VLAN 0 to HW filter on device bond0
[  768.405756][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  768.414884][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  768.425915][T22674] 8021q: adding VLAN 0 to HW filter on device batadv0
[  768.436826][T22695] 8021q: adding VLAN 0 to HW filter on device team0
[  768.450793][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  768.460774][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  768.470076][T14991] bridge0: port 1(bridge_slave_0) entered blocking state
[  768.477136][T14991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  768.538299][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  768.547213][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  768.556664][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  768.565524][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  768.572641][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  768.581259][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  768.589969][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  768.598826][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  768.607315][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  768.616073][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  768.718219][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  768.727058][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  768.747212][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  768.754820][T22704] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  768.756137][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  768.772164][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  768.781319][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  768.792177][T11615] device bridge_slave_1 left promiscuous mode
[  768.799637][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  768.838967][T11615] device bridge_slave_0 left promiscuous mode
[  768.845270][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  768.889999][T11615] device bridge_slave_1 left promiscuous mode
[  768.896351][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  768.938759][T11615] device bridge_slave_0 left promiscuous mode
[  768.945050][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  768.999748][T11615] device bridge_slave_1 left promiscuous mode
[  769.005961][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.058981][T11615] device bridge_slave_0 left promiscuous mode
[  769.065246][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  769.111413][T11615] device bridge_slave_1 left promiscuous mode
[  769.118730][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.169090][T11615] device bridge_slave_0 left promiscuous mode
[  769.175298][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  769.543180][T22705] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
10:29:42 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$vsock_dgram(0x28, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
syz_genetlink_get_family_id$ipvs(0x0)
r3 = socket$inet6(0xa, 0x8000a, 0x3ff)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, 0x0)
recvfrom$rxrpc(0xffffffffffffffff, &(0x7f0000000280)=""/158, 0x9e, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
setsockopt$bt_BT_CHANNEL_POLICY(r2, 0x112, 0xa, &(0x7f0000000480)=0x100, 0x3aa1c51c680336b9)
ioctl(0xffffffffffffffff, 0x2000008912, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00')
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000004}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x100, 0x70bd27, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4004800)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f00000000c0)={'veth1_to_bridge\x00', 0x400})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x0, 0x0, 0x0, 0x1}, 0x20)
syz_emit_ethernet(0x1, &(0x7f0000000580)=ANY=[@ANYRESOCT=0x0], 0x0)
socket$packet(0x11, 0x3, 0x300)
unshare(0x40000000)
getsockopt$sock_timeval(r2, 0x1, 0x0, &(0x7f0000000400), &(0x7f0000000440)=0x10)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x1eb3ca58abd14921)
r5 = socket$inet6(0xa, 0x208000a, 0x80000001)
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0x0, 0x8, 0x0, 0xfffffffffffffd92}, 0x8)
socket$nl_generic(0xa, 0x5, 0x84)
sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r4, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x7}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x4000000)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f0000000700)=ANY=[@ANYBLOB="1ab78ac9c3bbf44ba74eadda564ef901f51000000001000000739fc57c1c839314d23246e6e5c56350e641cd4c5f4c04b4c032a5a8f187c040e1438d00e363943c7dcb7a0e743bf9c8cdd199cec1536ede371a2706c6f3fa38ec4d369d12cca4136fa75c998e9f7a13f12e93d4aee98c343f91cb1c3ad579e1a9274c07d281dc983020afbde97a62f430edc31e567f63df1882881c5fd74e58b8e51aa4b0ab3e3c10018a15104c8daa693531199ac7a522948ceead09c74d0233d7eb7209d3e4dc4dba82e0c05f011f3b3a6743d27717ecf90a467c71a55767a475d9bbdd346f63a92badf10d44a5c2023ff21f1798c8bb4755a8"]})
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYBLOB="06a0429a85003fe8f7907cd93088866f9cabfd29355b324748040fe52b318e578b760eb4bc765cef5b1744dbc52b721a24f1552e80216953c678f6d1bd006fe18b67176332635673f6773bece87c30ac9c6af6a09dc9b959c818343300b32863ad3ab11415ac568a1b6a98b23feba267f42a57104c4948eb7e43c17a63312aa30249467e2e"])
ioctl$FICLONE(r2, 0x40049409, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, 0x0, 0x0)
syz_emit_ethernet(0x1e, &(0x7f0000000140)=ANY=[@ANYBLOB="c502aaaa8abbaaaa0203ff4500"/30], 0x0)
close(r1)
poll(&(0x7f0000000040)=[{}], 0x20000000000000e6, 0x0)

10:29:42 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:42 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:42 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x3580}, 0x0)

10:29:42 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$vsock_dgram(0x28, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
syz_genetlink_get_family_id$ipvs(0x0)
r3 = socket$inet6(0xa, 0x8000a, 0x3ff)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, 0x0)
recvfrom$rxrpc(0xffffffffffffffff, &(0x7f0000000280)=""/158, 0x9e, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
setsockopt$bt_BT_CHANNEL_POLICY(r2, 0x112, 0xa, &(0x7f0000000480)=0x100, 0x3aa1c51c680336b9)
ioctl(0xffffffffffffffff, 0x2000008912, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00')
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000004}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x100, 0x70bd27, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4004800)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f00000000c0)={'veth1_to_bridge\x00', 0x400})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x0, 0x0, 0x0, 0x1}, 0x20)
syz_emit_ethernet(0x1, &(0x7f0000000580)=ANY=[@ANYRESOCT=0x0], 0x0)
socket$packet(0x11, 0x3, 0x300)
unshare(0x40000000)
getsockopt$sock_timeval(r2, 0x1, 0x0, &(0x7f0000000400), &(0x7f0000000440)=0x10)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x1eb3ca58abd14921)
r5 = socket$inet6(0xa, 0x208000a, 0x80000001)
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0x0, 0x8, 0x0, 0xfffffffffffffd92}, 0x8)
socket$nl_generic(0xa, 0x5, 0x84)
sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r4, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x7}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x4000000)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f0000000700)=ANY=[@ANYBLOB="1ab78ac9c3bbf44ba74eadda564ef901f51000000001000000739fc57c1c839314d23246e6e5c56350e641cd4c5f4c04b4c032a5a8f187c040e1438d00e363943c7dcb7a0e743bf9c8cdd199cec1536ede371a2706c6f3fa38ec4d369d12cca4136fa75c998e9f7a13f12e93d4aee98c343f91cb1c3ad579e1a9274c07d281dc983020afbde97a62f430edc31e567f63df1882881c5fd74e58b8e51aa4b0ab3e3c10018a15104c8daa693531199ac7a522948ceead09c74d0233d7eb7209d3e4dc4dba82e0c05f011f3b3a6743d27717ecf90a467c71a55767a475d9bbdd346f63a92badf10d44a5c2023ff21f1798c8bb4755a8"]})
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYBLOB="06a0429a85003fe8f7907cd93088866f9cabfd29355b324748040fe52b318e578b760eb4bc765cef5b1744dbc52b721a24f1552e80216953c678f6d1bd006fe18b67176332635673f6773bece87c30ac9c6af6a09dc9b959c818343300b32863ad3ab11415ac568a1b6a98b23feba267f42a57104c4948eb7e43c17a63312aa30249467e2e"])
ioctl$FICLONE(r2, 0x40049409, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, 0x0, 0x0)
syz_emit_ethernet(0x1e, &(0x7f0000000140)=ANY=[@ANYBLOB="c502aaaa8abbaaaa0203ff4500"/30], 0x0)
close(r1)
poll(&(0x7f0000000040)=[{}], 0x20000000000000e6, 0x0)

[  769.731419][T22711] IPVS: ftp: loaded support on port[0] = 21
[  769.747617][    C0] net_ratelimit: 8 callbacks suppressed
[  769.747626][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  769.759032][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  769.764864][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  769.770716][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  769.838481][T22720] IPVS: ftp: loaded support on port[0] = 21
[  770.046007][T22717] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  770.075200][T22717] CPU: 0 PID: 22717 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  770.083126][T22717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  770.093202][T22717] Call Trace:
[  770.096496][T22717]  dump_stack+0x172/0x1f0
[  770.100924][T22717]  dump_header+0x10b/0x82d
[  770.105348][T22717]  oom_kill_process.cold+0x10/0x15
[  770.110464][T22717]  out_of_memory+0x334/0x1340
[  770.115156][T22717]  ? __sched_text_start+0x8/0x8
[  770.120016][T22717]  ? oom_killer_disable+0x280/0x280
[  770.125225][T22717]  mem_cgroup_out_of_memory+0x1d8/0x240
[  770.130779][T22717]  ? memcg_stat_show+0xc40/0xc40
[  770.135745][T22717]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  770.141557][T22717]  ? cgroup_file_notify+0x140/0x1b0
[  770.146760][T22717]  memory_max_write+0x262/0x3a0
[  770.151623][T22717]  ? mem_cgroup_write+0x370/0x370
[  770.156652][T22717]  ? lock_acquire+0x190/0x410
[  770.161333][T22717]  ? kernfs_fop_write+0x227/0x480
[  770.166357][T22717]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  770.171906][T22717]  cgroup_file_write+0x241/0x790
[  770.176851][T22717]  ? mem_cgroup_write+0x370/0x370
[  770.181882][T22717]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  770.187520][T22717]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  770.193175][T22717]  kernfs_fop_write+0x2b8/0x480
[  770.198033][T22717]  __vfs_write+0x8a/0x110
[  770.202364][T22717]  ? kernfs_fop_open+0xd80/0xd80
[  770.207303][T22717]  __kernel_write+0x11b/0x3b0
[  770.211989][T22717]  write_pipe_buf+0x15d/0x1f0
[  770.216669][T22717]  ? do_splice_direct+0x2a0/0x2a0
[  770.221702][T22717]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  770.227966][T22717]  ? splice_from_pipe_next.part.0+0x262/0x300
[  770.234057][T22717]  __splice_from_pipe+0x397/0x7d0
[  770.239090][T22717]  ? do_splice_direct+0x2a0/0x2a0
[  770.244128][T22717]  ? do_splice_direct+0x2a0/0x2a0
[  770.249152][T22717]  splice_from_pipe+0x108/0x170
[  770.254061][T22717]  ? splice_shrink_spd+0xd0/0xd0
[  770.259004][T22717]  ? security_file_permission+0x8f/0x380
[  770.264624][T22717]  default_file_splice_write+0x3c/0x90
[  770.270067][T22717]  ? generic_splice_sendpage+0x50/0x50
[  770.275550][T22717]  direct_splice_actor+0x123/0x190
[  770.280676][T22717]  splice_direct_to_actor+0x366/0x970
[  770.286044][T22717]  ? generic_pipe_buf_nosteal+0x10/0x10
[  770.291577][T22717]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  770.297822][T22717]  ? do_splice_to+0x180/0x180
[  770.302495][T22717]  ? rw_verify_area+0x126/0x360
[  770.307339][T22717]  do_splice_direct+0x1da/0x2a0
[  770.312203][T22717]  ? splice_direct_to_actor+0x970/0x970
[  770.317743][T22717]  ? rcu_read_lock_any_held+0xcd/0xf0
[  770.323104][T22717]  ? __this_cpu_preempt_check+0x3a/0x210
[  770.328729][T22717]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  770.334953][T22717]  ? __sb_start_write+0x1e5/0x460
[  770.339964][T22717]  do_sendfile+0x597/0xd00
[  770.344393][T22717]  ? do_compat_pwritev64+0x1c0/0x1c0
[  770.349663][T22717]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  770.355908][T22717]  ? put_timespec64+0xda/0x140
[  770.360661][T22717]  __x64_sys_sendfile64+0x1dd/0x220
[  770.365846][T22717]  ? __ia32_sys_sendfile+0x230/0x230
[  770.371115][T22717]  ? do_syscall_64+0x26/0x760
[  770.375798][T22717]  ? lockdep_hardirqs_on+0x421/0x5e0
[  770.381081][T22717]  ? trace_hardirqs_on+0x67/0x240
[  770.386113][T22717]  do_syscall_64+0xfa/0x760
[  770.390613][T22717]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  770.396488][T22717] RIP: 0033:0x459f49
[  770.400379][T22717] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  770.419978][T22717] RSP: 002b:00007f423b9a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  770.428398][T22717] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  770.436371][T22717] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  770.444328][T22717] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  770.452284][T22717] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f423b9a46d4
[  770.460244][T22717] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  770.469084][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  770.474872][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  770.480932][T22717] memory: usage 4080kB, limit 0kB, failcnt 112
[  770.487098][T22717] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  770.494057][T22717] Memory cgroup stats for /syz4:
[  770.494160][T22717] anon 299008
[  770.494160][T22717] file 114688
[  770.494160][T22717] kernel_stack 196608
[  770.494160][T22717] slab 3809280
[  770.494160][T22717] sock 69632
[  770.494160][T22717] shmem 0
[  770.494160][T22717] file_mapped 0
[  770.494160][T22717] file_dirty 0
[  770.494160][T22717] file_writeback 0
[  770.494160][T22717] anon_thp 0
[  770.494160][T22717] inactive_anon 135168
[  770.494160][T22717] active_anon 212992
[  770.494160][T22717] inactive_file 0
[  770.494160][T22717] active_file 110592
[  770.494160][T22717] unevictable 0
[  770.494160][T22717] slab_reclaimable 1757184
[  770.494160][T22717] slab_unreclaimable 2052096
[  770.494160][T22717] pgfault 47586
[  770.494160][T22717] pgmajfault 0
[  770.494160][T22717] workingset_refault 0
[  770.494160][T22717] workingset_activate 0
[  770.494160][T22717] workingset_nodereclaim 0
[  770.494160][T22717] pgrefill 3192
[  770.494160][T22717] pgscan 15485
[  770.494160][T22717] pgsteal 3950
[  770.494160][T22717] pgactivate 5181
[  770.593327][T22717] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22712,uid=0
[  770.616224][T22717] Memory cgroup out of memory: Killed process 22717 (syz-executor.4) total-vm:72980kB, anon-rss:168kB, file-rss:35968kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  770.635128][ T1070] oom_reaper: reaped process 22717 (syz-executor.4), now anon-rss:0kB, file-rss:35008kB, shmem-rss:0kB
10:29:43 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
ioctl$SIOCRSSCAUSE(r2, 0x89e1, &(0x7f0000000040)=0x400)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000), 0x8)
connect$inet6(r0, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

[  770.741341][T20822] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0
[  770.785060][T20822] CPU: 0 PID: 20822 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  770.792993][T20822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  770.803131][T20822] Call Trace:
[  770.806432][T20822]  dump_stack+0x172/0x1f0
[  770.810752][T20822]  dump_header+0x10b/0x82d
[  770.815156][T20822]  ? oom_kill_process+0x94/0x3f0
[  770.820084][T20822]  oom_kill_process.cold+0x10/0x15
[  770.825194][T20822]  out_of_memory+0x334/0x1340
[  770.829852][T20822]  ? lock_downgrade+0x920/0x920
[  770.834789][T20822]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  770.840576][T20822]  ? oom_killer_disable+0x280/0x280
[  770.845756][T20822]  mem_cgroup_out_of_memory+0x1d8/0x240
[  770.851288][T20822]  ? memcg_stat_show+0xc40/0xc40
[  770.856204][T20822]  ? do_raw_spin_unlock+0x57/0x270
[  770.861309][T20822]  ? _raw_spin_unlock+0x2d/0x50
[  770.866143][T20822]  try_charge+0xf4b/0x1440
[  770.870571][T20822]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  770.876116][T20822]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  770.881644][T20822]  ? cache_grow_begin+0x122/0xd20
[  770.886653][T20822]  ? find_held_lock+0x35/0x130
[  770.891401][T20822]  ? cache_grow_begin+0x122/0xd20
[  770.896417][T20822]  __memcg_kmem_charge_memcg+0x7c/0x130
[  770.901946][T20822]  ? lock_downgrade+0x920/0x920
[  770.906775][T20822]  ? memcg_kmem_put_cache+0x50/0x50
[  770.911950][T20822]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  770.918177][T20822]  ? __kasan_check_read+0x11/0x20
[  770.923200][T20822]  cache_grow_begin+0x629/0xd20
[  770.928040][T20822]  ? write_comp_data+0x11/0x70
[  770.932805][T20822]  ? mempolicy_slab_node+0x139/0x390
[  770.938080][T20822]  fallback_alloc+0x1fd/0x2d0
[  770.942745][T20822]  ____cache_alloc_node+0x1bc/0x1d0
[  770.947930][T20822]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  770.954162][T20822]  kmem_cache_alloc_node_trace+0xec/0x750
[  770.959868][T20822]  ? lock_downgrade+0x920/0x920
[  770.964720][T20822]  __kmalloc_node+0x3d/0x70
[  770.969202][T20822]  kvmalloc_node+0x68/0x100
[  770.973717][T20822]  xt_alloc_table_info+0x41/0xa0
[  770.978652][T20822]  do_ip6t_set_ctl+0x260/0x49e
[  770.983417][T20822]  ? compat_do_ip6t_set_ctl+0x170/0x170
[  770.988966][T20822]  ? mutex_unlock+0xd/0x10
[  770.993360][T20822]  ? nf_sockopt_find.constprop.0+0x226/0x290
[  770.999340][T20822]  nf_setsockopt+0x77/0xd0
[  771.003760][T20822]  ipv6_setsockopt+0x13e/0x170
[  771.008553][T20822]  tcp_setsockopt+0x8f/0xe0
[  771.013076][T20822]  sock_common_setsockopt+0x94/0xd0
[  771.018324][T20822]  __sys_setsockopt+0x261/0x4c0
[  771.023189][T20822]  ? sock_create_kern+0x50/0x50
[  771.028053][T20822]  ? __sys_getsockopt+0x1b2/0x310
[  771.033090][T20822]  ? handle_mm_fault+0x4b0/0xaa0
[  771.038040][T20822]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  771.043510][T20822]  ? do_syscall_64+0x26/0x760
[  771.048198][T20822]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  771.054266][T20822]  ? do_syscall_64+0x26/0x760
[  771.058955][T20822]  __x64_sys_setsockopt+0xbe/0x150
[  771.064074][T20822]  do_syscall_64+0xfa/0x760
[  771.068586][T20822]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  771.074476][T20822] RIP: 0033:0x45ca7a
[  771.078395][T20822] Code: 49 89 ca b8 37 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 6a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 4a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00
[  771.098001][T20822] RSP: 002b:00007ffe81a3f9f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000036
[  771.106439][T20822] RAX: ffffffffffffffda RBX: 00007ffe81a3fa20 RCX: 000000000045ca7a
[  771.114396][T20822] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  771.122434][T20822] RBP: 0000000000713cc0 R08: 00000000000002e8 R09: 0000000000004000
[  771.130402][T20822] R10: 0000000000712fa0 R11: 0000000000000202 R12: 0000000000000003
[  771.138364][T20822] R13: 0000000000000000 R14: 0000000000000029 R15: 0000000000712f40
[  771.146844][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  771.152672][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  771.162038][T20822] memory: usage 3608kB, limit 0kB, failcnt 124
[  771.168421][T20822] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  771.175399][T20822] Memory cgroup stats for /syz4:
[  771.175533][T20822] anon 143360
[  771.175533][T20822] file 0
[  771.175533][T20822] kernel_stack 0
[  771.175533][T20822] slab 3809280
[  771.175533][T20822] sock 69632
[  771.175533][T20822] shmem 0
[  771.175533][T20822] file_mapped 0
[  771.175533][T20822] file_dirty 0
[  771.175533][T20822] file_writeback 0
[  771.175533][T20822] anon_thp 0
[  771.175533][T20822] inactive_anon 135168
[  771.175533][T20822] active_anon 212992
[  771.175533][T20822] inactive_file 0
[  771.175533][T20822] active_file 110592
[  771.175533][T20822] unevictable 0
[  771.175533][T20822] slab_reclaimable 1757184
[  771.175533][T20822] slab_unreclaimable 2052096
[  771.175533][T20822] pgfault 47619
[  771.175533][T20822] pgmajfault 0
[  771.175533][T20822] workingset_refault 0
[  771.175533][T20822] workingset_activate 0
[  771.175533][T20822] workingset_nodereclaim 0
[  771.175533][T20822] pgrefill 3192
[  771.175533][T20822] pgscan 15523
[  771.175533][T20822] pgsteal 3983
[  771.175533][T20822] pgactivate 5214
[  771.271877][T20822] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=20822,uid=0
[  771.287445][T20822] Memory cgroup out of memory: Killed process 20822 (syz-executor.4) total-vm:72452kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  771.305895][ T1070] oom_reaper: reaped process 20822 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  771.837589][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  771.843402][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  775.267622][    C0] net_ratelimit: 12 callbacks suppressed
[  775.267631][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  775.279130][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  775.987610][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  775.993421][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  775.999291][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.005043][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  776.707723][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.713538][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  777.347627][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  777.353443][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  778.428159][T11615] device hsr_slave_0 left promiscuous mode
[  778.477638][T11615] device hsr_slave_1 left promiscuous mode
[  778.541751][T11615] team0 (unregistering): Port device team_slave_1 removed
[  778.555266][T11615] team0 (unregistering): Port device team_slave_0 removed
[  778.567708][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  778.633855][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  778.736719][T11615] bond0 (unregistering): Released all slaves
[  778.878920][T11615] device hsr_slave_0 left promiscuous mode
[  778.938698][T11615] device hsr_slave_1 left promiscuous mode
[  778.990032][T11615] team0 (unregistering): Port device team_slave_1 removed
[  779.003484][T11615] team0 (unregistering): Port device team_slave_0 removed
[  779.015073][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  779.076249][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  779.163800][T11615] bond0 (unregistering): Released all slaves
[  779.348383][T11615] device hsr_slave_0 left promiscuous mode
[  779.387744][T11615] device hsr_slave_1 left promiscuous mode
[  779.465785][T11615] team0 (unregistering): Port device team_slave_1 removed
[  779.481201][T11615] team0 (unregistering): Port device team_slave_0 removed
[  779.494565][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  779.554526][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  779.648241][T11615] bond0 (unregistering): Released all slaves
[  779.798509][T11615] device hsr_slave_0 left promiscuous mode
[  779.867782][T11615] device hsr_slave_1 left promiscuous mode
[  779.945649][T11615] team0 (unregistering): Port device team_slave_1 removed
[  779.964385][T11615] team0 (unregistering): Port device team_slave_0 removed
[  779.975625][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  780.012410][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  780.086122][T11615] bond0 (unregistering): Released all slaves
10:29:52 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x4000}, 0x0)

[  780.211078][T22695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  780.447576][    C1] net_ratelimit: 12 callbacks suppressed
[  780.447585][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  780.459117][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  780.567604][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  780.573462][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  780.687691][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  780.693523][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  780.867643][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  780.873518][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:29:53 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x82, &(0x7f0000000380), 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0x0)

[  780.909408][T22733] IPVS: ftp: loaded support on port[0] = 21
[  780.955948][T22695] 8021q: adding VLAN 0 to HW filter on device batadv0
10:29:53 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x4305}, 0x0)

[  781.294177][T22733] chnl_net:caif_netlink_parms(): no params data found
[  781.500667][T22751] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  781.527775][T22751] CPU: 0 PID: 22751 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  781.535700][T22751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  781.545757][T22751] Call Trace:
[  781.549060][T22751]  dump_stack+0x172/0x1f0
[  781.553394][T22751]  dump_header+0x10b/0x82d
[  781.557824][T22751]  oom_kill_process.cold+0x10/0x15
[  781.562950][T22751]  out_of_memory+0x334/0x1340
[  781.567664][T22751]  ? __sched_text_start+0x8/0x8
[  781.578795][T22751]  ? oom_killer_disable+0x280/0x280
[  781.584007][T22751]  mem_cgroup_out_of_memory+0x1d8/0x240
[  781.589553][T22751]  ? memcg_stat_show+0xc40/0xc40
[  781.594515][T22751]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  781.600333][T22751]  ? cgroup_file_notify+0x140/0x1b0
[  781.605535][T22751]  memory_max_write+0x262/0x3a0
[  781.610386][T22751]  ? mem_cgroup_write+0x370/0x370
[  781.615409][T22751]  ? lock_acquire+0x190/0x410
[  781.620085][T22751]  ? kernfs_fop_write+0x227/0x480
[  781.625115][T22751]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  781.630678][T22751]  cgroup_file_write+0x241/0x790
[  781.635616][T22751]  ? mem_cgroup_write+0x370/0x370
[  781.640643][T22751]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  781.646280][T22751]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  781.651911][T22751]  kernfs_fop_write+0x2b8/0x480
[  781.656771][T22751]  __vfs_write+0x8a/0x110
[  781.661116][T22751]  ? kernfs_fop_open+0xd80/0xd80
[  781.666053][T22751]  __kernel_write+0x11b/0x3b0
[  781.670735][T22751]  write_pipe_buf+0x15d/0x1f0
[  781.675436][T22751]  ? do_splice_direct+0x2a0/0x2a0
[  781.680464][T22751]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  781.686701][T22751]  ? splice_from_pipe_next.part.0+0x262/0x300
[  781.692772][T22751]  __splice_from_pipe+0x397/0x7d0
[  781.697800][T22751]  ? do_splice_direct+0x2a0/0x2a0
[  781.702835][T22751]  ? do_splice_direct+0x2a0/0x2a0
[  781.707859][T22751]  splice_from_pipe+0x108/0x170
[  781.712725][T22751]  ? splice_shrink_spd+0xd0/0xd0
[  781.717669][T22751]  ? security_file_permission+0x8f/0x380
[  781.723303][T22751]  default_file_splice_write+0x3c/0x90
[  781.728759][T22751]  ? generic_splice_sendpage+0x50/0x50
[  781.734218][T22751]  direct_splice_actor+0x123/0x190
[  781.739342][T22751]  splice_direct_to_actor+0x366/0x970
[  781.744732][T22751]  ? generic_pipe_buf_nosteal+0x10/0x10
[  781.750371][T22751]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  781.756607][T22751]  ? do_splice_to+0x180/0x180
[  781.761288][T22751]  ? rw_verify_area+0x126/0x360
[  781.766161][T22751]  do_splice_direct+0x1da/0x2a0
[  781.771103][T22751]  ? splice_direct_to_actor+0x970/0x970
[  781.776662][T22751]  ? rcu_read_lock_any_held+0xcd/0xf0
[  781.782036][T22751]  ? __this_cpu_preempt_check+0x3a/0x210
[  781.787668][T22751]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  781.793918][T22751]  ? __sb_start_write+0x1e5/0x460
[  781.798965][T22751]  do_sendfile+0x597/0xd00
[  781.803402][T22751]  ? do_compat_pwritev64+0x1c0/0x1c0
[  781.808687][T22751]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  781.814961][T22751]  ? put_timespec64+0xda/0x140
[  781.819823][T22751]  __x64_sys_sendfile64+0x1dd/0x220
[  781.825019][T22751]  ? __ia32_sys_sendfile+0x230/0x230
[  781.830300][T22751]  ? do_syscall_64+0x26/0x760
[  781.834977][T22751]  ? lockdep_hardirqs_on+0x421/0x5e0
[  781.840266][T22751]  ? trace_hardirqs_on+0x67/0x240
[  781.845298][T22751]  do_syscall_64+0xfa/0x760
[  781.849814][T22751]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  781.855699][T22751] RIP: 0033:0x459f49
[  781.859593][T22751] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  781.879196][T22751] RSP: 002b:00007f32eb2bac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  781.887606][T22751] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  781.895786][T22751] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  781.903754][T22751] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  781.911724][T22751] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f32eb2bb6d4
[  781.919791][T22751] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  781.933323][T22751] memory: usage 5220kB, limit 0kB, failcnt 469
[  781.939699][T22751] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  781.946656][T22751] Memory cgroup stats for /syz3:
[  781.946763][T22751] anon 4296704
[  781.946763][T22751] file 118784
[  781.946763][T22751] kernel_stack 65536
[  781.946763][T22751] slab 827392
[  781.946763][T22751] sock 81920
[  781.946763][T22751] shmem 24576
[  781.946763][T22751] file_mapped 0
[  781.946763][T22751] file_dirty 135168
[  781.946763][T22751] file_writeback 0
[  781.946763][T22751] anon_thp 4194304
[  781.946763][T22751] inactive_anon 0
[  781.946763][T22751] active_anon 4296704
[  781.946763][T22751] inactive_file 98304
[  781.946763][T22751] active_file 0
[  781.946763][T22751] unevictable 135168
[  781.946763][T22751] slab_reclaimable 270336
[  781.946763][T22751] slab_unreclaimable 557056
[  781.946763][T22751] pgfault 58872
[  781.946763][T22751] pgmajfault 0
[  781.946763][T22751] workingset_refault 0
[  781.946763][T22751] workingset_activate 0
[  781.946763][T22751] workingset_nodereclaim 0
[  781.946763][T22751] pgrefill 8688
[  781.946763][T22751] pgscan 40160
[  781.946763][T22751] pgsteal 9652
[  782.041811][T22751] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22748,uid=0
[  782.065942][T22751] Memory cgroup out of memory: Killed process 22748 (syz-executor.3) total-vm:72720kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  782.088066][ T1070] oom_reaper: reaped process 22748 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
10:29:54 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:54 executing program 4:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSCAUSE(r0, 0x89e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
openat$cgroup_int(r1, &(0x7f0000000040), 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000480)=ANY=[], 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x8000, 0x0, 0x5}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
getpeername(r2, 0x0, &(0x7f0000003840))
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$FS_IOC_SETFSLABEL(r3, 0x41009432, &(0x7f0000000280)="bbfb28ec87ec09fc4b8bd5c6c8e86b4ced72f5ac60ae8b6a2dbd8e97c42f4dacdbf7bd922413321ab2344ac3e768b46faf76600fcbbf8a2e897ba79db171dc1c415b188a633ad3763d126d971a6d22a5caba8ce38e3b27325117c6b8e8bad2c5edbdc512dde32a2bf458c1a8b59b92980f3308c4ef63e710dd21b2b759cd97e3d84ab786331b33237b975fd1d292920277d6cbc03a3ae58cb2b35e1a2974ea1edcdff59dfbb9e8aaebbe8d91090fd33d5d27a53dc4defc0690c826e608ac25d4aebdbf09236d0c3915d378770259204bf06136b0521d685d52cc23f3bcda99d723dedf91fa491b130e581749219da683c6b39a280004289424144d1dbf68cf2a")
accept4(r0, &(0x7f0000000000)=@un=@abs, &(0x7f0000000080)=0x80, 0x80c00)

10:29:54 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x4788}, 0x0)

[  782.140747][T22695] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  782.152405][T22733] bridge0: port 1(bridge_slave_0) entered blocking state
[  782.166326][T22733] bridge0: port 1(bridge_slave_0) entered disabled state
[  782.167602][T22695] CPU: 1 PID: 22695 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  782.181324][T22695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  782.191383][T22695] Call Trace:
[  782.194691][T22695]  dump_stack+0x172/0x1f0
[  782.199041][T22695]  dump_header+0x10b/0x82d
[  782.203462][T22695]  ? oom_kill_process+0x94/0x3f0
[  782.208399][T22695]  oom_kill_process.cold+0x10/0x15
[  782.208419][T22695]  out_of_memory+0x334/0x1340
[  782.208433][T22695]  ? lock_downgrade+0x920/0x920
[  782.208451][T22695]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  782.208466][T22695]  ? oom_killer_disable+0x280/0x280
[  782.208488][T22695]  mem_cgroup_out_of_memory+0x1d8/0x240
[  782.208501][T22695]  ? memcg_stat_show+0xc40/0xc40
[  782.208518][T22695]  ? do_raw_spin_unlock+0x57/0x270
[  782.238526][T22733] device bridge_slave_0 entered promiscuous mode
[  782.239619][T22695]  ? _raw_spin_unlock+0x2d/0x50
[  782.260777][T22695]  try_charge+0xf4b/0x1440
[  782.265201][T22695]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  782.270754][T22695]  ? percpu_ref_tryget_live+0x111/0x290
[  782.276334][T22695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  782.282579][T22695]  ? __kasan_check_read+0x11/0x20
[  782.282606][T22695]  ? get_mem_cgroup_from_mm+0x156/0x320
[  782.293164][T22695]  mem_cgroup_try_charge+0x136/0x590
[  782.298485][T22695]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  782.304122][T22695]  wp_page_copy+0x407/0x1860
[  782.308719][T22695]  ? find_held_lock+0x35/0x130
[  782.313491][T22695]  ? do_wp_page+0x53b/0x15c0
[  782.318082][T22695]  ? pmd_devmap_trans_unstable+0x220/0x220
[  782.323886][T22695]  ? lock_downgrade+0x920/0x920
[  782.324337][T22733] bridge0: port 2(bridge_slave_1) entered blocking state
[  782.328736][T22695]  ? swp_swapcount+0x540/0x540
[  782.328754][T22695]  ? __kasan_check_read+0x11/0x20
[  782.328765][T22695]  ? do_raw_spin_unlock+0x57/0x270
[  782.328782][T22695]  do_wp_page+0x543/0x15c0
[  782.328800][T22695]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  782.328824][T22695]  __handle_mm_fault+0x23ec/0x4040
[  782.328843][T22695]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  782.328862][T22695]  ? handle_mm_fault+0x292/0xaa0
[  782.351977][T22733] bridge0: port 2(bridge_slave_1) entered disabled state
[  782.355264][T22695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  782.355281][T22695]  ? __kasan_check_read+0x11/0x20
[  782.394488][T22695]  handle_mm_fault+0x3b7/0xaa0
[  782.399270][T22695]  __do_page_fault+0x536/0xdd0
[  782.404059][T22695]  do_page_fault+0x38/0x590
[  782.408569][T22695]  page_fault+0x39/0x40
[  782.411451][T22733] device bridge_slave_1 entered promiscuous mode
[  782.412718][T22695] RIP: 0033:0x431026
[  782.422909][T22695] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  782.442516][T22695] RSP: 002b:00007fffcd69da20 EFLAGS: 00010206
[  782.448589][T22695] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  782.456555][T22695] RDX: 0000000001bde930 RSI: 0000000001be6970 RDI: 0000000000000003
[  782.456565][T22695] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001bdd940
[  782.456573][T22695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  782.456581][T22695] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  782.584210][T22695] memory: usage 796kB, limit 0kB, failcnt 477
[  782.595664][T22695] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  782.602785][T22695] Memory cgroup stats for /syz3:
[  782.602885][T22695] anon 24576
[  782.602885][T22695] file 118784
[  782.602885][T22695] kernel_stack 0
[  782.602885][T22695] slab 827392
[  782.602885][T22695] sock 81920
[  782.602885][T22695] shmem 24576
[  782.602885][T22695] file_mapped 0
[  782.602885][T22695] file_dirty 135168
[  782.602885][T22695] file_writeback 0
[  782.602885][T22695] anon_thp 0
[  782.602885][T22695] inactive_anon 0
[  782.602885][T22695] active_anon 24576
[  782.602885][T22695] inactive_file 98304
[  782.602885][T22695] active_file 0
[  782.602885][T22695] unevictable 135168
[  782.602885][T22695] slab_reclaimable 270336
[  782.602885][T22695] slab_unreclaimable 557056
[  782.602885][T22695] pgfault 58905
[  782.602885][T22695] pgmajfault 0
[  782.602885][T22695] workingset_refault 0
[  782.602885][T22695] workingset_activate 0
[  782.602885][T22695] workingset_nodereclaim 0
[  782.602885][T22695] pgrefill 8688
[  782.602885][T22695] pgscan 40160
[  782.602885][T22695] pgsteal 9652
[  782.602885][T22695] pgactivate 11286
[  782.607960][T22695] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22695,uid=0
[  782.715596][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  782.715657][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  782.772215][T22695] Memory cgroup out of memory: Killed process 22695 (syz-executor.3) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  782.783328][T22733] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  782.818103][ T1070] oom_reaper: reaped process 22695 (syz-executor.3), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  782.834613][T22733] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  782.941111][T22733] team0: Port device team_slave_0 added
[  782.974964][T22733] team0: Port device team_slave_1 added
[  783.361290][T22733] device hsr_slave_0 entered promiscuous mode
[  783.418093][T22733] device hsr_slave_1 entered promiscuous mode
[  783.676756][T22733] 8021q: adding VLAN 0 to HW filter on device bond0
[  783.768889][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  783.799174][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  783.807039][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  783.824767][T22733] 8021q: adding VLAN 0 to HW filter on device team0
[  783.846314][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  783.863321][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
10:29:56 executing program 0:
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000700)=ANY=[@ANYBLOB="020300021b000000020000000000000005000600008000000a00000000000000000000997f6699000000000000d6dbb905d1f86beb0000000d000800e0020000b89cc4b2bd01a12ba71996d8ee000000809ac1ec3d95c9a0af6fa7fe174e404721f755b088c2a08594e391798e4fd4959ba9b5a7b0588736a57525a30d463ea43084dc1840039649673b73383b717e127c6a36da871a86cc8c8dfa870000000002000100000000000000020080ffffff05000500000000000a000000def7bd3e10c05ce0099e088c374525b1f361d6c7358f00000000fe04"], 0xd8}}, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14}, 0x14}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x4000060, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpu.stat\x00', 0x0, 0x0)
r2 = socket$caif_stream(0x25, 0x1, 0x0)
connect$l2tp(r1, &(0x7f0000000200)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x4, 0x4, 0x1, 0x1}}, 0x2e)

[  783.886548][ T9931] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.893690][ T9931] bridge0: port 1(bridge_slave_0) entered forwarding state
[  783.955658][T22757] IPVS: ftp: loaded support on port[0] = 21
[  783.968193][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  783.976261][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  784.003531][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  784.012955][ T9931] bridge0: port 2(bridge_slave_1) entered blocking state
[  784.020094][ T9931] bridge0: port 2(bridge_slave_1) entered forwarding state
[  784.036041][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  784.045565][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  784.073073][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  784.082695][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  784.091600][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  784.100817][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  784.126454][T22733] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  784.143968][T22733] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  784.164706][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  784.172881][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  784.181703][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  784.190416][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  784.199253][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  784.210089][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  784.287015][T22733] 8021q: adding VLAN 0 to HW filter on device batadv0
[  784.366228][T22757] chnl_net:caif_netlink_parms(): no params data found
[  784.432340][T22757] bridge0: port 1(bridge_slave_0) entered blocking state
[  784.439688][T22757] bridge0: port 1(bridge_slave_0) entered disabled state
[  784.448326][T22757] device bridge_slave_0 entered promiscuous mode
[  784.456644][T22757] bridge0: port 2(bridge_slave_1) entered blocking state
[  784.481511][T22757] bridge0: port 2(bridge_slave_1) entered disabled state
[  784.495458][T22757] device bridge_slave_1 entered promiscuous mode
[  784.532008][T22757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  784.546176][T22757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  784.590301][T22757] team0: Port device team_slave_0 added
[  784.605691][T22757] team0: Port device team_slave_1 added
[  784.680645][T22757] device hsr_slave_0 entered promiscuous mode
[  784.717999][T22757] device hsr_slave_1 entered promiscuous mode
[  784.757661][T22757] debugfs: Directory 'hsr0' with parent '/' already present!
[  784.943814][T22773] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  784.967959][T22757] 8021q: adding VLAN 0 to HW filter on device bond0
[  784.978225][T22773] CPU: 1 PID: 22773 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  784.986143][T22773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  784.993023][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  784.996204][T22773] Call Trace:
[  784.996226][T22773]  dump_stack+0x172/0x1f0
[  784.996246][T22773]  dump_header+0x10b/0x82d
[  784.996266][T22773]  oom_kill_process.cold+0x10/0x15
[  785.012963][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  785.015464][T22773]  out_of_memory+0x334/0x1340
[  785.028890][T22757] 8021q: adding VLAN 0 to HW filter on device team0
[  785.032420][T22773]  ? __sched_text_start+0x8/0x8
[  785.043827][T22773]  ? oom_killer_disable+0x280/0x280
[  785.049050][T22773]  mem_cgroup_out_of_memory+0x1d8/0x240
[  785.051258][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  785.054604][T22773]  ? memcg_stat_show+0xc40/0xc40
[  785.054636][T22773]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  785.071870][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  785.073395][T22773]  ? cgroup_file_notify+0x140/0x1b0
[  785.073423][T22773]  memory_max_write+0x262/0x3a0
[  785.085673][ T9932] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.086579][T22773]  ? mem_cgroup_write+0x370/0x370
[  785.086600][T22773]  ? lock_acquire+0x190/0x410
[  785.091483][ T9932] bridge0: port 1(bridge_slave_0) entered forwarding state
[  785.098427][T22773]  ? kernfs_fop_write+0x227/0x480
[  785.098444][T22773]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  785.098465][T22773]  cgroup_file_write+0x241/0x790
[  785.130763][T22773]  ? mem_cgroup_write+0x370/0x370
[  785.135801][T22773]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  785.141451][T22773]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  785.143999][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  785.147094][T22773]  kernfs_fop_write+0x2b8/0x480
[  785.147117][T22773]  __vfs_write+0x8a/0x110
[  785.163637][T22773]  ? kernfs_fop_open+0xd80/0xd80
[  785.168584][T22773]  __kernel_write+0x11b/0x3b0
[  785.173364][T22773]  write_pipe_buf+0x15d/0x1f0
[  785.178043][T22773]  ? do_splice_direct+0x2a0/0x2a0
[  785.182682][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  785.183071][T22773]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  785.197348][T22773]  ? splice_from_pipe_next.part.0+0x262/0x300
[  785.203433][T22773]  __splice_from_pipe+0x397/0x7d0
[  785.208469][T22773]  ? do_splice_direct+0x2a0/0x2a0
[  785.211636][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  785.213503][T22773]  ? do_splice_direct+0x2a0/0x2a0
[  785.213525][T22773]  splice_from_pipe+0x108/0x170
[  785.231361][T22773]  ? splice_shrink_spd+0xd0/0xd0
[  785.236310][T22773]  ? security_file_permission+0x8f/0x380
[  785.241951][T22773]  default_file_splice_write+0x3c/0x90
[  785.243574][ T9932] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.247404][T22773]  ? generic_splice_sendpage+0x50/0x50
[  785.247422][T22773]  direct_splice_actor+0x123/0x190
[  785.247442][T22773]  splice_direct_to_actor+0x366/0x970
[  785.254510][ T9932] bridge0: port 2(bridge_slave_1) entered forwarding state
[  785.259886][T22773]  ? generic_pipe_buf_nosteal+0x10/0x10
[  785.259906][T22773]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  785.259924][T22773]  ? do_splice_to+0x180/0x180
[  785.293993][T22773]  ? rw_verify_area+0x126/0x360
[  785.298874][T22773]  do_splice_direct+0x1da/0x2a0
[  785.303733][T22773]  ? splice_direct_to_actor+0x970/0x970
[  785.309275][T22773]  ? rcu_read_lock_any_held+0xcd/0xf0
[  785.313215][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  785.314650][T22773]  ? __this_cpu_preempt_check+0x3a/0x210
[  785.328144][T22773]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  785.334382][T22773]  ? __sb_start_write+0x1e5/0x460
[  785.339427][T22773]  do_sendfile+0x597/0xd00
[  785.343867][T22773]  ? do_compat_pwritev64+0x1c0/0x1c0
[  785.349169][T22773]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  785.354438][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  785.355423][T22773]  ? put_timespec64+0xda/0x140
[  785.368051][T22773]  __x64_sys_sendfile64+0x1dd/0x220
[  785.373251][T22773]  ? __ia32_sys_sendfile+0x230/0x230
[  785.378545][T22773]  ? do_syscall_64+0x26/0x760
[  785.383222][T22773]  ? lockdep_hardirqs_on+0x421/0x5e0
[  785.388508][T22773]  ? trace_hardirqs_on+0x67/0x240
[  785.393535][T22773]  do_syscall_64+0xfa/0x760
[  785.394846][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  785.398045][T22773]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  785.398057][T22773] RIP: 0033:0x459f49
[  785.398071][T22773] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  785.398077][T22773] RSP: 002b:00007f032d13ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  785.398091][T22773] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  785.398098][T22773] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  785.398105][T22773] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  785.398113][T22773] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f032d13f6d4
[  785.398120][T22773] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  785.411510][T22773] memory: usage 2160kB, limit 0kB, failcnt 227
[  785.436054][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  785.444940][T22773] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  785.494948][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  785.499025][T22773] Memory cgroup stats for /syz2:
[  785.499129][T22773] anon 188416
[  785.499129][T22773] file 0
[  785.499129][T22773] kernel_stack 65536
[  785.499129][T22773] slab 2007040
[  785.499129][T22773] sock 4096
[  785.499129][T22773] shmem 20480
[  785.499129][T22773] file_mapped 0
[  785.499129][T22773] file_dirty 0
[  785.499129][T22773] file_writeback 0
[  785.499129][T22773] anon_thp 0
[  785.499129][T22773] inactive_anon 90112
[  785.499129][T22773] active_anon 188416
[  785.499129][T22773] inactive_file 90112
[  785.499129][T22773] active_file 176128
[  785.499129][T22773] unevictable 0
[  785.499129][T22773] slab_reclaimable 946176
[  785.499129][T22773] slab_unreclaimable 1060864
[  785.499129][T22773] pgfault 64581
[  785.499129][T22773] pgmajfault 0
[  785.499129][T22773] workingset_refault 0
[  785.499129][T22773] workingset_activate 0
[  785.499129][T22773] workingset_nodereclaim 0
[  785.499129][T22773] pgrefill 13533
[  785.499129][T22773] pgscan 22260
[  785.499129][T22773] pgsteal 3058
[  785.499129][T22773] pgactivate 13497
[  785.534689][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  785.623339][T22773] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22770,uid=0
[  785.646463][T22773] Memory cgroup out of memory: Killed process 22773 (syz-executor.2) total-vm:72984kB, anon-rss:160kB, file-rss:35896kB, shmem-rss:0kB, UID:0 pgtables:143360kB oom_score_adj:1000
[  785.673102][ T1070] oom_reaper: reaped process 22773 (syz-executor.2), now anon-rss:0kB, file-rss:34936kB, shmem-rss:0kB
10:29:58 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:58 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:29:58 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x4888}, 0x0)

10:29:58 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0xffffffffffffffe1, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000002300470800000000100000000100aceac20d283177ca9680a260c229f5d5d9ff4559cfd7c5d4f9f2a05ac843fb1a9b3a6685c4b44017a681e8efbb01d8bfb77b731e8b82ce5d623847992a0f4d81a01a99224f82d24887d5b0063802779a5f0069336edc42c99c8fc0b4e6a88bda19fdb00354ac5718189a98704932e5763dcc7de39a1447c7b0214786e5baa63a9c91aad1e5e9bc8aeb2bcc2ffc0929b96a1979f29575b2dfcbf45ae41e61d71133d32ab07e5119a610a1b3a48dedec64e92c3a6c16fbde2d6d0b76e02823ab176ce516539ebc4d749df40c6be206ac4c23ddca144ef6e812008c8e2e6799ad8167a68182396cbda7bdbe48829cd55d866d8e20e63d0d85bcedd0106d703394e9aca4ea4c0024a652ecaca7c9984ee0ee08d7d121a1469311a0a24bda7f29e8a324203e0b95ce2790ed771d9827554802210b341702ec2350cb6728f8f65ae08dcaa31c9a36fe418e1deb4687564c5b03bf1941bc38da6483407aec1647e93402efceea50305fab5a77ed7786e536e398e143290d0c8b103e30fae20d8bd993e08c4b1fa94c31a4b8a4e5908ff8a42e0e211b4c082de86a"], 0x14}}, 0x0)
ioctl$sock_netdev_private(r1, 0x8923, &(0x7f0000000280)="62a5c7d37344972cd5a9633a")
close(r1)

10:29:58 executing program 0:
unshare(0x6040000)
pipe(0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000440), 0xc)
setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xc9, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
close(r2)
ioctl$sock_SIOCGIFBR(r1, 0x8940, 0x0)
r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
getpeername(r3, &(0x7f0000000240)=@isdn, &(0x7f0000000000)=0x80)
ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000140)={r0, 0x5})
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
getsockname(r4, &(0x7f0000000300)=@x25, &(0x7f0000000200)=0xfffffffffffffe79)
getsockopt$IP_VS_SO_GET_DAEMON(r4, 0x0, 0x487, &(0x7f0000000180), &(0x7f00000001c0)=0x30)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
shutdown(r5, 0x1)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r6, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
getsockopt$IPT_SO_GET_REVISION_TARGET(r6, 0x0, 0x43, &(0x7f0000000380)={'TPROXY\x00'}, &(0x7f00000003c0)=0x1e)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
r7 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_int(r7, &(0x7f00000000c0), 0x4557434d)
socket$xdp(0x2c, 0x3, 0x0)
sendfile(r2, r7, &(0x7f0000000480)=0x15, 0x20000000006)
r8 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r8, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r8, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r8, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r8, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r8}], 0x1, 0x81)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r8, 0x28, 0x6, &(0x7f0000000100)={0x0, 0x2710}, 0x10)

[  785.692028][T22757] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  785.702922][T22757] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  785.724869][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  785.735316][T22733] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  785.768583][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  785.787711][T22733] CPU: 1 PID: 22733 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  785.795651][T22733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  785.801000][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  785.805704][T22733] Call Trace:
[  785.805728][T22733]  dump_stack+0x172/0x1f0
[  785.805754][T22733]  dump_header+0x10b/0x82d
[  785.825463][T22733]  ? oom_kill_process+0x94/0x3f0
[  785.830421][T22733]  oom_kill_process.cold+0x10/0x15
[  785.835553][T22733]  out_of_memory+0x334/0x1340
[  785.840248][T22733]  ? lock_downgrade+0x920/0x920
[  785.845127][T22733]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  785.850952][T22733]  ? oom_killer_disable+0x280/0x280
[  785.856179][T22733]  mem_cgroup_out_of_memory+0x1d8/0x240
[  785.860855][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  785.861730][T22733]  ? memcg_stat_show+0xc40/0xc40
[  785.861753][T22733]  ? do_raw_spin_unlock+0x57/0x270
[  785.879585][T22733]  ? _raw_spin_unlock+0x2d/0x50
[  785.884463][T22733]  try_charge+0xf4b/0x1440
[  785.888927][T22733]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  785.894485][T22733]  ? percpu_ref_tryget_live+0x111/0x290
[  785.900046][T22733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  785.903044][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  785.906296][T22733]  ? __kasan_check_read+0x11/0x20
[  785.906322][T22733]  ? get_mem_cgroup_from_mm+0x156/0x320
[  785.924620][T22733]  mem_cgroup_try_charge+0x136/0x590
[  785.929938][T22733]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  785.935593][T22733]  __handle_mm_fault+0x1f0d/0x4040
[  785.940729][T22733]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  785.946295][T22733]  ? handle_mm_fault+0x292/0xaa0
[  785.951266][T22733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  785.956555][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  785.957528][T22733]  ? __kasan_check_read+0x11/0x20
[  785.957560][T22733]  handle_mm_fault+0x3b7/0xaa0
[  785.957582][T22733]  __do_page_fault+0x536/0xdd0
[  785.957603][T22733]  do_page_fault+0x38/0x590
[  785.957620][T22733]  page_fault+0x39/0x40
[  785.957632][T22733] RIP: 0033:0x403a42
[  785.957647][T22733] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 <e8> 29 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 49 44 05 00 48
[  785.957654][T22733] RSP: 002b:00007ffe64d5be10 EFLAGS: 00010246
[  785.957664][T22733] RAX: 0000000000000000 RBX: 00000000000bfbec RCX: 0000000000413a00
[  785.957677][T22733] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe64d5cf40
[  785.967612][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  785.969786][T22733] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000013dc940
[  785.969796][T22733] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe64d5cf40
[  785.969804][T22733] R13: 00007ffe64d5cf30 R14: 0000000000000000 R15: 00007ffe64d5cf40
[  786.001865][T22733] memory: usage 1876kB, limit 0kB, failcnt 235
[  786.011631][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  786.107840][T22733] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  786.118085][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  786.123903][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  786.140336][T22733] Memory cgroup stats for /syz2:
[  786.140445][T22733] anon 188416
[  786.140445][T22733] file 0
[  786.140445][T22733] kernel_stack 0
[  786.140445][T22733] slab 2007040
[  786.140445][T22733] sock 4096
[  786.140445][T22733] shmem 20480
[  786.140445][T22733] file_mapped 0
[  786.140445][T22733] file_dirty 0
[  786.140445][T22733] file_writeback 0
[  786.140445][T22733] anon_thp 0
[  786.140445][T22733] inactive_anon 90112
[  786.140445][T22733] active_anon 188416
[  786.140445][T22733] inactive_file 90112
[  786.140445][T22733] active_file 176128
[  786.140445][T22733] unevictable 0
[  786.140445][T22733] slab_reclaimable 946176
[  786.140445][T22733] slab_unreclaimable 1060864
[  786.140445][T22733] pgfault 64581
[  786.140445][T22733] pgmajfault 0
[  786.140445][T22733] workingset_refault 0
[  786.140445][T22733] workingset_activate 0
[  786.140445][T22733] workingset_nodereclaim 0
[  786.140445][T22733] pgrefill 13533
[  786.140445][T22733] pgscan 22260
[  786.140445][T22733] pgsteal 3058
[  786.140445][T22733] pgactivate 13497
[  786.246485][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  786.252394][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:29:58 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

[  786.259160][T22733] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22733,uid=0
[  786.278796][T22757] 8021q: adding VLAN 0 to HW filter on device batadv0
[  786.286142][T22786] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  786.296876][T22733] Memory cgroup out of memory: Killed process 22733 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  786.367571][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  786.373416][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  786.387664][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  786.393488][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:29:58 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  786.413496][ T1070] oom_reaper: reaped process 22733 (syz-executor.2), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
10:29:59 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x6000}, 0x0)

[  786.866787][T22812] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  786.885780][T22812] CPU: 1 PID: 22812 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  786.893707][T22812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  786.903782][T22812] Call Trace:
[  786.907091][T22812]  dump_stack+0x172/0x1f0
[  786.911428][T22812]  dump_header+0x10b/0x82d
[  786.915846][T22812]  oom_kill_process.cold+0x10/0x15
[  786.920960][T22812]  out_of_memory+0x334/0x1340
[  786.925638][T22812]  ? __sched_text_start+0x8/0x8
[  786.930489][T22812]  ? oom_killer_disable+0x280/0x280
[  786.935710][T22812]  mem_cgroup_out_of_memory+0x1d8/0x240
[  786.941272][T22812]  ? memcg_stat_show+0xc40/0xc40
[  786.946229][T22812]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  786.952070][T22812]  ? cgroup_file_notify+0x140/0x1b0
[  786.957284][T22812]  memory_max_write+0x262/0x3a0
[  786.962141][T22812]  ? mem_cgroup_write+0x370/0x370
[  786.967178][T22812]  ? lock_acquire+0x190/0x410
[  786.971856][T22812]  ? kernfs_fop_write+0x227/0x480
[  786.976893][T22812]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  786.982445][T22812]  cgroup_file_write+0x241/0x790
[  786.987385][T22812]  ? mem_cgroup_write+0x370/0x370
[  786.992426][T22812]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  786.998073][T22812]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  787.003966][T22812]  kernfs_fop_write+0x2b8/0x480
[  787.008809][T22812]  __vfs_write+0x8a/0x110
[  787.013272][T22812]  ? kernfs_fop_open+0xd80/0xd80
[  787.018214][T22812]  __kernel_write+0x11b/0x3b0
[  787.022911][T22812]  write_pipe_buf+0x15d/0x1f0
[  787.027606][T22812]  ? do_splice_direct+0x2a0/0x2a0
[  787.032630][T22812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  787.038862][T22812]  ? splice_from_pipe_next.part.0+0x262/0x300
[  787.044929][T22812]  __splice_from_pipe+0x397/0x7d0
[  787.049955][T22812]  ? do_splice_direct+0x2a0/0x2a0
[  787.054980][T22812]  ? do_splice_direct+0x2a0/0x2a0
[  787.059990][T22812]  splice_from_pipe+0x108/0x170
[  787.064861][T22812]  ? splice_shrink_spd+0xd0/0xd0
[  787.069799][T22812]  ? security_file_permission+0x8f/0x380
[  787.075428][T22812]  default_file_splice_write+0x3c/0x90
[  787.080871][T22812]  ? generic_splice_sendpage+0x50/0x50
[  787.086310][T22812]  direct_splice_actor+0x123/0x190
[  787.091411][T22812]  splice_direct_to_actor+0x366/0x970
[  787.096765][T22812]  ? generic_pipe_buf_nosteal+0x10/0x10
[  787.102309][T22812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  787.108564][T22812]  ? do_splice_to+0x180/0x180
[  787.113228][T22812]  ? rw_verify_area+0x126/0x360
[  787.118064][T22812]  do_splice_direct+0x1da/0x2a0
[  787.122913][T22812]  ? splice_direct_to_actor+0x970/0x970
[  787.128450][T22812]  ? rcu_read_lock_any_held+0xcd/0xf0
[  787.133841][T22812]  ? __this_cpu_preempt_check+0x3a/0x210
[  787.139484][T22812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  787.145720][T22812]  ? __sb_start_write+0x1e5/0x460
[  787.150748][T22812]  do_sendfile+0x597/0xd00
[  787.155175][T22812]  ? do_compat_pwritev64+0x1c0/0x1c0
[  787.160457][T22812]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  787.166685][T22812]  ? put_timespec64+0xda/0x140
[  787.171438][T22812]  __x64_sys_sendfile64+0x1dd/0x220
[  787.176619][T22812]  ? __ia32_sys_sendfile+0x230/0x230
[  787.181890][T22812]  ? do_syscall_64+0x26/0x760
[  787.186552][T22812]  ? lockdep_hardirqs_on+0x421/0x5e0
[  787.191824][T22812]  ? trace_hardirqs_on+0x67/0x240
[  787.196833][T22812]  do_syscall_64+0xfa/0x760
[  787.201327][T22812]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  787.207220][T22812] RIP: 0033:0x459f49
[  787.211103][T22812] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  787.230700][T22812] RSP: 002b:00007f7533b95c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  787.239101][T22812] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  787.247072][T22812] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  787.255047][T22812] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  787.263015][T22812] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f7533b966d4
[  787.270996][T22812] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  787.305603][T22812] memory: usage 3660kB, limit 0kB, failcnt 175
[  787.312067][T22812] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  787.319586][T22812] Memory cgroup stats for /syz5:
[  787.319656][T22812] anon 172032
[  787.319656][T22812] file 0
[  787.319656][T22812] kernel_stack 0
[  787.319656][T22812] slab 3538944
[  787.319656][T22812] sock 0
[  787.319656][T22812] shmem 143360
[  787.319656][T22812] file_mapped 0
[  787.319656][T22812] file_dirty 0
[  787.319656][T22812] file_writeback 0
[  787.319656][T22812] anon_thp 0
[  787.319656][T22812] inactive_anon 0
[  787.319656][T22812] active_anon 172032
[  787.319656][T22812] inactive_file 0
[  787.319656][T22812] active_file 110592
[  787.319656][T22812] unevictable 135168
[  787.319656][T22812] slab_reclaimable 1757184
[  787.319656][T22812] slab_unreclaimable 1781760
[  787.319656][T22812] pgfault 53955
[  787.319656][T22812] pgmajfault 0
[  787.319656][T22812] workingset_refault 0
[  787.319656][T22812] workingset_activate 0
[  787.319656][T22812] workingset_nodereclaim 0
[  787.319656][T22812] pgrefill 6786
[  787.319656][T22812] pgscan 19572
[  787.319656][T22812] pgsteal 5339
[  787.319656][T22812] pgactivate 8580
10:29:59 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  787.425249][T22812] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=20825,uid=0
[  787.442541][T22812] Memory cgroup out of memory: Killed process 20825 (syz-executor.5) total-vm:72452kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  787.462623][ T1070] oom_reaper: reaped process 20825 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  787.943713][T22826] IPVS: ftp: loaded support on port[0] = 21
10:30:00 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:00 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x6488}, 0x0)

10:30:00 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x800001000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
socket$inet(0x2, 0x3, 0x1)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
r4 = socket$inet(0x2, 0x1, 0x20)
accept$inet(r4, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f0000000080)=0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f00000000c0)=0x2, 0x4)
splice(r1, 0x0, r3, 0x0, 0x10005, 0x0)

10:30:00 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000240)={0x0, @in6={{0x2, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0xfe80}, 0x9c)
r1 = accept4$llc(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x800)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000140))
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x318)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e22, 0x1, @mcast2, 0x1a}, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, [], 0x13}, 0x9b}, @in6={0xa, 0x4e20, 0x3, @mcast1, 0x3}, @in6={0xa, 0x4e20, 0x200, @loopback, 0x3}, @in={0x2, 0x4e23, @empty}], 0xa0)

[  788.240030][T22826] chnl_net:caif_netlink_parms(): no params data found
[  788.338860][T22826] bridge0: port 1(bridge_slave_0) entered blocking state
[  788.376384][T22826] bridge0: port 1(bridge_slave_0) entered disabled state
[  788.398558][T22826] device bridge_slave_0 entered promiscuous mode
[  788.411484][T22826] bridge0: port 2(bridge_slave_1) entered blocking state
[  788.435868][T22826] bridge0: port 2(bridge_slave_1) entered disabled state
[  788.453146][T22826] device bridge_slave_1 entered promiscuous mode
[  788.479813][T22826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  788.493156][T22826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  788.519498][T22826] team0: Port device team_slave_0 added
[  788.528998][T22826] team0: Port device team_slave_1 added
[  788.600445][T22826] device hsr_slave_0 entered promiscuous mode
[  788.645271][T22826] device hsr_slave_1 entered promiscuous mode
[  788.697758][T22826] debugfs: Directory 'hsr0' with parent '/' already present!
[  789.736383][T22826] 8021q: adding VLAN 0 to HW filter on device bond0
[  789.745923][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  789.764112][T22848] IPVS: ftp: loaded support on port[0] = 21
[  789.772768][T22846] IPVS: ftp: loaded support on port[0] = 21
[  790.067795][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  790.075643][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  790.103008][T22826] 8021q: adding VLAN 0 to HW filter on device team0
[  790.425421][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  790.434514][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  790.443068][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state
[  790.450175][ T8841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  790.458433][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  790.467018][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  790.475587][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state
[  790.482674][ T8841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  790.490655][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  790.792429][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  790.801127][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  790.809933][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  790.818856][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  790.828801][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  790.870271][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  790.880729][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  791.181321][T22826] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  791.192562][T22826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  791.205697][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  791.214721][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  791.223322][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  791.232318][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  791.242733][T22848] chnl_net:caif_netlink_parms(): no params data found
[  791.552806][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  791.912776][T22826] 8021q: adding VLAN 0 to HW filter on device batadv0
[  791.923838][T22846] chnl_net:caif_netlink_parms(): no params data found
[  792.256521][T22848] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.263871][T22848] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.272100][T22848] device bridge_slave_0 entered promiscuous mode
[  792.283483][T22848] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.291651][T22848] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.299854][T22848] device bridge_slave_1 entered promiscuous mode
[  792.334053][T22848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  792.376405][T22848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.469131][T22846] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.476239][T22846] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.485987][T22846] device bridge_slave_0 entered promiscuous mode
[  792.490202][T22858] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  792.502621][T22858] CPU: 1 PID: 22858 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  792.510508][T22858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  792.510514][T22858] Call Trace:
[  792.510539][T22858]  dump_stack+0x172/0x1f0
[  792.510560][T22858]  dump_header+0x10b/0x82d
[  792.510578][T22858]  oom_kill_process.cold+0x10/0x15
[  792.510597][T22858]  out_of_memory+0x334/0x1340
[  792.510615][T22858]  ? __sched_text_start+0x8/0x8
[  792.510631][T22858]  ? oom_killer_disable+0x280/0x280
[  792.510656][T22858]  mem_cgroup_out_of_memory+0x1d8/0x240
[  792.510671][T22858]  ? memcg_stat_show+0xc40/0xc40
[  792.510694][T22858]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  792.510711][T22858]  ? cgroup_file_notify+0x140/0x1b0
[  792.510730][T22858]  memory_max_write+0x262/0x3a0
[  792.510755][T22858]  ? mem_cgroup_write+0x370/0x370
[  792.510771][T22858]  ? lock_acquire+0x190/0x410
[  792.510790][T22858]  ? kernfs_fop_write+0x227/0x480
[  792.510808][T22858]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  792.510828][T22858]  cgroup_file_write+0x241/0x790
[  792.532908][T22858]  ? mem_cgroup_write+0x370/0x370
[  792.532929][T22858]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  792.546060][T22846] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.547531][T22858]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  792.547547][T22858]  kernfs_fop_write+0x2b8/0x480
[  792.547566][T22858]  __vfs_write+0x8a/0x110
[  792.547579][T22858]  ? kernfs_fop_open+0xd80/0xd80
[  792.547593][T22858]  __kernel_write+0x11b/0x3b0
[  792.547614][T22858]  write_pipe_buf+0x15d/0x1f0
[  792.547630][T22858]  ? do_splice_direct+0x2a0/0x2a0
[  792.547646][T22858]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  792.547660][T22858]  ? splice_from_pipe_next.part.0+0x262/0x300
[  792.547681][T22858]  __splice_from_pipe+0x397/0x7d0
[  792.547697][T22858]  ? do_splice_direct+0x2a0/0x2a0
[  792.547718][T22858]  ? do_splice_direct+0x2a0/0x2a0
[  792.547739][T22858]  splice_from_pipe+0x108/0x170
[  792.547756][T22858]  ? splice_shrink_spd+0xd0/0xd0
[  792.547782][T22858]  ? security_file_permission+0x8f/0x380
[  792.547797][T22858]  default_file_splice_write+0x3c/0x90
[  792.547807][T22858]  ? generic_splice_sendpage+0x50/0x50
[  792.547823][T22858]  direct_splice_actor+0x123/0x190
[  792.547843][T22858]  splice_direct_to_actor+0x366/0x970
[  792.547861][T22858]  ? generic_pipe_buf_nosteal+0x10/0x10
[  792.547880][T22858]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  792.547895][T22858]  ? do_splice_to+0x180/0x180
[  792.547911][T22858]  ? rw_verify_area+0x126/0x360
[  792.547931][T22858]  do_splice_direct+0x1da/0x2a0
[  792.547947][T22858]  ? splice_direct_to_actor+0x970/0x970
[  792.547965][T22858]  ? rcu_read_lock_any_held+0xcd/0xf0
[  792.557072][T22846] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.558693][T22858]  ? __this_cpu_preempt_check+0x3a/0x210
[  792.558713][T22858]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  792.558727][T22858]  ? __sb_start_write+0x1e5/0x460
[  792.558748][T22858]  do_sendfile+0x597/0xd00
[  792.558773][T22858]  ? do_compat_pwritev64+0x1c0/0x1c0
[  792.558787][T22858]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  792.558802][T22858]  ? put_timespec64+0xda/0x140
[  792.558827][T22858]  __x64_sys_sendfile64+0x1dd/0x220
[  792.558842][T22858]  ? __ia32_sys_sendfile+0x230/0x230
[  792.558862][T22858]  ? do_syscall_64+0x26/0x760
[  792.579588][T22858]  ? lockdep_hardirqs_on+0x421/0x5e0
[  792.579603][T22858]  ? trace_hardirqs_on+0x67/0x240
[  792.579624][T22858]  do_syscall_64+0xfa/0x760
[  792.579644][T22858]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  792.579656][T22858] RIP: 0033:0x459f49
[  792.579671][T22858] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  792.579679][T22858] RSP: 002b:00007fac5a346c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  792.579693][T22858] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  792.579701][T22858] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  792.579709][T22858] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  792.579723][T22858] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fac5a3476d4
[  792.591693][T22846] device bridge_slave_1 entered promiscuous mode
[  792.594427][T22858] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  792.734789][T22858] memory: usage 5152kB, limit 0kB, failcnt 478
[  792.752287][T22858] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  792.767603][T22858] Memory cgroup stats for /syz3:
[  792.767718][T22858] anon 4325376
[  792.767718][T22858] file 118784
[  792.767718][T22858] kernel_stack 65536
[  792.767718][T22858] slab 827392
[  792.767718][T22858] sock 81920
[  792.767718][T22858] shmem 24576
[  792.767718][T22858] file_mapped 0
[  792.767718][T22858] file_dirty 135168
[  792.767718][T22858] file_writeback 0
[  792.767718][T22858] anon_thp 4194304
[  792.767718][T22858] inactive_anon 0
[  792.767718][T22858] active_anon 4325376
[  792.767718][T22858] inactive_file 98304
[  792.767718][T22858] active_file 0
[  792.767718][T22858] unevictable 135168
[  792.767718][T22858] slab_reclaimable 270336
[  792.767718][T22858] slab_unreclaimable 557056
[  792.767718][T22858] pgfault 58971
[  792.767718][T22858] pgmajfault 0
[  792.767718][T22858] workingset_refault 0
[  792.767718][T22858] workingset_activate 0
[  792.767718][T22858] workingset_nodereclaim 0
[  792.767718][T22858] pgrefill 8688
[  792.767718][T22858] pgscan 40160
[  792.767718][T22858] pgsteal 9652
[  793.025566][T22858] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22856,uid=0
[  793.027416][T22848] team0: Port device team_slave_0 added
[  793.060612][T22858] Memory cgroup out of memory: Killed process 22856 (syz-executor.3) total-vm:72720kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  793.080679][ T1070] oom_reaper: reaped process 22856 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
10:30:05 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:05 executing program 0:
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000007c0)={0x2, [0x2, 0x0]}, 0x8)
sendto$inet(r0, 0x0, 0xfffffffffffffc6d, 0x20000800, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f00000000c0)="0204", 0x2)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip6_vti0\x00', 0x1000001d0)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffccf, 0x0, 0x0, 0xffffffffffffff37)

10:30:05 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x6558}, 0x0)

10:30:05 executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x6, 0x209e1e, 0x3, 0x241, 0xffffffffffffffff, 0x101}, 0x3c)
socket$alg(0x26, 0x5, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f00000000c0)=""/111}, 0x18)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)

[  793.116817][T22826] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  793.142711][T22826] CPU: 0 PID: 22826 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  793.150656][T22826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  793.150663][T22826] Call Trace:
[  793.150683][T22826]  dump_stack+0x172/0x1f0
[  793.150704][T22826]  dump_header+0x10b/0x82d
[  793.168356][T22826]  ? oom_kill_process+0x94/0x3f0
[  793.168375][T22826]  oom_kill_process.cold+0x10/0x15
[  793.168390][T22826]  out_of_memory+0x334/0x1340
[  793.168405][T22826]  ? lock_downgrade+0x920/0x920
[  793.168422][T22826]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  793.168439][T22826]  ? oom_killer_disable+0x280/0x280
[  793.177778][T22826]  mem_cgroup_out_of_memory+0x1d8/0x240
[  793.177793][T22826]  ? memcg_stat_show+0xc40/0xc40
[  793.177812][T22826]  ? do_raw_spin_unlock+0x57/0x270
[  793.177828][T22826]  ? _raw_spin_unlock+0x2d/0x50
[  793.177848][T22826]  try_charge+0xf4b/0x1440
[  793.177871][T22826]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  793.187726][T22826]  ? percpu_ref_tryget_live+0x111/0x290
[  793.187762][T22826]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  793.187780][T22826]  ? __kasan_check_read+0x11/0x20
[  793.187797][T22826]  ? get_mem_cgroup_from_mm+0x156/0x320
[  793.187816][T22826]  mem_cgroup_try_charge+0x136/0x590
[  793.198441][T22826]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  793.198460][T22826]  wp_page_copy+0x407/0x1860
[  793.198477][T22826]  ? find_held_lock+0x35/0x130
[  793.198493][T22826]  ? do_wp_page+0x53b/0x15c0
[  793.198509][T22826]  ? pmd_devmap_trans_unstable+0x220/0x220
[  793.198523][T22826]  ? lock_downgrade+0x920/0x920
[  793.198542][T22826]  ? swp_swapcount+0x540/0x540
[  793.205075][T22848] team0: Port device team_slave_1 added
[  793.209270][T22826]  ? __kasan_check_read+0x11/0x20
[  793.209284][T22826]  ? do_raw_spin_unlock+0x57/0x270
[  793.209302][T22826]  do_wp_page+0x543/0x15c0
[  793.219319][T22826]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  793.219344][T22826]  __handle_mm_fault+0x23ec/0x4040
[  793.219365][T22826]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  793.219381][T22826]  ? handle_mm_fault+0x292/0xaa0
[  793.219407][T22826]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  793.219424][T22826]  ? __kasan_check_read+0x11/0x20
[  793.219439][T22826]  handle_mm_fault+0x3b7/0xaa0
[  793.219457][T22826]  __do_page_fault+0x536/0xdd0
[  793.228838][T22826]  do_page_fault+0x38/0x590
10:30:05 executing program 4:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x48, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x81}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1f}]}, 0x48}, 0x1, 0x0, 0x0, 0x8515486732c304de}, 0x40000080)

[  793.228854][T22826]  page_fault+0x39/0x40
[  793.228869][T22826] RIP: 0033:0x431026
[  793.240182][T22826] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  793.240190][T22826] RSP: 002b:00007ffc898580e0 EFLAGS: 00010206
[  793.240201][T22826] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  793.240209][T22826] RDX: 000000000279f930 RSI: 00000000027a7970 RDI: 0000000000000003
[  793.240218][T22826] RBP: 0000000000008041 R08: 0000000000000001 R09: 000000000279e940
[  793.240226][T22826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  793.240234][T22826] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  793.253861][T22826] memory: usage 716kB, limit 0kB, failcnt 486
[  793.261097][T22846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  793.274687][T22826] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  793.307579][T22826] Memory cgroup stats for /syz3:
[  793.307695][T22826] anon 53248
[  793.307695][T22826] file 118784
[  793.307695][T22826] kernel_stack 0
[  793.307695][T22826] slab 827392
[  793.307695][T22826] sock 81920
[  793.307695][T22826] shmem 24576
[  793.307695][T22826] file_mapped 0
[  793.307695][T22826] file_dirty 135168
[  793.307695][T22826] file_writeback 0
[  793.307695][T22826] anon_thp 0
[  793.307695][T22826] inactive_anon 0
[  793.307695][T22826] active_anon 53248
[  793.307695][T22826] inactive_file 98304
[  793.307695][T22826] active_file 0
[  793.307695][T22826] unevictable 135168
[  793.307695][T22826] slab_reclaimable 270336
[  793.307695][T22826] slab_unreclaimable 557056
[  793.307695][T22826] pgfault 58971
[  793.307695][T22826] pgmajfault 0
[  793.307695][T22826] workingset_refault 0
[  793.307695][T22826] workingset_activate 0
[  793.307695][T22826] workingset_nodereclaim 0
[  793.307695][T22826] pgrefill 8688
[  793.307695][T22826] pgscan 40160
[  793.307695][T22826] pgsteal 9652
[  793.307695][T22826] pgactivate 11286
10:30:05 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8035}, 0x0)

[  793.327574][T22826] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22826,uid=0
[  793.341000][T22826] Memory cgroup out of memory: Killed process 22826 (syz-executor.3) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  793.352360][    C0] net_ratelimit: 6 callbacks suppressed
[  793.352368][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  793.361888][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:30:06 executing program 4:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x48, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x81}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1f}]}, 0x48}, 0x1, 0x0, 0x0, 0x8515486732c304de}, 0x40000080)

[  793.418185][ T1070] oom_reaper: reaped process 22826 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  793.677206][T22846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
10:30:06 executing program 4:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x48, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x81}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1f}]}, 0x48}, 0x1, 0x0, 0x0, 0x8515486732c304de}, 0x40000080)

[  794.031116][T22848] device hsr_slave_0 entered promiscuous mode
[  794.088194][T22848] device hsr_slave_1 entered promiscuous mode
[  794.118459][T22848] debugfs: Directory 'hsr0' with parent '/' already present!
[  794.208412][T22846] team0: Port device team_slave_0 added
[  794.230077][T22846] team0: Port device team_slave_1 added
[  794.330755][T22846] device hsr_slave_0 entered promiscuous mode
[  794.377912][T22846] device hsr_slave_1 entered promiscuous mode
[  794.437793][T22846] debugfs: Directory 'hsr0' with parent '/' already present!
[  794.500612][T11615] device bridge_slave_1 left promiscuous mode
[  794.506838][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  794.568878][T11615] device bridge_slave_0 left promiscuous mode
[  794.575138][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  794.640163][T11615] device bridge_slave_1 left promiscuous mode
[  794.646393][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  794.698946][T11615] device bridge_slave_0 left promiscuous mode
[  794.705187][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  794.759764][T11615] device bridge_slave_1 left promiscuous mode
[  794.765988][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  794.808564][T11615] device bridge_slave_0 left promiscuous mode
[  794.814886][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  794.884271][T11615] device bridge_slave_1 left promiscuous mode
[  794.890998][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  794.948481][T11615] device bridge_slave_0 left promiscuous mode
[  794.954732][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.898172][T11615] device hsr_slave_0 left promiscuous mode
[  802.948667][T11615] device hsr_slave_1 left promiscuous mode
[  803.009666][T11615] team0 (unregistering): Port device team_slave_1 removed
[  803.023286][T11615] team0 (unregistering): Port device team_slave_0 removed
[  803.035934][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.085188][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.189736][T11615] bond0 (unregistering): Released all slaves
[  803.338540][T11615] device hsr_slave_0 left promiscuous mode
[  803.407731][T11615] device hsr_slave_1 left promiscuous mode
[  803.475496][T11615] team0 (unregistering): Port device team_slave_1 removed
[  803.490351][T11615] team0 (unregistering): Port device team_slave_0 removed
[  803.501912][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.552278][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.657581][T11615] bond0 (unregistering): Released all slaves
[  803.798144][T11615] device hsr_slave_0 left promiscuous mode
[  803.847771][T11615] device hsr_slave_1 left promiscuous mode
[  803.901925][T11615] team0 (unregistering): Port device team_slave_1 removed
[  803.915641][T11615] team0 (unregistering): Port device team_slave_0 removed
[  803.929163][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.975574][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  804.069683][T11615] bond0 (unregistering): Released all slaves
[  804.198406][T11615] device hsr_slave_0 left promiscuous mode
[  804.267778][T11615] device hsr_slave_1 left promiscuous mode
[  804.334759][T11615] team0 (unregistering): Port device team_slave_1 removed
[  804.348943][T11615] team0 (unregistering): Port device team_slave_0 removed
[  804.361425][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  804.411744][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  804.506691][T11615] bond0 (unregistering): Released all slaves
[  804.622792][T22848] 8021q: adding VLAN 0 to HW filter on device bond0
[  804.646094][T22848] 8021q: adding VLAN 0 to HW filter on device team0
[  804.655570][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  804.664312][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  804.679207][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  804.688256][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  804.696602][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  804.703710][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  804.732436][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  804.741129][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  804.749833][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  804.758623][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state
[  804.765657][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  804.773929][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  804.786805][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  804.816386][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  804.825964][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  804.834782][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  804.843756][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  804.852549][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  804.861356][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  804.875247][T22848] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  804.887083][T22848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  804.904653][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  804.913927][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  804.922619][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  804.943188][T22846] 8021q: adding VLAN 0 to HW filter on device bond0
[  804.959288][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  804.967033][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  804.978596][T22848] 8021q: adding VLAN 0 to HW filter on device batadv0
[  804.988410][T22846] 8021q: adding VLAN 0 to HW filter on device team0
[  804.999232][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  805.015386][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  805.023971][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[  805.031075][T14992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  805.040091][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  805.065193][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  805.074429][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  805.083154][T20282] bridge0: port 2(bridge_slave_1) entered blocking state
[  805.090276][T20282] bridge0: port 2(bridge_slave_1) entered forwarding state
[  805.098089][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  805.106610][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  805.126563][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  805.135354][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  805.143879][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  805.152756][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  805.161266][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  805.170162][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  805.196377][T22846] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  805.209822][T22846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  805.219959][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  805.235089][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  805.243964][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  805.282656][T22846] 8021q: adding VLAN 0 to HW filter on device batadv0
[  805.591151][T22906] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  805.601510][T22906] CPU: 1 PID: 22906 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  805.609449][T22906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  805.619521][T22906] Call Trace:
[  805.622808][T22906]  dump_stack+0x172/0x1f0
[  805.627132][T22906]  dump_header+0x10b/0x82d
[  805.632251][T22906]  oom_kill_process.cold+0x10/0x15
[  805.637356][T22906]  out_of_memory+0x334/0x1340
[  805.642020][T22906]  ? __sched_text_start+0x8/0x8
[  805.646868][T22906]  ? oom_killer_disable+0x280/0x280
[  805.652067][T22906]  mem_cgroup_out_of_memory+0x1d8/0x240
[  805.657598][T22906]  ? memcg_stat_show+0xc40/0xc40
[  805.662553][T22906]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  805.668378][T22906]  ? cgroup_file_notify+0x140/0x1b0
[  805.673590][T22906]  memory_max_write+0x262/0x3a0
[  805.678454][T22906]  ? mem_cgroup_write+0x370/0x370
[  805.683479][T22906]  ? lock_acquire+0x190/0x410
[  805.688202][T22906]  ? kernfs_fop_write+0x227/0x480
[  805.693219][T22906]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  805.698758][T22906]  cgroup_file_write+0x241/0x790
[  805.703758][T22906]  ? mem_cgroup_write+0x370/0x370
[  805.708772][T22906]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  805.714411][T22906]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  805.720036][T22906]  kernfs_fop_write+0x2b8/0x480
[  805.724873][T22906]  __vfs_write+0x8a/0x110
[  805.729190][T22906]  ? kernfs_fop_open+0xd80/0xd80
[  805.734116][T22906]  __kernel_write+0x11b/0x3b0
[  805.738791][T22906]  write_pipe_buf+0x15d/0x1f0
[  805.743479][T22906]  ? do_splice_direct+0x2a0/0x2a0
[  805.748518][T22906]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  805.754752][T22906]  ? splice_from_pipe_next.part.0+0x262/0x300
[  805.760864][T22906]  __splice_from_pipe+0x397/0x7d0
[  805.765908][T22906]  ? do_splice_direct+0x2a0/0x2a0
[  805.771018][T22906]  ? do_splice_direct+0x2a0/0x2a0
[  805.776109][T22906]  splice_from_pipe+0x108/0x170
[  805.781075][T22906]  ? splice_shrink_spd+0xd0/0xd0
[  805.786244][T22906]  ? security_file_permission+0x8f/0x380
[  805.791941][T22906]  default_file_splice_write+0x3c/0x90
[  805.797522][T22906]  ? generic_splice_sendpage+0x50/0x50
[  805.803053][T22906]  direct_splice_actor+0x123/0x190
[  805.808371][T22906]  splice_direct_to_actor+0x366/0x970
[  805.813745][T22906]  ? generic_pipe_buf_nosteal+0x10/0x10
[  805.819572][T22906]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  805.825819][T22906]  ? do_splice_to+0x180/0x180
[  805.830491][T22906]  ? rw_verify_area+0x126/0x360
[  805.835398][T22906]  do_splice_direct+0x1da/0x2a0
[  805.840277][T22906]  ? splice_direct_to_actor+0x970/0x970
[  805.846189][T22906]  ? rcu_read_lock_any_held+0xcd/0xf0
[  805.851563][T22906]  ? __this_cpu_preempt_check+0x3a/0x210
[  805.857367][T22906]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  805.863730][T22906]  ? __sb_start_write+0x1e5/0x460
[  805.868820][T22906]  do_sendfile+0x597/0xd00
[  805.873322][T22906]  ? do_compat_pwritev64+0x1c0/0x1c0
[  805.878603][T22906]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  805.884848][T22906]  ? put_timespec64+0xda/0x140
[  805.889623][T22906]  __x64_sys_sendfile64+0x1dd/0x220
[  805.894818][T22906]  ? __ia32_sys_sendfile+0x230/0x230
[  805.900197][T22906]  ? do_syscall_64+0x26/0x760
[  805.904865][T22906]  ? lockdep_hardirqs_on+0x421/0x5e0
[  805.910141][T22906]  ? trace_hardirqs_on+0x67/0x240
[  805.915157][T22906]  do_syscall_64+0xfa/0x760
[  805.919829][T22906]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  805.925757][T22906] RIP: 0033:0x459f49
[  805.929656][T22906] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  805.949339][T22906] RSP: 002b:00007f173e53ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  805.957746][T22906] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  805.965736][T22906] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  805.973709][T22906] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  805.981716][T22906] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f173e53f6d4
[  805.989727][T22906] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  806.005098][T22906] memory: usage 1980kB, limit 0kB, failcnt 236
[  806.017387][T22906] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  806.024698][T22906] Memory cgroup stats for /syz2:
[  806.024812][T22906] anon 266240
[  806.024812][T22906] file 0
[  806.024812][T22906] kernel_stack 131072
[  806.024812][T22906] slab 1597440
[  806.024812][T22906] sock 4096
[  806.024812][T22906] shmem 20480
[  806.024812][T22906] file_mapped 135168
[  806.024812][T22906] file_dirty 0
[  806.024812][T22906] file_writeback 0
[  806.024812][T22906] anon_thp 0
[  806.024812][T22906] inactive_anon 90112
[  806.024812][T22906] active_anon 266240
[  806.024812][T22906] inactive_file 0
[  806.024812][T22906] active_file 176128
[  806.024812][T22906] unevictable 0
[  806.024812][T22906] slab_reclaimable 946176
[  806.024812][T22906] slab_unreclaimable 651264
[  806.024812][T22906] pgfault 64812
[  806.024812][T22906] pgmajfault 0
[  806.024812][T22906] workingset_refault 0
[  806.024812][T22906] workingset_activate 0
[  806.024812][T22906] workingset_nodereclaim 0
[  806.024812][T22906] pgrefill 13533
[  806.024812][T22906] pgscan 22260
[  806.024812][T22906] pgsteal 3058
[  806.024812][T22906] pgactivate 13497
[  806.121865][T22906] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22846,uid=0
[  806.137561][T22906] Memory cgroup out of memory: Killed process 22846 (syz-executor.2) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:0
[  806.158056][ T1070] oom_reaper: reaped process 22846 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  806.163963][T22906] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  806.180989][T22906] CPU: 1 PID: 22906 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  806.188903][T22906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  806.199039][T22906] Call Trace:
[  806.202383][T22906]  dump_stack+0x172/0x1f0
[  806.206704][T22906]  dump_header+0x10b/0x82d
[  806.211110][T22906]  oom_kill_process.cold+0x10/0x15
[  806.216321][T22906]  out_of_memory+0x334/0x1340
[  806.221016][T22906]  ? __sched_text_start+0x8/0x8
[  806.225885][T22906]  ? oom_killer_disable+0x280/0x280
[  806.231085][T22906]  mem_cgroup_out_of_memory+0x1d8/0x240
[  806.236619][T22906]  ? memcg_stat_show+0xc40/0xc40
[  806.241579][T22906]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  806.247376][T22906]  ? cgroup_file_notify+0x140/0x1b0
[  806.252564][T22906]  memory_max_write+0x262/0x3a0
[  806.257444][T22906]  ? mem_cgroup_write+0x370/0x370
[  806.262491][T22906]  ? lock_acquire+0x190/0x410
[  806.267153][T22906]  ? kernfs_fop_write+0x227/0x480
[  806.272252][T22906]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  806.277819][T22906]  cgroup_file_write+0x241/0x790
[  806.282742][T22906]  ? mem_cgroup_write+0x370/0x370
[  806.287781][T22906]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  806.293429][T22906]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  806.299046][T22906]  kernfs_fop_write+0x2b8/0x480
[  806.303888][T22906]  __vfs_write+0x8a/0x110
[  806.308273][T22906]  ? kernfs_fop_open+0xd80/0xd80
[  806.313235][T22906]  __kernel_write+0x11b/0x3b0
[  806.317903][T22906]  write_pipe_buf+0x15d/0x1f0
[  806.322596][T22906]  ? do_splice_direct+0x2a0/0x2a0
[  806.327606][T22906]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  806.333829][T22906]  ? splice_from_pipe_next.part.0+0x262/0x300
[  806.339919][T22906]  __splice_from_pipe+0x397/0x7d0
[  806.344929][T22906]  ? do_splice_direct+0x2a0/0x2a0
[  806.349941][T22906]  ? do_splice_direct+0x2a0/0x2a0
[  806.355254][T22906]  splice_from_pipe+0x108/0x170
[  806.360653][T22906]  ? splice_shrink_spd+0xd0/0xd0
[  806.365591][T22906]  ? security_file_permission+0x8f/0x380
[  806.371221][T22906]  default_file_splice_write+0x3c/0x90
[  806.376664][T22906]  ? generic_splice_sendpage+0x50/0x50
[  806.382110][T22906]  direct_splice_actor+0x123/0x190
[  806.387253][T22906]  splice_direct_to_actor+0x366/0x970
[  806.392640][T22906]  ? generic_pipe_buf_nosteal+0x10/0x10
[  806.398179][T22906]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  806.404408][T22906]  ? do_splice_to+0x180/0x180
[  806.409110][T22906]  ? rw_verify_area+0x126/0x360
[  806.413947][T22906]  do_splice_direct+0x1da/0x2a0
[  806.418785][T22906]  ? splice_direct_to_actor+0x970/0x970
[  806.424355][T22906]  ? rcu_read_lock_any_held+0xcd/0xf0
[  806.429753][T22906]  ? __this_cpu_preempt_check+0x3a/0x210
[  806.435374][T22906]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  806.441604][T22906]  ? __sb_start_write+0x1e5/0x460
[  806.446656][T22906]  do_sendfile+0x597/0xd00
[  806.451064][T22906]  ? do_compat_pwritev64+0x1c0/0x1c0
[  806.456339][T22906]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  806.462601][T22906]  ? put_timespec64+0xda/0x140
[  806.467357][T22906]  __x64_sys_sendfile64+0x1dd/0x220
[  806.472543][T22906]  ? __ia32_sys_sendfile+0x230/0x230
[  806.477958][T22906]  ? do_syscall_64+0x26/0x760
[  806.482827][T22906]  ? lockdep_hardirqs_on+0x421/0x5e0
[  806.488198][T22906]  ? trace_hardirqs_on+0x67/0x240
[  806.493237][T22906]  do_syscall_64+0xfa/0x760
[  806.497889][T22906]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  806.503982][T22906] RIP: 0033:0x459f49
[  806.507899][T22906] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  806.527508][T22906] RSP: 002b:00007f173e53ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  806.536030][T22906] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  806.544001][T22906] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  806.551961][T22906] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  806.559942][T22906] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f173e53f6d4
[  806.567899][T22906] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  806.589891][T22906] memory: usage 1812kB, limit 0kB, failcnt 236
[  806.596157][T22906] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  806.603111][T22906] Memory cgroup stats for /syz2:
[  806.603226][T22906] anon 266240
[  806.603226][T22906] file 0
[  806.603226][T22906] kernel_stack 65536
[  806.603226][T22906] slab 1597440
[  806.603226][T22906] sock 4096
[  806.603226][T22906] shmem 20480
[  806.603226][T22906] file_mapped 135168
[  806.603226][T22906] file_dirty 0
[  806.603226][T22906] file_writeback 0
[  806.603226][T22906] anon_thp 0
[  806.603226][T22906] inactive_anon 90112
[  806.603226][T22906] active_anon 266240
[  806.603226][T22906] inactive_file 90112
[  806.603226][T22906] active_file 176128
[  806.603226][T22906] unevictable 0
[  806.603226][T22906] slab_reclaimable 946176
[  806.603226][T22906] slab_unreclaimable 651264
[  806.603226][T22906] pgfault 64845
[  806.603226][T22906] pgmajfault 0
[  806.603226][T22906] workingset_refault 0
[  806.603226][T22906] workingset_activate 0
[  806.603226][T22906] workingset_nodereclaim 0
[  806.603226][T22906] pgrefill 13533
[  806.603226][T22906] pgscan 22260
[  806.603226][T22906] pgsteal 3058
[  806.603247][T22906] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22904,uid=0
[  806.603356][T22906] Memory cgroup out of memory: Killed process 22906 (syz-executor.2) total-vm:72984kB, anon-rss:164kB, file-rss:35896kB, shmem-rss:0kB, UID:0 pgtables:151552kB oom_score_adj:1000
10:30:19 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:19 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x1b1, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000230047faffffff00000000000400000204001000b115f8b9207ac3d78578125082f4fcc477cb57f5650731dfaf12ea77ad43cb08000000a9fdd6c1610c621c85fe3e348527b05e5d71460af16b42bede5105ec4fde821ef57e8d4306f47f6ea4a656379a221558fa14efab3bbee029931fb8632ddc0548f9f44600ac8213ab718c023043c0a073b4862e0ca9e03a0353a7aeefd2f2"], 0x18}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3)
connect$bt_l2cap(r1, &(0x7f0000000080), 0xe)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080), 0xe)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00', <r2=>0x0})
r3 = getuid()
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote, 0x4e22, 0x2, 0x4e23, 0x9, 0xfe9f605bfab53419, 0x20, 0x20, 0x0, r2, r3}, {0x0, 0x3, 0x8, 0x8000, 0x0, 0x0, 0xffffffffffffff80}, {0x401, 0x9}, 0xbaa, 0x6e6bbb, 0x2, 0x1, 0x0, 0x1}, {{@in6=@remote, 0x4cf, 0x3c}, 0xa, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4}}, 0xe8)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl(r4, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000017c0)={{{@in6=@empty, @in6=@loopback}}, {{@in=@loopback}, 0x0, @in6=@initdev}}, &(0x7f00000004c0)=0xe8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
splice(r7, 0x0, r5, 0x0, 0x80000001, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
r10 = accept4(r9, 0x0, 0x0, 0x0)
splice(r10, 0x0, r8, 0x0, 0x80000001, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000002040)={{{@in6=@remote, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000500)=0xffffff8e)
getuid()
r11 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r11, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r11, 0x0)
socket$unix(0x1, 0x0, 0x0)
connect(0xffffffffffffffff, &(0x7f0000931ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
gettid()
gettid()
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0xb00000000065808, 0x0)
sendmsg$nl_generic(r12, 0x0, 0x0)
gettid()
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0))
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00', <r13=>0x0})
r14 = getuid()
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in=@local, @in6=@remote, 0x0, 0x0, 0x4e23, 0x9, 0xfe9f605bfab53419, 0x20, 0x20, 0x8, r13, r14}, {0x0, 0x3, 0x8}, {0x401, 0x9}, 0xbaa, 0x0, 0x2, 0x1, 0x0, 0x1}, {{@in6=@remote, 0x4d2}, 0xa, @in6=@remote, 0x3501, 0x0, 0x1}}, 0xe8)
r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0)
write$binfmt_script(r15, &(0x7f0000000040)=ANY=[], 0x6db6e559)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r15, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x6db6e559)
r16 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r16, 0x10, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000006, 0x10012, r16, 0x0)
close(r0)

10:30:19 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x48, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x81}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1f}]}, 0x48}, 0x1, 0x0, 0x0, 0x8515486732c304de}, 0x40000080)

10:30:19 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:19 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8100}, 0x0)

10:30:19 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffc8f)
r2 = accept4(0xffffffffffffffff, &(0x7f0000000240)=@un=@abs, &(0x7f0000000040)=0x80, 0x800)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000340)={<r3=>0x0, 0x305}, &(0x7f0000000380)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000003c0)={0x4c7, 0x8008, 0xa15, 0xabdb, r3}, &(0x7f0000000400)=0x10)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x100000000ffe0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r5, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b00")
ioctl$sock_ifreq(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', @ifru_settings={0x1, 0x0, @fr_pvc=&(0x7f00000002c0)}})
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe8")
ioctl$sock_inet_SIOCGIFPFLAGS(r4, 0x8935, &(0x7f0000000200)={'vcan0\x00'})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0xb00000000065808, 0x0)
socket$isdn(0x22, 0x3, 0x11)
setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
bind$bt_sco(r0, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2d, &(0x7f00000000c0)=0xfff, 0x4)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f00000001c0))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
write$cgroup_subtree(r9, &(0x7f0000000000)={[{0x0, 'memory'}]}, 0x3ff800)
sendfile(r8, r6, 0x0, 0xffffffff800)
ioctl(0xffffffffffffffff, 0x1000008912, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
socketpair(0xa, 0xc09c6c1b1998f6ca, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r10, 0x6, 0x14, 0x0, 0x0)

[  807.017686][   T26] audit: type=1804 audit(1572345019.403:220): pid=22918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir999125647/syzkaller.mcmvEm/1/memory.events" dev="sda1" ino=16581 res=1
10:30:19 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  807.103214][   T26] audit: type=1800 audit(1572345019.403:221): pid=22918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=16581 res=0
10:30:19 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x48, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x81}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1f}]}, 0x48}, 0x1, 0x0, 0x0, 0x8515486732c304de}, 0x40000080)

[  807.174145][   T26] audit: type=1804 audit(1572345019.413:222): pid=22918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir999125647/syzkaller.mcmvEm/1/memory.events" dev="sda1" ino=16581 res=1
[  807.199694][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  807.199735][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:30:19 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8847}, 0x0)

[  807.293555][   T26] audit: type=1804 audit(1572345019.413:223): pid=22918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir999125647/syzkaller.mcmvEm/1/memory.events" dev="sda1" ino=16581 res=1
[  807.436694][   T26] audit: type=1804 audit(1572345019.793:224): pid=22921 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir999125647/syzkaller.mcmvEm/1/memory.events" dev="sda1" ino=16581 res=1
10:30:19 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  807.520797][   T26] audit: type=1800 audit(1572345019.793:225): pid=22921 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=16581 res=0
[  807.520823][   T26] audit: type=1804 audit(1572345019.793:226): pid=22929 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir999125647/syzkaller.mcmvEm/1/memory.events" dev="sda1" ino=16581 res=1
[  807.520843][   T26] audit: type=1804 audit(1572345019.803:227): pid=22918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir999125647/syzkaller.mcmvEm/1/memory.events" dev="sda1" ino=16581 res=1
10:30:20 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x48, r3, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x81}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1f}]}, 0x48}, 0x1, 0x0, 0x0, 0x8515486732c304de}, 0x40000080)

10:30:20 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8848}, 0x0)

10:30:20 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x1b1, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000230047faffffff00000000000400000204001000b115f8b9207ac3d78578125082f4fcc477cb57f5650731dfaf12ea77ad43cb08000000a9fdd6c1610c621c85fe3e348527b05e5d71460af16b42bede5105ec4fde821ef57e8d4306f47f6ea4a656379a221558fa14efab3bbee029931fb8632ddc0548f9f44600ac8213ab718c023043c0a073b4862e0ca9e03a0353a7aeefd2f2"], 0x18}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3)
connect$bt_l2cap(r1, &(0x7f0000000080), 0xe)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080), 0xe)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00', <r2=>0x0})
r3 = getuid()
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote, 0x4e22, 0x2, 0x4e23, 0x9, 0xfe9f605bfab53419, 0x20, 0x20, 0x0, r2, r3}, {0x0, 0x3, 0x8, 0x8000, 0x0, 0x0, 0xffffffffffffff80}, {0x401, 0x9}, 0xbaa, 0x6e6bbb, 0x2, 0x1, 0x0, 0x1}, {{@in6=@remote, 0x4cf, 0x3c}, 0xa, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4}}, 0xe8)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl(r4, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000017c0)={{{@in6=@empty, @in6=@loopback}}, {{@in=@loopback}, 0x0, @in6=@initdev}}, &(0x7f00000004c0)=0xe8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
splice(r7, 0x0, r5, 0x0, 0x80000001, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
r10 = accept4(r9, 0x0, 0x0, 0x0)
splice(r10, 0x0, r8, 0x0, 0x80000001, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000002040)={{{@in6=@remote, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000500)=0xffffff8e)
getuid()
r11 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r11, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r11, 0x0)
socket$unix(0x1, 0x0, 0x0)
connect(0xffffffffffffffff, &(0x7f0000931ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
gettid()
gettid()
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0xb00000000065808, 0x0)
sendmsg$nl_generic(r12, 0x0, 0x0)
gettid()
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0))
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00', <r13=>0x0})
r14 = getuid()
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in=@local, @in6=@remote, 0x0, 0x0, 0x4e23, 0x9, 0xfe9f605bfab53419, 0x20, 0x20, 0x8, r13, r14}, {0x0, 0x3, 0x8}, {0x401, 0x9}, 0xbaa, 0x0, 0x2, 0x1, 0x0, 0x1}, {{@in6=@remote, 0x4d2}, 0xa, @in6=@remote, 0x3501, 0x0, 0x1}}, 0xe8)
r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0)
write$binfmt_script(r15, &(0x7f0000000040)=ANY=[], 0x6db6e559)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r15, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x6db6e559)
r16 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r16, 0x10, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000006, 0x10012, r16, 0x0)
close(r0)

10:30:20 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f0000000380)=0x4)

[  808.051930][T22941] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  808.093454][T22941] CPU: 0 PID: 22941 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  808.101395][T22941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  808.111561][T22941] Call Trace:
[  808.111587][T22941]  dump_stack+0x172/0x1f0
[  808.111609][T22941]  dump_header+0x10b/0x82d
[  808.111627][T22941]  oom_kill_process.cold+0x10/0x15
[  808.111648][T22941]  out_of_memory+0x334/0x1340
[  808.111666][T22941]  ? __sched_text_start+0x8/0x8
[  808.111682][T22941]  ? oom_killer_disable+0x280/0x280
[  808.111707][T22941]  mem_cgroup_out_of_memory+0x1d8/0x240
[  808.111722][T22941]  ? memcg_stat_show+0xc40/0xc40
[  808.111741][T22941]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  808.111762][T22941]  ? cgroup_file_notify+0x140/0x1b0
[  808.128889][T22941]  memory_max_write+0x262/0x3a0
[  808.128907][T22941]  ? mem_cgroup_write+0x370/0x370
[  808.128922][T22941]  ? lock_acquire+0x190/0x410
[  808.128937][T22941]  ? kernfs_fop_write+0x227/0x480
[  808.128953][T22941]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  808.128973][T22941]  cgroup_file_write+0x241/0x790
[  808.128987][T22941]  ? mem_cgroup_write+0x370/0x370
[  808.129002][T22941]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  808.129027][T22941]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  808.138552][T22941]  kernfs_fop_write+0x2b8/0x480
[  808.138572][T22941]  __vfs_write+0x8a/0x110
[  808.138587][T22941]  ? kernfs_fop_open+0xd80/0xd80
[  808.138603][T22941]  __kernel_write+0x11b/0x3b0
[  808.138622][T22941]  write_pipe_buf+0x15d/0x1f0
[  808.138644][T22941]  ? do_splice_direct+0x2a0/0x2a0
10:30:20 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8864}, 0x0)

[  808.138662][T22941]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  808.138681][T22941]  ? splice_from_pipe_next.part.0+0x262/0x300
[  808.154357][T22941]  __splice_from_pipe+0x397/0x7d0
[  808.165407][T22941]  ? do_splice_direct+0x2a0/0x2a0
[  808.165433][T22941]  ? do_splice_direct+0x2a0/0x2a0
[  808.165452][T22941]  splice_from_pipe+0x108/0x170
[  808.175440][T22941]  ? splice_shrink_spd+0xd0/0xd0
[  808.190831][T22941]  ? security_file_permission+0x8f/0x380
[  808.190852][T22941]  default_file_splice_write+0x3c/0x90
[  808.190863][T22941]  ? generic_splice_sendpage+0x50/0x50
[  808.190880][T22941]  direct_splice_actor+0x123/0x190
[  808.190897][T22941]  splice_direct_to_actor+0x366/0x970
[  808.190916][T22941]  ? generic_pipe_buf_nosteal+0x10/0x10
[  808.190937][T22941]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  808.190951][T22941]  ? do_splice_to+0x180/0x180
[  808.190969][T22941]  ? rw_verify_area+0x126/0x360
[  808.206624][T22941]  do_splice_direct+0x1da/0x2a0
[  808.206645][T22941]  ? splice_direct_to_actor+0x970/0x970
[  808.206665][T22941]  ? rcu_read_lock_any_held+0xcd/0xf0
[  808.217146][T22941]  ? __this_cpu_preempt_check+0x3a/0x210
[  808.217167][T22941]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  808.217184][T22941]  ? __sb_start_write+0x1e5/0x460
[  808.217201][T22941]  do_sendfile+0x597/0xd00
[  808.231108][T22941]  ? do_compat_pwritev64+0x1c0/0x1c0
[  808.231126][T22941]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  808.231143][T22941]  ? put_timespec64+0xda/0x140
[  808.231169][T22941]  __x64_sys_sendfile64+0x1dd/0x220
[  808.231185][T22941]  ? __ia32_sys_sendfile+0x230/0x230
[  808.231199][T22941]  ? do_syscall_64+0x26/0x760
[  808.231214][T22941]  ? lockdep_hardirqs_on+0x421/0x5e0
[  808.231228][T22941]  ? trace_hardirqs_on+0x67/0x240
[  808.231247][T22941]  do_syscall_64+0xfa/0x760
[  808.231266][T22941]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  808.231276][T22941] RIP: 0033:0x459f49
[  808.231291][T22941] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  808.231298][T22941] RSP: 002b:00007feb52c2cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  808.231311][T22941] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  808.231320][T22941] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  808.231327][T22941] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  808.231335][T22941] R10: 0000000020000022 R11: 0000000000000246 R12: 00007feb52c2d6d4
[  808.231343][T22941] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  808.260506][T22941] memory: usage 2604kB, limit 0kB, failcnt 175
[  808.269108][T22941] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  808.285736][T22941] Memory cgroup stats for /syz5:
[  808.285850][T22941] anon 294912
[  808.285850][T22941] file 40960
[  808.285850][T22941] kernel_stack 131072
[  808.285850][T22941] slab 2183168
[  808.285850][T22941] sock 0
[  808.285850][T22941] shmem 143360
[  808.285850][T22941] file_mapped 135168
[  808.285850][T22941] file_dirty 0
[  808.285850][T22941] file_writeback 0
[  808.285850][T22941] anon_thp 0
[  808.285850][T22941] inactive_anon 0
[  808.285850][T22941] active_anon 208896
[  808.285850][T22941] inactive_file 0
[  808.285850][T22941] active_file 110592
[  808.285850][T22941] unevictable 135168
[  808.285850][T22941] slab_reclaimable 946176
[  808.285850][T22941] slab_unreclaimable 1236992
[  808.285850][T22941] pgfault 54252
[  808.285850][T22941] pgmajfault 0
[  808.285850][T22941] workingset_refault 0
[  808.285850][T22941] workingset_activate 0
[  808.285850][T22941] workingset_nodereclaim 0
[  808.285850][T22941] pgrefill 6786
[  808.285850][T22941] pgscan 19572
[  808.285850][T22941] pgsteal 5339
[  808.443987][T22941] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=22848,uid=0
[  808.538355][T22941] Memory cgroup out of memory: Killed process 22848 (syz-executor.5) total-vm:72452kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  808.636855][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  808.636905][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  808.650863][ T1070] oom_reaper: reaped process 22848 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  809.236198][T22976] IPVS: ftp: loaded support on port[0] = 21
[  809.237441][T22977] IPVS: ftp: loaded support on port[0] = 21
[  809.461973][T22977] chnl_net:caif_netlink_parms(): no params data found
[  809.552686][T22977] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.575738][T22977] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.598606][T22977] device bridge_slave_0 entered promiscuous mode
[  809.606854][T22977] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.627639][T22977] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.635986][T22977] device bridge_slave_1 entered promiscuous mode
[  809.688482][T22977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  809.706938][T22977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  809.768611][T22976] chnl_net:caif_netlink_parms(): no params data found
[  809.780081][T22977] team0: Port device team_slave_0 added
[  809.816995][T22977] team0: Port device team_slave_1 added
[  809.825444][T22976] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.834057][T22976] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.848828][T22976] device bridge_slave_0 entered promiscuous mode
[  809.858547][T22976] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.865689][T22976] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.874256][T22976] device bridge_slave_1 entered promiscuous mode
[  809.916535][T22976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  809.970494][T22977] device hsr_slave_0 entered promiscuous mode
[  810.016338][T22977] device hsr_slave_1 entered promiscuous mode
[  810.069464][T22976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  810.123624][T22977] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.130775][T22977] bridge0: port 2(bridge_slave_1) entered forwarding state
[  810.138198][T22977] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.145393][T22977] bridge0: port 1(bridge_slave_0) entered forwarding state
[  810.168016][T22976] team0: Port device team_slave_0 added
[  810.176739][T22976] team0: Port device team_slave_1 added
[  810.270826][T22976] device hsr_slave_0 entered promiscuous mode
[  810.308171][T22976] device hsr_slave_1 entered promiscuous mode
[  810.357793][T22976] debugfs: Directory 'hsr0' with parent '/' already present!
[  810.368001][T20146] bridge0: port 1(bridge_slave_0) entered disabled state
[  810.376048][T20146] bridge0: port 2(bridge_slave_1) entered disabled state
[  810.456402][T22977] 8021q: adding VLAN 0 to HW filter on device bond0
[  810.495359][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  810.505086][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  810.517093][T22977] 8021q: adding VLAN 0 to HW filter on device team0
[  810.541320][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  810.550524][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  810.559278][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.566497][ T8841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  810.588090][T22976] 8021q: adding VLAN 0 to HW filter on device bond0
[  810.595472][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  810.613828][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  810.624315][T19895] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.631483][T19895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  810.640293][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  810.649374][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  810.669182][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  810.678999][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  810.697869][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  810.706707][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  810.716388][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  810.725426][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  810.740217][T22977] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  810.753076][T22977] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  810.766357][T22976] 8021q: adding VLAN 0 to HW filter on device team0
[  810.785170][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  810.808342][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  810.816338][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  810.826314][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  810.836372][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  810.868253][T22977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  810.887974][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  810.906021][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  810.915069][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.922238][ T8841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  810.948857][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  810.980394][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  810.990081][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  811.009685][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.016793][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  811.050529][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  811.068578][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  811.077385][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  811.094487][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  811.106696][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  811.137060][T22976] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  811.149082][T22976] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  811.176946][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  811.204928][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  811.235863][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  811.265369][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  811.274852][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  811.283834][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  811.303989][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  811.330704][T22976] 8021q: adding VLAN 0 to HW filter on device batadv0
[  811.606499][T23001] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  811.651518][T23001] CPU: 1 PID: 23001 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  811.659722][T23001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  811.670227][T23001] Call Trace:
[  811.673534][T23001]  dump_stack+0x172/0x1f0
[  811.677879][T23001]  dump_header+0x10b/0x82d
[  811.682301][T23001]  oom_kill_process.cold+0x10/0x15
[  811.687420][T23001]  out_of_memory+0x334/0x1340
[  811.692111][T23001]  ? __sched_text_start+0x8/0x8
[  811.697054][T23001]  ? oom_killer_disable+0x280/0x280
[  811.702292][T23001]  mem_cgroup_out_of_memory+0x1d8/0x240
[  811.707851][T23001]  ? memcg_stat_show+0xc40/0xc40
[  811.712797][T23001]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  811.718607][T23001]  ? cgroup_file_notify+0x140/0x1b0
[  811.723824][T23001]  memory_max_write+0x262/0x3a0
[  811.728679][T23001]  ? mem_cgroup_write+0x370/0x370
[  811.733793][T23001]  ? lock_acquire+0x190/0x410
[  811.738471][T23001]  ? kernfs_fop_write+0x227/0x480
[  811.743496][T23001]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  811.749047][T23001]  cgroup_file_write+0x241/0x790
[  811.753988][T23001]  ? mem_cgroup_write+0x370/0x370
[  811.759015][T23001]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  811.764660][T23001]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  811.770301][T23001]  kernfs_fop_write+0x2b8/0x480
[  811.775168][T23001]  __vfs_write+0x8a/0x110
[  811.779503][T23001]  ? kernfs_fop_open+0xd80/0xd80
[  811.784515][T23001]  __kernel_write+0x11b/0x3b0
[  811.789228][T23001]  write_pipe_buf+0x15d/0x1f0
[  811.793920][T23001]  ? do_splice_direct+0x2a0/0x2a0
[  811.798985][T23001]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  811.805225][T23001]  ? splice_from_pipe_next.part.0+0x262/0x300
[  811.811295][T23001]  __splice_from_pipe+0x397/0x7d0
[  811.816313][T23001]  ? do_splice_direct+0x2a0/0x2a0
[  811.821324][T23001]  ? do_splice_direct+0x2a0/0x2a0
[  811.826335][T23001]  splice_from_pipe+0x108/0x170
[  811.831202][T23001]  ? splice_shrink_spd+0xd0/0xd0
[  811.836138][T23001]  ? security_file_permission+0x8f/0x380
[  811.841761][T23001]  default_file_splice_write+0x3c/0x90
[  811.847200][T23001]  ? generic_splice_sendpage+0x50/0x50
[  811.852641][T23001]  direct_splice_actor+0x123/0x190
[  811.857751][T23001]  splice_direct_to_actor+0x366/0x970
[  811.863128][T23001]  ? generic_pipe_buf_nosteal+0x10/0x10
[  811.868657][T23001]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  811.874880][T23001]  ? do_splice_to+0x180/0x180
[  811.879721][T23001]  ? rw_verify_area+0x126/0x360
[  811.884555][T23001]  do_splice_direct+0x1da/0x2a0
[  811.889396][T23001]  ? splice_direct_to_actor+0x970/0x970
[  811.894937][T23001]  ? rcu_read_lock_any_held+0xcd/0xf0
[  811.900304][T23001]  ? __this_cpu_preempt_check+0x3a/0x210
[  811.905918][T23001]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  811.912143][T23001]  ? __sb_start_write+0x1e5/0x460
[  811.917147][T23001]  do_sendfile+0x597/0xd00
[  811.921570][T23001]  ? do_compat_pwritev64+0x1c0/0x1c0
[  811.926863][T23001]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  811.933116][T23001]  ? put_timespec64+0xda/0x140
[  811.937883][T23001]  __x64_sys_sendfile64+0x1dd/0x220
[  811.943072][T23001]  ? __ia32_sys_sendfile+0x230/0x230
[  811.948351][T23001]  ? do_syscall_64+0x26/0x760
[  811.953019][T23001]  ? lockdep_hardirqs_on+0x421/0x5e0
[  811.958298][T23001]  ? trace_hardirqs_on+0x67/0x240
[  811.963332][T23001]  do_syscall_64+0xfa/0x760
[  811.967821][T23001]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  811.973702][T23001] RIP: 0033:0x459f49
[  811.977594][T23001] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  811.997182][T23001] RSP: 002b:00007fd437dcec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  812.005588][T23001] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  812.013542][T23001] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  812.021494][T23001] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  812.029447][T23001] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fd437dcf6d4
[  812.037414][T23001] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  812.052793][T23001] memory: usage 5124kB, limit 0kB, failcnt 487
[  812.060468][T23001] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  812.067331][T23001] Memory cgroup stats for /syz3:
[  812.067448][T23001] anon 4321280
[  812.067448][T23001] file 118784
[  812.067448][T23001] kernel_stack 65536
[  812.067448][T23001] slab 692224
[  812.067448][T23001] sock 81920
[  812.067448][T23001] shmem 24576
[  812.067448][T23001] file_mapped 0
[  812.067448][T23001] file_dirty 135168
[  812.067448][T23001] file_writeback 0
[  812.067448][T23001] anon_thp 4194304
[  812.067448][T23001] inactive_anon 0
[  812.067448][T23001] active_anon 4321280
[  812.067448][T23001] inactive_file 98304
[  812.067448][T23001] active_file 0
[  812.067448][T23001] unevictable 135168
[  812.067448][T23001] slab_reclaimable 270336
[  812.067448][T23001] slab_unreclaimable 421888
[  812.067448][T23001] pgfault 59037
[  812.067448][T23001] pgmajfault 0
[  812.067448][T23001] workingset_refault 0
[  812.067448][T23001] workingset_activate 0
[  812.067448][T23001] workingset_nodereclaim 0
[  812.067448][T23001] pgrefill 8688
[  812.067448][T23001] pgscan 40193
[  812.067448][T23001] pgsteal 9652
[  812.162254][T23001] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22998,uid=0
[  812.178421][T23001] Memory cgroup out of memory: Killed process 22998 (syz-executor.3) total-vm:72720kB, anon-rss:4196kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
10:30:24 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:24 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')

10:30:24 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8906}, 0x0)

10:30:24 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:24 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x20})
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x40000000000})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x4e21, @multicast2}, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e21, @broadcast}, 0xaa, 0x0, 0x0, 0x0, 0x7f, &(0x7f0000000080)='ipddp0\x00', 0x1, 0x4, 0x7})
write$cgroup_int(r1, &(0x7f0000000380), 0x10076)
write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYRES32], 0x4)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000001300)={0x0, r0})
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in=@multicast1, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@loopback}}, &(0x7f0000000100)=0xe8)
ioctl$SIOCAX25GETUID(r2, 0x89e0, &(0x7f0000000340)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r3})
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000003c0), 0x10)

10:30:24 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  812.198781][ T1070] oom_reaper: reaped process 22998 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  812.204969][T22977] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  812.223414][T22977] CPU: 1 PID: 22977 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  812.231344][T22977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  812.241396][T22977] Call Trace:
[  812.244693][T22977]  dump_stack+0x172/0x1f0
[  812.249044][T22977]  dump_header+0x10b/0x82d
[  812.253473][T22977]  ? oom_kill_process+0x94/0x3f0
[  812.258427][T22977]  oom_kill_process.cold+0x10/0x15
[  812.263567][T22977]  out_of_memory+0x334/0x1340
[  812.268259][T22977]  ? lock_downgrade+0x920/0x920
[  812.273130][T22977]  ? oom_killer_disable+0x280/0x280
[  812.278355][T22977]  mem_cgroup_out_of_memory+0x1d8/0x240
[  812.283924][T22977]  ? memcg_stat_show+0xc40/0xc40
[  812.288883][T22977]  ? do_raw_spin_unlock+0x57/0x270
[  812.294009][T22977]  ? _raw_spin_unlock+0x2d/0x50
[  812.298880][T22977]  try_charge+0xf4b/0x1440
[  812.303329][T22977]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  812.308891][T22977]  ? percpu_ref_tryget_live+0x111/0x290
[  812.314452][T22977]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  812.320706][T22977]  ? __kasan_check_read+0x11/0x20
[  812.325767][T22977]  ? get_mem_cgroup_from_mm+0x156/0x320
[  812.331341][T22977]  mem_cgroup_try_charge+0x136/0x590
[  812.336657][T22977]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  812.342308][T22977]  wp_page_copy+0x407/0x1860
[  812.346919][T22977]  ? find_held_lock+0x35/0x130
[  812.351695][T22977]  ? do_wp_page+0x53b/0x15c0
[  812.356314][T22977]  ? pmd_devmap_trans_unstable+0x220/0x220
[  812.362137][T22977]  ? lock_downgrade+0x920/0x920
[  812.367003][T22977]  ? swp_swapcount+0x540/0x540
[  812.371785][T22977]  ? __kasan_check_read+0x11/0x20
[  812.376827][T22977]  ? do_raw_spin_unlock+0x57/0x270
[  812.381984][T22977]  do_wp_page+0x543/0x15c0
[  812.386422][T22977]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  812.391821][T22977]  __handle_mm_fault+0x23ec/0x4040
[  812.396961][T22977]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  812.402530][T22977]  ? handle_mm_fault+0x292/0xaa0
[  812.407499][T22977]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  812.413759][T22977]  ? __kasan_check_read+0x11/0x20
[  812.418811][T22977]  handle_mm_fault+0x3b7/0xaa0
[  812.423607][T22977]  __do_page_fault+0x536/0xdd0
[  812.428393][T22977]  do_page_fault+0x38/0x590
[  812.432931][T22977]  page_fault+0x39/0x40
[  812.437096][T22977] RIP: 0033:0x431026
[  812.441024][T22977] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  812.460631][T22977] RSP: 002b:00007ffcd43b15c0 EFLAGS: 00010206
[  812.466703][T22977] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  812.474681][T22977] RDX: 0000000002554930 RSI: 000000000255c970 RDI: 0000000000000003
[  812.482666][T22977] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000002553940
[  812.490639][T22977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  812.498594][T22977] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  812.506757][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  812.512625][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  812.518770][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  812.524545][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  812.534012][T22977] memory: usage 1748kB, limit 0kB, failcnt 244
[  812.540402][T22977] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  812.547251][T22977] Memory cgroup stats for /syz2:
[  812.547422][T22977] anon 81920
[  812.547422][T22977] file 0
[  812.547422][T22977] kernel_stack 0
[  812.547422][T22977] slab 1732608
[  812.547422][T22977] sock 4096
[  812.547422][T22977] shmem 20480
[  812.547422][T22977] file_mapped 135168
[  812.547422][T22977] file_dirty 135168
[  812.547422][T22977] file_writeback 0
[  812.547422][T22977] anon_thp 0
[  812.547422][T22977] inactive_anon 90112
[  812.547422][T22977] active_anon 81920
[  812.547422][T22977] inactive_file 57344
[  812.547422][T22977] active_file 0
[  812.547422][T22977] unevictable 0
[  812.547422][T22977] slab_reclaimable 1081344
[  812.547422][T22977] slab_unreclaimable 651264
[  812.547422][T22977] pgfault 65043
[  812.547422][T22977] pgmajfault 0
[  812.547422][T22977] workingset_refault 0
[  812.547422][T22977] workingset_activate 0
[  812.547422][T22977] workingset_nodereclaim 0
[  812.547422][T22977] pgrefill 15698
[  812.547422][T22977] pgscan 24440
[  812.547422][T22977] pgsteal 3058
[  812.547422][T22977] pgactivate 15444
[  812.645461][T22977] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22977,uid=0
[  812.667097][T22977] Memory cgroup out of memory: Killed process 22977 (syz-executor.2) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  812.684754][T22976] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  812.685378][ T1070] oom_reaper: reaped process 22977 (syz-executor.2), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  812.717908][T22976] CPU: 0 PID: 22976 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  812.726029][T22976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  812.736227][T22976] Call Trace:
[  812.739537][T22976]  dump_stack+0x172/0x1f0
[  812.744032][T22976]  dump_header+0x10b/0x82d
[  812.748554][T22976]  ? oom_kill_process+0x94/0x3f0
[  812.753505][T22976]  oom_kill_process.cold+0x10/0x15
[  812.758627][T22976]  out_of_memory+0x334/0x1340
[  812.763314][T22976]  ? lock_downgrade+0x920/0x920
[  812.768184][T22976]  ? oom_killer_disable+0x280/0x280
[  812.773438][T22976]  mem_cgroup_out_of_memory+0x1d8/0x240
[  812.779003][T22976]  ? memcg_stat_show+0xc40/0xc40
[  812.783966][T22976]  ? do_raw_spin_unlock+0x57/0x270
[  812.789102][T22976]  ? _raw_spin_unlock+0x2d/0x50
[  812.793977][T22976]  try_charge+0xf4b/0x1440
[  812.798424][T22976]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  812.803990][T22976]  ? __rcu_read_unlock+0x220/0x6b0
[  812.809111][T22976]  ? __kasan_check_read+0x11/0x20
[  812.814153][T22976]  ? get_mem_cgroup_from_mm+0x156/0x320
[  812.819722][T22976]  mem_cgroup_try_charge+0x136/0x590
[  812.825033][T22976]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  812.830682][T22976]  wp_page_copy+0x407/0x1860
[  812.835290][T22976]  ? find_held_lock+0x35/0x130
[  812.840170][T22976]  ? do_wp_page+0x53b/0x15c0
[  812.844776][T22976]  ? pmd_devmap_trans_unstable+0x220/0x220
[  812.850601][T22976]  ? lock_downgrade+0x920/0x920
[  812.855482][T22976]  ? swp_swapcount+0x540/0x540
[  812.860266][T22976]  ? __kasan_check_read+0x11/0x20
[  812.865317][T22976]  ? do_raw_spin_unlock+0x57/0x270
[  812.870458][T22976]  do_wp_page+0x543/0x15c0
[  812.874902][T22976]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  812.880305][T22976]  __handle_mm_fault+0x23ec/0x4040
[  812.885445][T22976]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  812.891017][T22976]  ? handle_mm_fault+0x292/0xaa0
[  812.895974][T22976]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  812.902214][T22976]  ? __kasan_check_read+0x11/0x20
[  812.907240][T22976]  handle_mm_fault+0x3b7/0xaa0
[  812.912019][T22976]  __do_page_fault+0x536/0xdd0
10:30:25 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r2}], 0x1, 0x81)

[  812.916804][T22976]  do_page_fault+0x38/0x590
[  812.921321][T22976]  page_fault+0x39/0x40
[  812.925495][T22976] RIP: 0033:0x431026
[  812.929401][T22976] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  812.949015][T22976] RSP: 002b:00007ffd86c44b30 EFLAGS: 00010206
[  812.955086][T22976] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  812.963061][T22976] RDX: 0000000002925930 RSI: 000000000292d970 RDI: 0000000000000003
[  812.971047][T22976] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000002924940
[  812.979028][T22976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  812.987013][T22976] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  812.995553][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.001403][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  813.014263][T22976] memory: usage 704kB, limit 0kB, failcnt 495
[  813.023845][T22976] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  813.031207][T22976] Memory cgroup stats for /syz3:
[  813.031319][T22976] anon 57344
[  813.031319][T22976] file 118784
[  813.031319][T22976] kernel_stack 65536
[  813.031319][T22976] slab 692224
[  813.031319][T22976] sock 81920
[  813.031319][T22976] shmem 24576
[  813.031319][T22976] file_mapped 0
[  813.031319][T22976] file_dirty 135168
[  813.031319][T22976] file_writeback 0
[  813.031319][T22976] anon_thp 0
[  813.031319][T22976] inactive_anon 0
[  813.031319][T22976] active_anon 57344
[  813.031319][T22976] inactive_file 98304
[  813.031319][T22976] active_file 0
[  813.031319][T22976] unevictable 135168
[  813.031319][T22976] slab_reclaimable 270336
[  813.031319][T22976] slab_unreclaimable 421888
[  813.031319][T22976] pgfault 59037
[  813.031319][T22976] pgmajfault 0
[  813.031319][T22976] workingset_refault 0
[  813.031319][T22976] workingset_activate 0
[  813.031319][T22976] workingset_nodereclaim 0
[  813.031319][T22976] pgrefill 8688
[  813.031319][T22976] pgscan 40193
[  813.031319][T22976] pgsteal 9652
[  813.137607][T22976] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22976,uid=0
10:30:25 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xe803}, 0x0)

10:30:25 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)

[  813.167612][T22976] Memory cgroup out of memory: Killed process 22976 (syz-executor.3) total-vm:72456kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  813.205809][ T1070] oom_reaper: reaped process 22976 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
10:30:25 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x8000002}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000540)='dctcp\x00', 0x6)
r1 = socket(0x0, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r1}], 0x1, 0x81)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'lo\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000140)={'lo\x00\x00\xe7\xff\x03\x00\x00\x00\x00\x06\x00', 0xfd})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket(0x1, 0x5, 0xf3)
bind$netlink(r3, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r3, &(0x7f0000000140)="2600000022004701050000000000000005006d", 0x13)
connect$netlink(r3, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000400), 0x4)
sendto$packet(r0, &(0x7f0000000340), 0xfffffffffffffd72, 0x0, 0x0, 0x0)

10:30:25 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r2, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)

[  813.347750][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.353541][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  813.427619][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.433458][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:30:26 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)

10:30:26 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:26 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)

10:30:26 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  814.080367][T23035] IPVS: ftp: loaded support on port[0] = 21
[  814.330201][T23035] chnl_net:caif_netlink_parms(): no params data found
[  814.373096][T23035] bridge0: port 1(bridge_slave_0) entered blocking state
[  814.381157][T23035] bridge0: port 1(bridge_slave_0) entered disabled state
[  814.389417][T23035] device bridge_slave_0 entered promiscuous mode
[  814.398886][T23035] bridge0: port 2(bridge_slave_1) entered blocking state
[  814.406034][T23035] bridge0: port 2(bridge_slave_1) entered disabled state
[  814.414381][T23035] device bridge_slave_1 entered promiscuous mode
[  814.433935][T23035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  814.445681][T23035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  814.467358][T23035] team0: Port device team_slave_0 added
[  814.475567][T23035] team0: Port device team_slave_1 added
[  814.529900][T23035] device hsr_slave_0 entered promiscuous mode
[  814.578186][T23035] device hsr_slave_1 entered promiscuous mode
[  814.657657][T23035] debugfs: Directory 'hsr0' with parent '/' already present!
[  816.221372][T23035] 8021q: adding VLAN 0 to HW filter on device bond0
[  816.613889][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  816.622003][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  816.634014][T23035] 8021q: adding VLAN 0 to HW filter on device team0
[  817.009436][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  817.018585][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  817.026892][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.034016][ T8848] bridge0: port 1(bridge_slave_0) entered forwarding state
[  817.414737][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  817.423753][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  817.433796][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  817.443164][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.450446][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  817.459098][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  817.467966][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  817.476482][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  817.485166][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  817.494262][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  817.882212][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  817.891555][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  817.901024][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  817.912302][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  817.921426][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  817.930350][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  817.940370][T23035] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  818.316687][T23035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  818.750496][T11615] device bridge_slave_1 left promiscuous mode
[  818.772151][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.808816][T11615] device bridge_slave_0 left promiscuous mode
[  818.815180][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.859784][T11615] device bridge_slave_1 left promiscuous mode
[  818.866046][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.939163][T11615] device bridge_slave_0 left promiscuous mode
[  818.945563][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.010464][T11615] device bridge_slave_1 left promiscuous mode
[  819.016701][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  819.059012][T23059] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  819.069661][T23059] CPU: 1 PID: 23059 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  819.077555][T23059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  819.087715][T23059] Call Trace:
[  819.091021][T23059]  dump_stack+0x172/0x1f0
[  819.095369][T23059]  dump_header+0x10b/0x82d
[  819.100235][T23059]  oom_kill_process.cold+0x10/0x15
[  819.105370][T23059]  out_of_memory+0x334/0x1340
[  819.110077][T23059]  ? __sched_text_start+0x8/0x8
[  819.114930][T23059]  ? oom_killer_disable+0x280/0x280
[  819.120126][T23059]  mem_cgroup_out_of_memory+0x1d8/0x240
[  819.125655][T23059]  ? memcg_stat_show+0xc40/0xc40
[  819.131562][T23059]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  819.137366][T23059]  ? cgroup_file_notify+0x140/0x1b0
[  819.142552][T23059]  memory_max_write+0x262/0x3a0
[  819.147384][T23059]  ? mem_cgroup_write+0x370/0x370
[  819.152419][T23059]  ? lock_acquire+0x190/0x410
[  819.157092][T23059]  ? kernfs_fop_write+0x227/0x480
[  819.162102][T23059]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  819.167646][T23059]  cgroup_file_write+0x241/0x790
[  819.172591][T23059]  ? mem_cgroup_write+0x370/0x370
[  819.177629][T23059]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  819.183272][T23059]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  819.188912][T23059]  kernfs_fop_write+0x2b8/0x480
[  819.193768][T23059]  __vfs_write+0x8a/0x110
[  819.198573][T23059]  ? kernfs_fop_open+0xd80/0xd80
[  819.203508][T23059]  __kernel_write+0x11b/0x3b0
[  819.208205][T23059]  write_pipe_buf+0x15d/0x1f0
[  819.212894][T23059]  ? do_splice_direct+0x2a0/0x2a0
[  819.217930][T23059]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.224171][T23059]  ? splice_from_pipe_next.part.0+0x262/0x300
[  819.230247][T23059]  __splice_from_pipe+0x397/0x7d0
[  819.235279][T23059]  ? do_splice_direct+0x2a0/0x2a0
[  819.240331][T23059]  ? do_splice_direct+0x2a0/0x2a0
[  819.245367][T23059]  splice_from_pipe+0x108/0x170
[  819.250223][T23059]  ? splice_shrink_spd+0xd0/0xd0
[  819.255173][T23059]  ? security_file_permission+0x8f/0x380
[  819.260802][T23059]  default_file_splice_write+0x3c/0x90
[  819.266243][T23059]  ? generic_splice_sendpage+0x50/0x50
[  819.271708][T23059]  direct_splice_actor+0x123/0x190
[  819.276831][T23059]  splice_direct_to_actor+0x366/0x970
[  819.282201][T23059]  ? generic_pipe_buf_nosteal+0x10/0x10
[  819.287760][T23059]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.294004][T23059]  ? do_splice_to+0x180/0x180
[  819.298677][T23059]  ? rw_verify_area+0x126/0x360
[  819.303520][T23059]  do_splice_direct+0x1da/0x2a0
[  819.308373][T23059]  ? splice_direct_to_actor+0x970/0x970
[  819.313927][T23059]  ? rcu_read_lock_any_held+0xcd/0xf0
[  819.319298][T23059]  ? __this_cpu_preempt_check+0x3a/0x210
[  819.324926][T23059]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  819.331163][T23059]  ? __sb_start_write+0x1e5/0x460
[  819.336181][T23059]  do_sendfile+0x597/0xd00
[  819.341021][T23059]  ? do_compat_pwritev64+0x1c0/0x1c0
[  819.346293][T23059]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  819.352541][T23059]  ? put_timespec64+0xda/0x140
[  819.357310][T23059]  __x64_sys_sendfile64+0x1dd/0x220
[  819.362510][T23059]  ? __ia32_sys_sendfile+0x230/0x230
[  819.367795][T23059]  ? do_syscall_64+0x26/0x760
[  819.372484][T23059]  ? lockdep_hardirqs_on+0x421/0x5e0
[  819.377781][T23059]  ? trace_hardirqs_on+0x67/0x240
[  819.382907][T23059]  do_syscall_64+0xfa/0x760
[  819.387424][T23059]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  819.393334][T23059] RIP: 0033:0x459f49
[  819.397652][T23059] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  819.417267][T23059] RSP: 002b:00007f3b9c723c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  819.425681][T23059] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  819.433686][T23059] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  819.441674][T23059] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  819.449644][T23059] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f3b9c7246d4
[  819.457655][T23059] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  819.468482][T11615] device bridge_slave_0 left promiscuous mode
[  819.469972][T23059] memory: usage 2612kB, limit 0kB, failcnt 175
[  819.474689][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.480795][T23059] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  819.495011][T23059] Memory cgroup stats for /syz5:
[  819.495149][T23059] anon 143360
[  819.495149][T23059] file 4096
[  819.495149][T23059] kernel_stack 131072
[  819.495149][T23059] slab 2183168
[  819.495149][T23059] sock 0
[  819.495149][T23059] shmem 143360
[  819.495149][T23059] file_mapped 0
[  819.495149][T23059] file_dirty 135168
[  819.495149][T23059] file_writeback 0
[  819.495149][T23059] anon_thp 0
[  819.495149][T23059] inactive_anon 0
[  819.495149][T23059] active_anon 143360
[  819.495149][T23059] inactive_file 94208
[  819.495149][T23059] active_file 196608
[  819.495149][T23059] unevictable 135168
[  819.495149][T23059] slab_reclaimable 1081344
[  819.495149][T23059] slab_unreclaimable 1101824
[  819.495149][T23059] pgfault 54516
[  819.495149][T23059] pgmajfault 0
[  819.495149][T23059] workingset_refault 0
[  819.495149][T23059] workingset_activate 0
[  819.495149][T23059] workingset_nodereclaim 0
[  819.495149][T23059] pgrefill 7052
[  819.495149][T23059] pgscan 19945
[  819.495149][T23059] pgsteal 5339
[  819.593479][T23059] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23035,uid=0
[  819.611015][T23059] Memory cgroup out of memory: Killed process 23035 (syz-executor.5) total-vm:72456kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  819.634308][ T1070] oom_reaper: reaped process 23035 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  819.648046][T11615] device bridge_slave_1 left promiscuous mode
[  819.654268][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  819.708786][T11615] device bridge_slave_0 left promiscuous mode
[  819.715014][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.749773][T11615] device bridge_slave_1 left promiscuous mode
[  819.755999][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  819.818535][T11615] device bridge_slave_0 left promiscuous mode
[  819.824839][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.548198][T11615] device hsr_slave_0 left promiscuous mode
[  829.588186][T11615] device hsr_slave_1 left promiscuous mode
[  829.641605][T11615] team0 (unregistering): Port device team_slave_1 removed
[  829.655069][T11615] team0 (unregistering): Port device team_slave_0 removed
[  829.666848][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  829.706675][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  829.799337][T11615] bond0 (unregistering): Released all slaves
[  829.938390][T11615] device hsr_slave_0 left promiscuous mode
[  829.977881][T11615] device hsr_slave_1 left promiscuous mode
[  830.030819][T11615] team0 (unregistering): Port device team_slave_1 removed
[  830.042364][T11615] team0 (unregistering): Port device team_slave_0 removed
[  830.055889][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  830.122782][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  830.205368][T11615] bond0 (unregistering): Released all slaves
[  830.368488][T11615] device hsr_slave_0 left promiscuous mode
[  830.427832][T11615] device hsr_slave_1 left promiscuous mode
[  830.479846][T11615] team0 (unregistering): Port device team_slave_1 removed
[  830.493142][T11615] team0 (unregistering): Port device team_slave_0 removed
[  830.505971][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  830.554469][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  830.646319][T11615] bond0 (unregistering): Released all slaves
[  830.848188][T11615] device hsr_slave_0 left promiscuous mode
[  830.897750][T11615] device hsr_slave_1 left promiscuous mode
[  830.954484][T11615] team0 (unregistering): Port device team_slave_1 removed
[  830.966049][T11615] team0 (unregistering): Port device team_slave_0 removed
[  830.979913][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  831.044208][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  831.136117][T11615] bond0 (unregistering): Released all slaves
[  831.298666][T11615] device hsr_slave_0 left promiscuous mode
[  831.357720][T11615] device hsr_slave_1 left promiscuous mode
[  831.435503][T11615] team0 (unregistering): Port device team_slave_1 removed
[  831.450737][T11615] team0 (unregistering): Port device team_slave_0 removed
[  831.464597][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  831.545905][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  831.625347][T11615] bond0 (unregistering): Released all slaves
10:30:44 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:44 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xf401}, 0x0)

10:30:44 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)

10:30:44 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:44 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:44 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:46 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)

10:30:46 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xff00}, 0x0)

10:30:46 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x8000002}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000540)='dctcp\x00', 0x6)
r1 = socket(0x0, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r1}], 0x1, 0x81)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'lo\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000140)={'lo\x00\x00\xe7\xff\x03\x00\x00\x00\x00\x06\x00', 0xfd})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket(0x1, 0x5, 0xf3)
bind$netlink(r3, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r3, &(0x7f0000000140)="2600000022004701050000000000000005006d", 0x13)
connect$netlink(r3, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000400), 0x4)
sendto$packet(r0, &(0x7f0000000340), 0xfffffffffffffd72, 0x0, 0x0, 0x0)

[  834.240706][T23068] IPVS: ftp: loaded support on port[0] = 21
[  834.241819][T23071] IPVS: ftp: loaded support on port[0] = 21
[  834.258034][T23072] IPVS: ftp: loaded support on port[0] = 21
10:30:46 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
socket(0x40000000015, 0x5, 0x0)

10:30:46 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x34000}, 0x0)

10:30:46 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:47 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:47 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:47 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  835.084371][T23068] chnl_net:caif_netlink_parms(): no params data found
[  835.232349][T23068] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.241612][T23068] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.250083][T23068] device bridge_slave_0 entered promiscuous mode
[  835.259382][T23068] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.266442][T23068] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.274608][T23068] device bridge_slave_1 entered promiscuous mode
[  835.366196][T23072] chnl_net:caif_netlink_parms(): no params data found
[  835.397415][T23068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  835.412251][T23071] chnl_net:caif_netlink_parms(): no params data found
[  835.432373][T23068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  835.543876][T23072] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.552997][T23072] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.561701][T23072] device bridge_slave_0 entered promiscuous mode
[  835.576658][T23068] team0: Port device team_slave_0 added
[  835.655088][T23072] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.662547][T23072] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.671823][T23072] device bridge_slave_1 entered promiscuous mode
[  835.684275][T23068] team0: Port device team_slave_1 added
[  835.766886][T23071] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.774372][T23071] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.782917][T23071] device bridge_slave_0 entered promiscuous mode
[  835.791103][T23071] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.798966][T23071] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.806734][T23071] device bridge_slave_1 entered promiscuous mode
[  835.903027][T23072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  835.914565][T23072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  835.947195][T23071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  836.000772][T23068] device hsr_slave_0 entered promiscuous mode
[  836.038163][T23068] device hsr_slave_1 entered promiscuous mode
[  836.158785][T23071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  836.181662][T23072] team0: Port device team_slave_0 added
[  836.196450][T23071] team0: Port device team_slave_0 added
[  836.205324][T11615] device bridge_slave_1 left promiscuous mode
[  836.212365][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.259591][T11615] device bridge_slave_0 left promiscuous mode
[  836.265947][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.217939][T11615] device hsr_slave_0 left promiscuous mode
[  838.267932][T11615] device hsr_slave_1 left promiscuous mode
[  838.345002][T11615] team0 (unregistering): Port device team_slave_1 removed
[  838.358671][T11615] team0 (unregistering): Port device team_slave_0 removed
[  838.369993][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  838.441527][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  838.534977][T11615] bond0 (unregistering): Released all slaves
[  838.631825][T23072] team0: Port device team_slave_1 added
[  838.641016][T23071] team0: Port device team_slave_1 added
[  838.690655][T23071] device hsr_slave_0 entered promiscuous mode
[  838.738174][T23071] device hsr_slave_1 entered promiscuous mode
[  838.807665][T23071] debugfs: Directory 'hsr0' with parent '/' already present!
[  838.871524][T23072] device hsr_slave_0 entered promiscuous mode
[  838.938109][T23072] device hsr_slave_1 entered promiscuous mode
[  839.007734][T23072] debugfs: Directory 'hsr0' with parent '/' already present!
[  839.094928][T23068] 8021q: adding VLAN 0 to HW filter on device bond0
[  839.163819][T23071] 8021q: adding VLAN 0 to HW filter on device bond0
[  839.184238][T23072] 8021q: adding VLAN 0 to HW filter on device bond0
[  839.203788][T23068] 8021q: adding VLAN 0 to HW filter on device team0
[  839.219585][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  839.227462][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  839.236653][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  839.245070][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  839.262830][T23071] 8021q: adding VLAN 0 to HW filter on device team0
[  839.274252][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  839.283105][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  839.291309][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  839.301651][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  839.314122][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.321252][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  839.339864][T23072] 8021q: adding VLAN 0 to HW filter on device team0
[  839.355688][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  839.363911][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  839.373564][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  839.389819][T19895] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.396890][T19895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  839.411152][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  839.422190][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  839.435631][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  839.446501][T19895] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.453615][T19895] bridge0: port 1(bridge_slave_0) entered forwarding state
[  839.469278][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  839.517947][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  839.526734][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  839.537385][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  839.551208][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  839.560632][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  839.569517][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  839.578380][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  839.587336][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  839.596749][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.603907][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  839.612716][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  839.621582][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  839.630735][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.637870][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  839.645850][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  839.655943][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  839.665175][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  839.674548][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  839.683964][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  839.693217][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  839.702268][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.709392][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  839.722346][T23071] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  839.734398][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  839.772963][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  839.782450][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  839.790837][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  839.805296][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  839.814305][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  839.824515][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  839.834950][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  839.844522][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  839.854048][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  839.863845][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  839.873243][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  839.882595][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  839.896677][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  839.913092][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  839.924100][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  839.953858][T23068] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  839.966387][T23068] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  839.986446][T23072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  840.001758][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  840.016763][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  840.027441][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  840.046654][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  840.056027][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  840.076220][T23071] 8021q: adding VLAN 0 to HW filter on device batadv0
[  840.122015][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  840.154208][T23068] 8021q: adding VLAN 0 to HW filter on device batadv0
[  840.164651][T23072] 8021q: adding VLAN 0 to HW filter on device batadv0
[  840.430337][T23129] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  840.441586][T23129] CPU: 0 PID: 23129 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  840.449497][T23129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  840.459576][T23129] Call Trace:
[  840.462877][T23129]  dump_stack+0x172/0x1f0
[  840.467224][T23129]  dump_header+0x10b/0x82d
[  840.471659][T23129]  oom_kill_process.cold+0x10/0x15
[  840.476792][T23129]  out_of_memory+0x334/0x1340
[  840.481485][T23129]  ? __sched_text_start+0x8/0x8
[  840.486344][T23129]  ? oom_killer_disable+0x280/0x280
[  840.491645][T23129]  mem_cgroup_out_of_memory+0x1d8/0x240
[  840.497173][T23129]  ? memcg_stat_show+0xc40/0xc40
[  840.502101][T23129]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  840.507907][T23129]  ? cgroup_file_notify+0x140/0x1b0
[  840.513101][T23129]  memory_max_write+0x262/0x3a0
[  840.517937][T23129]  ? mem_cgroup_write+0x370/0x370
[  840.522943][T23129]  ? lock_acquire+0x190/0x410
[  840.527603][T23129]  ? kernfs_fop_write+0x227/0x480
[  840.532610][T23129]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  840.538140][T23129]  cgroup_file_write+0x241/0x790
[  840.543065][T23129]  ? mem_cgroup_write+0x370/0x370
[  840.548084][T23129]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  840.553706][T23129]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  840.559329][T23129]  kernfs_fop_write+0x2b8/0x480
[  840.564193][T23129]  __vfs_write+0x8a/0x110
[  840.568515][T23129]  ? kernfs_fop_open+0xd80/0xd80
[  840.573451][T23129]  __kernel_write+0x11b/0x3b0
[  840.578129][T23129]  write_pipe_buf+0x15d/0x1f0
[  840.582789][T23129]  ? do_splice_direct+0x2a0/0x2a0
[  840.587797][T23129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  840.594020][T23129]  ? splice_from_pipe_next.part.0+0x262/0x300
[  840.600169][T23129]  __splice_from_pipe+0x397/0x7d0
[  840.605179][T23129]  ? do_splice_direct+0x2a0/0x2a0
[  840.610192][T23129]  ? do_splice_direct+0x2a0/0x2a0
[  840.615201][T23129]  splice_from_pipe+0x108/0x170
[  840.620061][T23129]  ? splice_shrink_spd+0xd0/0xd0
[  840.624998][T23129]  ? security_file_permission+0x8f/0x380
[  840.630630][T23129]  default_file_splice_write+0x3c/0x90
[  840.636084][T23129]  ? generic_splice_sendpage+0x50/0x50
[  840.641535][T23129]  direct_splice_actor+0x123/0x190
[  840.646638][T23129]  splice_direct_to_actor+0x366/0x970
[  840.652001][T23129]  ? generic_pipe_buf_nosteal+0x10/0x10
[  840.657545][T23129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  840.663772][T23129]  ? do_splice_to+0x180/0x180
[  840.668435][T23129]  ? rw_verify_area+0x126/0x360
[  840.673279][T23129]  do_splice_direct+0x1da/0x2a0
[  840.678115][T23129]  ? splice_direct_to_actor+0x970/0x970
[  840.683640][T23129]  ? rcu_read_lock_any_held+0xcd/0xf0
[  840.688998][T23129]  ? __this_cpu_preempt_check+0x3a/0x210
[  840.694625][T23129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  840.700846][T23129]  ? __sb_start_write+0x1e5/0x460
[  840.705890][T23129]  do_sendfile+0x597/0xd00
[  840.710332][T23129]  ? do_compat_pwritev64+0x1c0/0x1c0
[  840.715643][T23129]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  840.721877][T23129]  ? put_timespec64+0xda/0x140
[  840.726636][T23129]  __x64_sys_sendfile64+0x1dd/0x220
[  840.731819][T23129]  ? __ia32_sys_sendfile+0x230/0x230
[  840.737118][T23129]  ? do_syscall_64+0x26/0x760
[  840.741795][T23129]  ? lockdep_hardirqs_on+0x421/0x5e0
[  840.747070][T23129]  ? trace_hardirqs_on+0x67/0x240
[  840.752084][T23129]  do_syscall_64+0xfa/0x760
[  840.756609][T23129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  840.762508][T23129] RIP: 0033:0x459f49
[  840.766424][T23129] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  840.786031][T23129] RSP: 002b:00007f3c8f53dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  840.794432][T23129] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  840.802408][T23129] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  840.810373][T23129] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  840.818332][T23129] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f3c8f53e6d4
[  840.826289][T23129] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  840.878578][T23129] memory: usage 5056kB, limit 0kB, failcnt 496
[  840.884912][T23129] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  840.902164][T23129] Memory cgroup stats for /syz3:
[  840.902279][T23129] anon 4263936
[  840.902279][T23129] file 118784
[  840.902279][T23129] kernel_stack 65536
[  840.902279][T23129] slab 692224
[  840.902279][T23129] sock 81920
[  840.902279][T23129] shmem 24576
[  840.902279][T23129] file_mapped 0
[  840.902279][T23129] file_dirty 135168
[  840.902279][T23129] file_writeback 0
[  840.902279][T23129] anon_thp 4194304
[  840.902279][T23129] inactive_anon 0
[  840.902279][T23129] active_anon 4263936
[  840.902279][T23129] inactive_file 98304
[  840.902279][T23129] active_file 0
[  840.902279][T23129] unevictable 135168
[  840.902279][T23129] slab_reclaimable 270336
[  840.902279][T23129] slab_unreclaimable 421888
[  840.902279][T23129] pgfault 59103
[  840.902279][T23129] pgmajfault 0
[  840.902279][T23129] workingset_refault 0
[  840.902279][T23129] workingset_activate 0
[  840.902279][T23129] workingset_nodereclaim 0
[  840.902279][T23129] pgrefill 8688
[  840.902279][T23129] pgscan 40193
[  840.902279][T23129] pgsteal 9652
[  841.007336][T23129] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23123,uid=0
[  841.062272][T23129] Memory cgroup out of memory: Killed process 23123 (syz-executor.3) total-vm:72720kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  841.115267][ T1070] oom_reaper: reaped process 23123 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  841.126535][T23139] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  841.144253][T23139] CPU: 0 PID: 23139 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  841.152179][T23139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  841.162244][T23139] Call Trace:
[  841.165551][T23139]  dump_stack+0x172/0x1f0
[  841.169901][T23139]  dump_header+0x10b/0x82d
[  841.174328][T23139]  oom_kill_process.cold+0x10/0x15
[  841.179445][T23139]  out_of_memory+0x334/0x1340
[  841.184137][T23139]  ? oom_killer_disable+0x280/0x280
[  841.189359][T23139]  mem_cgroup_out_of_memory+0x1d8/0x240
[  841.194919][T23139]  ? memcg_stat_show+0xc40/0xc40
[  841.199877][T23139]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  841.205690][T23139]  ? cgroup_file_notify+0x140/0x1b0
[  841.210896][T23139]  memory_max_write+0x262/0x3a0
[  841.215758][T23139]  ? mem_cgroup_write+0x370/0x370
[  841.220796][T23139]  ? lock_acquire+0x190/0x410
[  841.225665][T23139]  ? kernfs_fop_write+0x227/0x480
[  841.230712][T23139]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  841.236267][T23139]  cgroup_file_write+0x241/0x790
[  841.241212][T23139]  ? mem_cgroup_write+0x370/0x370
[  841.246245][T23139]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  841.251895][T23139]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  841.257536][T23139]  kernfs_fop_write+0x2b8/0x480
10:30:53 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  841.262404][T23139]  __vfs_write+0x8a/0x110
[  841.266735][T23139]  ? kernfs_fop_open+0xd80/0xd80
[  841.271675][T23139]  __kernel_write+0x11b/0x3b0
[  841.276361][T23139]  write_pipe_buf+0x15d/0x1f0
[  841.281050][T23139]  ? do_splice_direct+0x2a0/0x2a0
[  841.286082][T23139]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  841.292358][T23139]  ? splice_from_pipe_next.part.0+0x262/0x300
[  841.298436][T23139]  __splice_from_pipe+0x397/0x7d0
[  841.303469][T23139]  ? do_splice_direct+0x2a0/0x2a0
[  841.308511][T23139]  ? do_splice_direct+0x2a0/0x2a0
[  841.313540][T23139]  splice_from_pipe+0x108/0x170
[  841.318387][T23139]  ? splice_shrink_spd+0xd0/0xd0
[  841.323317][T23139]  ? security_file_permission+0x8f/0x380
[  841.328928][T23139]  default_file_splice_write+0x3c/0x90
[  841.334372][T23139]  ? generic_splice_sendpage+0x50/0x50
[  841.339809][T23139]  direct_splice_actor+0x123/0x190
[  841.344900][T23139]  splice_direct_to_actor+0x366/0x970
[  841.350265][T23139]  ? generic_pipe_buf_nosteal+0x10/0x10
[  841.355794][T23139]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  841.362015][T23139]  ? do_splice_to+0x180/0x180
[  841.366671][T23139]  ? rw_verify_area+0x126/0x360
[  841.371502][T23139]  do_splice_direct+0x1da/0x2a0
[  841.376334][T23139]  ? splice_direct_to_actor+0x970/0x970
[  841.381867][T23139]  ? rcu_read_lock_any_held+0xcd/0xf0
[  841.387230][T23139]  ? __this_cpu_preempt_check+0x3a/0x210
[  841.392842][T23139]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  841.399066][T23139]  ? __sb_start_write+0x1e5/0x460
[  841.404088][T23139]  do_sendfile+0x597/0xd00
[  841.408487][T23139]  ? do_compat_pwritev64+0x1c0/0x1c0
[  841.413763][T23139]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  841.419987][T23139]  ? put_timespec64+0xda/0x140
[  841.424745][T23139]  __x64_sys_sendfile64+0x1dd/0x220
[  841.429922][T23139]  ? __ia32_sys_sendfile+0x230/0x230
[  841.435187][T23139]  ? do_syscall_64+0x26/0x760
[  841.439847][T23139]  ? lockdep_hardirqs_on+0x421/0x5e0
[  841.445218][T23139]  ? trace_hardirqs_on+0x67/0x240
[  841.450232][T23139]  do_syscall_64+0xfa/0x760
[  841.454728][T23139]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  841.460609][T23139] RIP: 0033:0x459f49
[  841.464492][T23139] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  841.484073][T23139] RSP: 002b:00007f37c24c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  841.492474][T23139] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  841.500540][T23139] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  841.508520][T23139] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  841.516474][T23139] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f37c24c56d4
[  841.524427][T23139] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  841.548939][T23139] memory: usage 6064kB, limit 0kB, failcnt 245
[  841.555139][T23139] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  841.562031][T23139] Memory cgroup stats for /syz2:
[  841.562137][T23139] anon 4382720
[  841.562137][T23139] file 0
[  841.562137][T23139] kernel_stack 0
[  841.562137][T23139] slab 1597440
[  841.562137][T23139] sock 4096
[  841.562137][T23139] shmem 20480
[  841.562137][T23139] file_mapped 135168
[  841.562137][T23139] file_dirty 135168
[  841.562137][T23139] file_writeback 0
[  841.562137][T23139] anon_thp 4194304
[  841.562137][T23139] inactive_anon 90112
[  841.562137][T23139] active_anon 4382720
[  841.562137][T23139] inactive_file 57344
[  841.562137][T23139] active_file 0
[  841.562137][T23139] unevictable 0
[  841.562137][T23139] slab_reclaimable 1081344
[  841.562137][T23139] slab_unreclaimable 516096
[  841.562137][T23139] pgfault 65109
[  841.562137][T23139] pgmajfault 0
[  841.562137][T23139] workingset_refault 0
[  841.562137][T23139] workingset_activate 0
[  841.562137][T23139] workingset_nodereclaim 0
[  841.562137][T23139] pgrefill 15698
[  841.562137][T23139] pgscan 24440
[  841.562137][T23139] pgsteal 3058
[  841.657655][T23139] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23127,uid=0
[  841.673829][T23139] Memory cgroup out of memory: Killed process 23139 (syz-executor.2) total-vm:72984kB, anon-rss:4256kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  841.696786][ T1070] oom_reaper: reaped process 23139 (syz-executor.2), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB
[  841.714041][T23072] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  841.735767][T23072] CPU: 0 PID: 23072 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  841.743717][T23072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  841.753770][T23072] Call Trace:
[  841.757066][T23072]  dump_stack+0x172/0x1f0
[  841.761413][T23072]  dump_header+0x10b/0x82d
[  841.765823][T23072]  ? oom_kill_process+0x94/0x3f0
[  841.770762][T23072]  oom_kill_process.cold+0x10/0x15
[  841.775882][T23072]  out_of_memory+0x334/0x1340
[  841.780583][T23072]  ? lock_downgrade+0x920/0x920
[  841.785441][T23072]  ? oom_killer_disable+0x280/0x280
[  841.790650][T23072]  mem_cgroup_out_of_memory+0x1d8/0x240
[  841.796221][T23072]  ? memcg_stat_show+0xc40/0xc40
[  841.801251][T23072]  ? do_raw_spin_unlock+0x57/0x270
[  841.806372][T23072]  ? _raw_spin_unlock+0x2d/0x50
[  841.811251][T23072]  try_charge+0xf4b/0x1440
[  841.815687][T23072]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  841.821231][T23072]  ? percpu_ref_tryget_live+0x111/0x290
[  841.826785][T23072]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  841.833046][T23072]  ? __kasan_check_read+0x11/0x20
[  841.838095][T23072]  ? get_mem_cgroup_from_mm+0x156/0x320
[  841.843657][T23072]  mem_cgroup_try_charge+0x136/0x590
[  841.848962][T23072]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  841.854604][T23072]  __handle_mm_fault+0x1f0d/0x4040
[  841.859719][T23072]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  841.865241][T23072]  ? handle_mm_fault+0x292/0xaa0
[  841.870266][T23072]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  841.876481][T23072]  ? __kasan_check_read+0x11/0x20
[  841.881527][T23072]  handle_mm_fault+0x3b7/0xaa0
[  841.886278][T23072]  __do_page_fault+0x536/0xdd0
[  841.891023][T23072]  do_page_fault+0x38/0x590
[  841.895507][T23072]  page_fault+0x39/0x40
[  841.899639][T23072] RIP: 0033:0x457ee1
10:30:54 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  841.903526][T23072] Code: 48 81 ec 98 00 00 00 0f 05 48 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 00 48 89 e2 89 de bf 01 00 00 00 <e8> ba 13 00 00 85 c0 0f 88 98 00 00 00 8b 44 24 18 25 00 f0 00 00
[  841.923127][T23072] RSP: 002b:00007ffe34357fa0 EFLAGS: 00010206
[  841.929168][T23072] RAX: 0000000000000003 RBX: 0000000000000003 RCX: 0000000000457ec0
[  841.937115][T23072] RDX: 00007ffe34357fa0 RSI: 0000000000000003 RDI: 0000000000000001
[  841.945071][T23072] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000e62940
[  841.953036][T23072] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffe34359180
[  841.960996][T23072] R13: 00007ffe34359170 R14: 0000000000000000 R15: 00007ffe34359180
10:30:54 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:54 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x400300}, 0x0)

10:30:54 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:54 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  841.982378][T23072] memory: usage 624kB, limit 0kB, failcnt 504
[  842.003365][T23072] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  842.012253][T23072] Memory cgroup stats for /syz3:
[  842.012359][T23072] anon 0
[  842.012359][T23072] file 118784
[  842.012359][T23072] kernel_stack 65536
[  842.012359][T23072] slab 692224
[  842.012359][T23072] sock 81920
[  842.012359][T23072] shmem 24576
[  842.012359][T23072] file_mapped 0
[  842.012359][T23072] file_dirty 135168
[  842.012359][T23072] file_writeback 0
[  842.012359][T23072] anon_thp 0
[  842.012359][T23072] inactive_anon 0
[  842.012359][T23072] active_anon 0
[  842.012359][T23072] inactive_file 98304
[  842.012359][T23072] active_file 0
[  842.012359][T23072] unevictable 135168
[  842.012359][T23072] slab_reclaimable 270336
[  842.012359][T23072] slab_unreclaimable 421888
[  842.012359][T23072] pgfault 59136
[  842.012359][T23072] pgmajfault 0
[  842.012359][T23072] workingset_refault 0
[  842.012359][T23072] workingset_activate 0
[  842.012359][T23072] workingset_nodereclaim 0
[  842.012359][T23072] pgrefill 8688
[  842.012359][T23072] pgscan 40193
[  842.012359][T23072] pgsteal 9652
[  842.012359][T23072] pgactivate 11286
[  842.108361][    C0] net_ratelimit: 2 callbacks suppressed
[  842.108371][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  842.108425][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  842.128977][T23072] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23072,uid=0
[  842.145014][T23072] Memory cgroup out of memory: Killed process 23072 (syz-executor.3) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  842.164089][ T1070] oom_reaper: reaped process 23072 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
10:30:54 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  842.176111][T23071] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  842.186727][T23071] CPU: 0 PID: 23071 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  842.194625][T23071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  842.204756][T23071] Call Trace:
[  842.204777][T23071]  dump_stack+0x172/0x1f0
[  842.204795][T23071]  dump_header+0x10b/0x82d
[  842.204806][T23071]  ? oom_kill_process+0x94/0x3f0
[  842.204821][T23071]  oom_kill_process.cold+0x10/0x15
[  842.204835][T23071]  out_of_memory+0x334/0x1340
[  842.204853][T23071]  ? lock_downgrade+0x920/0x920
[  842.236436][T23071]  ? oom_killer_disable+0x280/0x280
[  842.241659][T23071]  mem_cgroup_out_of_memory+0x1d8/0x240
[  842.247224][T23071]  ? memcg_stat_show+0xc40/0xc40
[  842.252187][T23071]  ? do_raw_spin_unlock+0x57/0x270
[  842.257319][T23071]  ? _raw_spin_unlock+0x2d/0x50
[  842.262190][T23071]  try_charge+0xf4b/0x1440
[  842.266631][T23071]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  842.272190][T23071]  ? percpu_ref_tryget_live+0x111/0x290
[  842.277754][T23071]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  842.284013][T23071]  ? __kasan_check_read+0x11/0x20
[  842.289067][T23071]  ? get_mem_cgroup_from_mm+0x156/0x320
[  842.294629][T23071]  mem_cgroup_try_charge+0x136/0x590
[  842.299936][T23071]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  842.305583][T23071]  __handle_mm_fault+0x1f0d/0x4040
[  842.310714][T23071]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  842.316273][T23071]  ? handle_mm_fault+0x292/0xaa0
[  842.321236][T23071]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  842.327513][T23071]  ? __kasan_check_read+0x11/0x20
[  842.332572][T23071]  handle_mm_fault+0x3b7/0xaa0
[  842.337354][T23071]  __do_page_fault+0x536/0xdd0
[  842.342147][T23071]  do_page_fault+0x38/0x590
[  842.346674][T23071]  page_fault+0x39/0x40
[  842.350837][T23071] RIP: 0033:0x43049c
[  842.354743][T23071] Code: 83 c0 17 41 55 41 54 55 53 48 89 c5 48 83 e5 f0 48 89 fb 48 81 ec 98 00 00 00 48 83 f8 20 b8 20 00 00 00 48 0f 42 e8 48 85 ff <48> 89 74 24 08 0f 84 3a 08 00 00 48 3b 2d 4a 68 64 00 77 70 89 ef
[  842.374356][T23071] RSP: 002b:00007ffd2862df70 EFLAGS: 00010202
[  842.380433][T23071] RAX: 0000000000000020 RBX: 0000000000716640 RCX: 00000000004592b4
[  842.388415][T23071] RDX: 00007ffd2862e060 RSI: 0000000000008030 RDI: 0000000000716640
[  842.396443][T23071] RBP: 0000000000008040 R08: 0000000000000001 R09: 0000000002015940
[  842.404427][T23071] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2862f240
[  842.412411][T23071] R13: 00007ffd2862f230 R14: 0000000000000000 R15: 00007ffd2862f240
[  842.421171][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  842.426965][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  842.451282][T23071] memory: usage 1940kB, limit 0kB, failcnt 183
[  842.464845][T23071] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  842.467867][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  842.472034][T23071] Memory cgroup stats for /syz5:
[  842.472134][T23071] anon 77824
[  842.472134][T23071] file 24576
[  842.472134][T23071] kernel_stack 0
[  842.472134][T23071] slab 1773568
[  842.472134][T23071] sock 0
[  842.472134][T23071] shmem 143360
[  842.472134][T23071] file_mapped 0
[  842.472134][T23071] file_dirty 0
[  842.472134][T23071] file_writeback 0
[  842.472134][T23071] anon_thp 0
[  842.472134][T23071] inactive_anon 0
[  842.472134][T23071] active_anon 90112
[  842.472134][T23071] inactive_file 77824
[  842.472134][T23071] active_file 0
[  842.472134][T23071] unevictable 135168
[  842.472134][T23071] slab_reclaimable 946176
[  842.472134][T23071] slab_unreclaimable 827392
[  842.472134][T23071] pgfault 54714
[  842.472134][T23071] pgmajfault 0
[  842.472134][T23071] workingset_refault 0
[  842.472134][T23071] workingset_activate 0
[  842.472134][T23071] workingset_nodereclaim 0
[  842.472134][T23071] pgrefill 8264
[  842.472134][T23071] pgscan 22391
[  842.472134][T23071] pgsteal 6555
[  842.472134][T23071] pgactivate 9999
[  842.477544][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  842.477645][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  842.488159][T23071] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23071,uid=0
[  842.573076][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:30:55 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  842.626730][T23071] Memory cgroup out of memory: Killed process 23071 (syz-executor.5) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  842.649909][ T1070] oom_reaper: reaped process 23071 (syz-executor.5), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  842.663312][T23068] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0
[  842.696986][T23068] CPU: 1 PID: 23068 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  842.704925][T23068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  842.714989][T23068] Call Trace:
[  842.718292][T23068]  dump_stack+0x172/0x1f0
[  842.722625][T23068]  dump_header+0x10b/0x82d
[  842.727033][T23068]  ? oom_kill_process+0x94/0x3f0
[  842.731976][T23068]  oom_kill_process.cold+0x10/0x15
[  842.737088][T23068]  out_of_memory+0x334/0x1340
[  842.741762][T23068]  ? lock_downgrade+0x920/0x920
[  842.746629][T23068]  ? oom_killer_disable+0x280/0x280
[  842.751843][T23068]  mem_cgroup_out_of_memory+0x1d8/0x240
[  842.757394][T23068]  ? memcg_stat_show+0xc40/0xc40
[  842.762367][T23068]  ? do_raw_spin_unlock+0x57/0x270
[  842.767492][T23068]  ? _raw_spin_unlock+0x2d/0x50
[  842.772371][T23068]  try_charge+0xf4b/0x1440
[  842.776808][T23068]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  842.782366][T23068]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  842.787918][T23068]  ? cache_grow_begin+0x122/0xd20
[  842.792954][T23068]  ? find_held_lock+0x35/0x130
[  842.797722][T23068]  ? cache_grow_begin+0x122/0xd20
[  842.802770][T23068]  __memcg_kmem_charge_memcg+0x7c/0x130
[  842.808328][T23068]  ? lock_downgrade+0x920/0x920
[  842.813182][T23068]  ? memcg_kmem_put_cache+0x50/0x50
[  842.818384][T23068]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  842.824634][T23068]  ? __kasan_check_read+0x11/0x20
[  842.829678][T23068]  cache_grow_begin+0x629/0xd20
[  842.834538][T23068]  ? write_comp_data+0x11/0x70
[  842.839308][T23068]  ? mempolicy_slab_node+0x139/0x390
[  842.844594][T23068]  fallback_alloc+0x1fd/0x2d0
[  842.849273][T23068]  ____cache_alloc_node+0x1bc/0x1d0
[  842.854462][T23068]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  842.860711][T23068]  kmem_cache_alloc+0x1ef/0x710
[  842.865577][T23068]  ? stack_trace_save+0xac/0xe0
[  842.870452][T23068]  __alloc_file+0x27/0x340
[  842.874887][T23068]  alloc_empty_file+0x72/0x170
[  842.879664][T23068]  path_openat+0xef/0x46d0
[  842.884087][T23068]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  842.889919][T23068]  ? kasan_slab_alloc+0xf/0x20
10:30:55 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xa2ffff}, 0x0)

[  842.894689][T23068]  ? kmem_cache_alloc+0x121/0x710
[  842.899725][T23068]  ? getname_flags+0xd6/0x5b0
[  842.904408][T23068]  ? getname+0x1a/0x20
[  842.908484][T23068]  ? do_sys_open+0x2c9/0x5d0
[  842.913101][T23068]  ? __x64_sys_open+0x7e/0xc0
[  842.917787][T23068]  ? __kasan_check_read+0x11/0x20
[  842.922818][T23068]  ? mark_lock+0xc2/0x1220
[  842.927241][T23068]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  842.932817][T23068]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  842.938207][T23068]  ? __alloc_fd+0x487/0x620
[  842.942728][T23068]  do_filp_open+0x1a1/0x280
[  842.947243][T23068]  ? may_open_dev+0x100/0x100
[  842.951967][T23068]  ? lock_downgrade+0x920/0x920
[  842.956829][T23068]  ? rwlock_bug.part.0+0x90/0x90
[  842.961772][T23068]  ? __kasan_check_read+0x11/0x20
[  842.966795][T23068]  ? do_raw_spin_unlock+0x57/0x270
[  842.971907][T23068]  ? _raw_spin_unlock+0x2d/0x50
[  842.976759][T23068]  ? __alloc_fd+0x487/0x620
[  842.981272][T23068]  do_sys_open+0x3fe/0x5d0
[  842.985688][T23068]  ? filp_open+0x80/0x80
[  842.989932][T23068]  ? __detach_mounts+0x2a0/0x2a0
[  842.994871][T23068]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  843.000323][T23068]  ? do_syscall_64+0x26/0x760
[  843.005001][T23068]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  843.011077][T23068]  ? do_syscall_64+0x26/0x760
[  843.015760][T23068]  __x64_sys_open+0x7e/0xc0
[  843.020262][T23068]  do_syscall_64+0xfa/0x760
[  843.024765][T23068]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  843.030656][T23068] RIP: 0033:0x457ec0
[  843.034551][T23068] Code: 31 c0 e9 45 ff ff ff 0f 1f 00 80 3f 00 0f 84 f7 00 00 00 55 53 b9 02 00 00 00 be 00 08 09 00 89 c8 48 81 ec 98 00 00 00 0f 05 <48> 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00
[  843.054151][T23068] RSP: 002b:00007ffee310b750 EFLAGS: 00000206 ORIG_RAX: 0000000000000002
[  843.062559][T23068] RAX: ffffffffffffffda RBX: 00000000000cd736 RCX: 0000000000457ec0
[  843.070525][T23068] RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007ffee310c930
[  843.078476][T23068] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001f5f940
[  843.086430][T23068] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffee310c930
10:30:55 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r2=>0x0]}, &(0x7f000095dffc)=0x8)
recvmsg(r1, &(0x7f00000000c0)={&(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000001580)=[{&(0x7f00000001c0)=""/159, 0x9f}, {&(0x7f0000000280)=""/128, 0x80}, {&(0x7f0000000300)=""/242, 0xf2}, {&(0x7f0000000400)=""/118, 0x76}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000001480)=""/224, 0xe0}, {&(0x7f0000000000)=""/41, 0x29}], 0x7, &(0x7f0000001600)=""/249, 0xf9}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r2}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={r2, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0xfffffffc, @rand_addr="6e31b0872c89323c0c80b5167329292c"}]}, &(0x7f0000000100)=0x10)

[  843.094383][T23068] R13: 00007ffee310c920 R14: 0000000000000000 R15: 00007ffee310c930
[  843.112799][T23068] memory: usage 1536kB, limit 0kB, failcnt 257
[  843.119137][T23068] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  843.125981][T23068] Memory cgroup stats for /syz2:
[  843.126096][T23068] anon 69632
[  843.126096][T23068] file 0
[  843.126096][T23068] kernel_stack 0
[  843.126096][T23068] slab 1462272
[  843.126096][T23068] sock 4096
[  843.126096][T23068] shmem 20480
[  843.126096][T23068] file_mapped 135168
[  843.126096][T23068] file_dirty 135168
[  843.126096][T23068] file_writeback 0
[  843.126096][T23068] anon_thp 0
[  843.126096][T23068] inactive_anon 90112
[  843.126096][T23068] active_anon 69632
[  843.126096][T23068] inactive_file 57344
[  843.126096][T23068] active_file 0
[  843.126096][T23068] unevictable 0
[  843.126096][T23068] slab_reclaimable 946176
[  843.126096][T23068] slab_unreclaimable 516096
[  843.126096][T23068] pgfault 65109
[  843.126096][T23068] pgmajfault 0
10:30:55 executing program 0:
bind(0xffffffffffffffff, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r0=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  843.126096][T23068] workingset_refault 0
[  843.126096][T23068] workingset_activate 0
[  843.126096][T23068] workingset_nodereclaim 0
[  843.126096][T23068] pgrefill 15698
[  843.126096][T23068] pgscan 24440
[  843.126096][T23068] pgsteal 3058
[  843.126096][T23068] pgactivate 15444
[  843.131974][T23068] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23068,uid=0
[  843.249660][T23068] Memory cgroup out of memory: Killed process 23068 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
10:30:55 executing program 0:
bind(0xffffffffffffffff, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r0=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  843.330444][T22757] syz-executor.4 invoked oom-killer: gfp_mask=0x40c50(GFP_NOFS|__GFP_COMP|__GFP_RECLAIMABLE), order=0, oom_score_adj=0
[  843.358791][T22757] CPU: 0 PID: 22757 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  843.366715][T22757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  843.376764][T22757] Call Trace:
[  843.380065][T22757]  dump_stack+0x172/0x1f0
[  843.384410][T22757]  dump_header+0x10b/0x82d
[  843.388837][T22757]  ? oom_kill_process+0x94/0x3f0
[  843.393778][T22757]  oom_kill_process.cold+0x10/0x15
[  843.398886][T22757]  out_of_memory+0x334/0x1340
[  843.403558][T22757]  ? lock_downgrade+0x920/0x920
[  843.408412][T22757]  ? oom_killer_disable+0x280/0x280
[  843.413616][T22757]  mem_cgroup_out_of_memory+0x1d8/0x240
[  843.419167][T22757]  ? memcg_stat_show+0xc40/0xc40
[  843.424100][T22757]  ? do_raw_spin_unlock+0x57/0x270
[  843.429209][T22757]  ? _raw_spin_unlock+0x2d/0x50
[  843.434073][T22757]  try_charge+0xf4b/0x1440
[  843.438494][T22757]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  843.444029][T22757]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  843.449576][T22757]  ? cache_grow_begin+0x122/0xd20
[  843.454598][T22757]  ? find_held_lock+0x35/0x130
[  843.459354][T22757]  ? cache_grow_begin+0x122/0xd20
[  843.464404][T22757]  __memcg_kmem_charge_memcg+0x7c/0x130
[  843.469943][T22757]  ? lock_downgrade+0x920/0x920
[  843.474798][T22757]  ? memcg_kmem_put_cache+0x50/0x50
[  843.479997][T22757]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  843.486233][T22757]  ? __kasan_check_read+0x11/0x20
[  843.491254][T22757]  cache_grow_begin+0x629/0xd20
[  843.496100][T22757]  ? write_comp_data+0x11/0x70
[  843.500859][T22757]  ? mempolicy_slab_node+0x139/0x390
[  843.506140][T22757]  fallback_alloc+0x1fd/0x2d0
[  843.510816][T22757]  ____cache_alloc_node+0x1bc/0x1d0
[  843.516014][T22757]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  843.522252][T22757]  kmem_cache_alloc+0x1ef/0x710
[  843.527098][T22757]  ? lock_downgrade+0x920/0x920
[  843.531946][T22757]  ? rwlock_bug.part.0+0x90/0x90
[  843.536884][T22757]  ? ratelimit_state_init+0xb0/0xb0
[  843.542078][T22757]  ext4_alloc_inode+0x1f/0x640
[  843.546837][T22757]  ? ratelimit_state_init+0xb0/0xb0
[  843.552026][T22757]  alloc_inode+0x68/0x1e0
[  843.556352][T22757]  iget_locked+0x1a6/0x4b0
[  843.560776][T22757]  __ext4_iget+0x265/0x3e20
[  843.565305][T22757]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  843.571564][T22757]  ? ext4_get_projid+0x190/0x190
[  843.576505][T22757]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  843.582050][T22757]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  843.588026][T22757]  ? d_alloc_parallel+0xa78/0x1c30
[  843.593140][T22757]  ext4_lookup+0x3b1/0x7a0
[  843.597556][T22757]  ? ext4_cross_rename+0x1430/0x1430
[  843.602836][T22757]  ? __lock_acquire+0x16f2/0x4a00
[  843.607855][T22757]  ? __kasan_check_read+0x11/0x20
[  843.612888][T22757]  ? lockdep_init_map+0x1be/0x6d0
[  843.617913][T22757]  __lookup_slow+0x279/0x500
[  843.622501][T22757]  ? vfs_unlink+0x620/0x620
[  843.627040][T22757]  lookup_slow+0x58/0x80
[  843.631282][T22757]  path_mountpoint+0x5d2/0x1e60
[  843.636123][T22757]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  843.641661][T22757]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  843.647650][T22757]  ? path_openat+0x46d0/0x46d0
[  843.652416][T22757]  filename_mountpoint+0x18e/0x390
[  843.657519][T22757]  ? filename_parentat.isra.0+0x410/0x410
[  843.663232][T22757]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  843.669387][T22757]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  843.675629][T22757]  ? __phys_addr_symbol+0x30/0x70
[  843.680645][T22757]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  843.686354][T22757]  ? __check_object_size+0x3d/0x437
[  843.691546][T22757]  ? strncpy_from_user+0x2b4/0x400
[  843.696654][T22757]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  843.702886][T22757]  ? getname_flags+0x277/0x5b0
[  843.707647][T22757]  user_path_mountpoint_at+0x3a/0x50
[  843.712922][T22757]  ksys_umount+0x164/0xf00
[  843.717334][T22757]  ? down_read_non_owner+0x490/0x490
[  843.722612][T22757]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  843.729027][T22757]  ? __detach_mounts+0x2a0/0x2a0
[  843.733955][T22757]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  843.739404][T22757]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  843.744854][T22757]  ? do_syscall_64+0x26/0x760
[  843.749526][T22757]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  843.755582][T22757]  ? do_syscall_64+0x26/0x760
[  843.760254][T22757]  ? lockdep_hardirqs_on+0x421/0x5e0
[  843.765552][T22757]  __x64_sys_umount+0x54/0x80
[  843.770224][T22757]  do_syscall_64+0xfa/0x760
[  843.774735][T22757]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  843.780626][T22757] RIP: 0033:0x45c977
[  843.784525][T22757] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 2f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  843.804140][T22757] RSP: 002b:00007ffef15e2258 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
[  843.812554][T22757] RAX: ffffffffffffffda RBX: 00000000000cdd48 RCX: 000000000045c977
[  843.820517][T22757] RDX: 0000000000403a70 RSI: 0000000000000002 RDI: 00007ffef15e2300
10:30:56 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  843.828478][T22757] RBP: 0000000000000038 R08: 0000000000000000 R09: 000000000000000b
[  843.836439][T22757] R10: 0000000000000006 R11: 0000000000000206 R12: 00007ffef15e3390
[  843.844406][T22757] R13: 00000000028ab940 R14: 0000000000000000 R15: 00007ffef15e3390
[  843.927640][T22757] memory: usage 3240kB, limit 0kB, failcnt 137
[  843.933934][T22757] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  843.973224][T22757] Memory cgroup stats for /syz4:
[  843.973331][T22757] anon 118784
[  843.973331][T22757] file 69632
[  843.973331][T22757] kernel_stack 0
[  843.973331][T22757] slab 3264512
[  843.973331][T22757] sock 0
[  843.973331][T22757] shmem 0
[  843.973331][T22757] file_mapped 135168
[  843.973331][T22757] file_dirty 135168
[  843.973331][T22757] file_writeback 0
[  843.973331][T22757] anon_thp 0
[  843.973331][T22757] inactive_anon 135168
[  843.973331][T22757] active_anon 118784
[  843.973331][T22757] inactive_file 36864
[  843.973331][T22757] active_file 131072
[  843.973331][T22757] unevictable 0
[  843.973331][T22757] slab_reclaimable 1892352
[  843.973331][T22757] slab_unreclaimable 1372160
[  843.973331][T22757] pgfault 48774
[  843.973331][T22757] pgmajfault 0
[  843.973331][T22757] workingset_refault 0
[  843.973331][T22757] workingset_activate 0
[  843.973331][T22757] workingset_nodereclaim 0
[  843.973331][T22757] pgrefill 4301
[  843.973331][T22757] pgscan 18220
[  843.973331][T22757] pgsteal 5017
[  844.068457][T22757] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=22757,uid=0
[  844.084600][T22757] Memory cgroup out of memory: Killed process 22757 (syz-executor.4) total-vm:72452kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  844.102826][ T1070] oom_reaper: reaped process 22757 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
10:30:57 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x0, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:57 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)

10:30:57 executing program 0:
bind(0xffffffffffffffff, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r0=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:57 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:57 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:57 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000000)={0x0, 0x0, 0x84, "238de9e4e6c728e928897fef2ed6807435e15e3600da9b935c35051e1f39dd71ed6f054076ea16c241e4dc2b38e48b10205b085b98cd4de98b721626b75f7c84f5d4c63db2f55ebd8f5e7f88cc26dadfe775357d5e41a4b16282f6a53204e249abfa8b19ca4c5e006bde2559d5ac50a4d3ef4441dd4d716bf6a31793e43fd4c12a41f57c"}, 0xfffffffffffffdf6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
getpeername(r1, 0x0, &(0x7f0000003840))
accept(r1, &(0x7f00000000c0)=@generic, &(0x7f0000000140)=0x80)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000380)=[@in6={0xa, 0x4e21, 0x3, @rand_addr="9c2bf081ff10c00c5f961955ebb1246f", 0x8242f}], 0xd)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[], &(0x7f000095dffc))
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={<r3=>0x0}, 0x0)
r4 = socket$inet(0x10, 0x2000000000000003, 0x0)
ioctl$sock_ifreq(r4, 0x89f1, &(0x7f0000000180)={'ip6tnl0\x00\x00\x00\x00\x00r\xed\x02\x00', @ifru_flags=0x2})
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000200)={r3, 0x20, 0x0, 0xff, 0x1f}, &(0x7f0000000280)=0x18)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)={0x18, 0x4, 0x2, 0x0, 0x1, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x200000000000000], 0x0, 0xffffffffffffffff, 0x100000000001, 0x4000000000004}, 0x3c)
sendto$inet(r5, &(0x7f0000000900)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b60c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd37809c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef484394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a1a7e80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d56ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9faf0200546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a69823823af35bc53e9d339be086e8b03fbe9c0ec68357e1fbe52eee7b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b5554a4845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b0092137d845db5cf37d15d263c7806298f776781f7", 0x481, 0x0, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40)
poll(&(0x7f0000000180)=[{r5}], 0x1, 0x81)
setsockopt$inet6_icmp_ICMP_FILTER(r5, 0x1, 0x1, &(0x7f0000000300)={0x3}, 0x4)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000002c0)={0x0, 0x1}, &(0x7f00000001c0)=0x8)

10:30:57 executing program 0:
r0 = socket(0x0, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:57 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x0, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:30:57 executing program 0:
r0 = socket(0x0, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  844.947978][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  844.953850][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:30:57 executing program 0:
r0 = socket(0x0, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:57 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x2000000}, 0x0)

10:30:57 executing program 0:
r0 = socket(0x100000000011, 0x0, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:57 executing program 0:
r0 = socket(0x100000000011, 0x0, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:57 executing program 0:
r0 = socket(0x100000000011, 0x0, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:30:57 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  846.028780][T11615] device bridge_slave_1 left promiscuous mode
[  846.034984][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  846.088820][T11615] device bridge_slave_0 left promiscuous mode
[  846.095073][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  848.068235][T11615] device hsr_slave_0 left promiscuous mode
[  848.107689][T11615] device hsr_slave_1 left promiscuous mode
[  848.168731][T11615] team0 (unregistering): Port device team_slave_1 removed
[  848.181804][T11615] team0 (unregistering): Port device team_slave_0 removed
[  848.193139][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  848.255120][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  848.345093][T11615] bond0 (unregistering): Released all slaves
[  848.476960][T23212] IPVS: ftp: loaded support on port[0] = 21
[  848.476994][T23216] IPVS: ftp: loaded support on port[0] = 21
[  848.496114][T23217] IPVS: ftp: loaded support on port[0] = 21
[  848.496270][T23218] IPVS: ftp: loaded support on port[0] = 21
[  848.780572][T23216] chnl_net:caif_netlink_parms(): no params data found
[  848.794867][T23217] chnl_net:caif_netlink_parms(): no params data found
[  848.956363][T23216] bridge0: port 1(bridge_slave_0) entered blocking state
[  848.972141][T23216] bridge0: port 1(bridge_slave_0) entered disabled state
[  848.982960][T23216] device bridge_slave_0 entered promiscuous mode
[  849.022777][T23218] chnl_net:caif_netlink_parms(): no params data found
[  849.033085][T23217] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.041321][T23217] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.049854][T23217] device bridge_slave_0 entered promiscuous mode
[  849.066264][T23216] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.073962][T23216] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.082474][T23216] device bridge_slave_1 entered promiscuous mode
[  849.093856][T23217] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.102687][T23217] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.111220][T23217] device bridge_slave_1 entered promiscuous mode
[  849.135711][T23212] chnl_net:caif_netlink_parms(): no params data found
[  849.192982][T23216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  849.203164][T23218] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.211063][T23218] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.219454][T23218] device bridge_slave_0 entered promiscuous mode
[  849.230938][T23218] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.239229][T23218] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.247283][T23218] device bridge_slave_1 entered promiscuous mode
[  849.257287][T23217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  849.269063][T23216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  849.302979][T23217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  849.335748][T23218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  849.353323][T23212] bridge0: port 1(bridge_slave_0) entered blocking state
[  849.362088][T23212] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.370633][T23212] device bridge_slave_0 entered promiscuous mode
[  849.379287][T23212] bridge0: port 2(bridge_slave_1) entered blocking state
[  849.386351][T23212] bridge0: port 2(bridge_slave_1) entered disabled state
[  849.394904][T23212] device bridge_slave_1 entered promiscuous mode
[  849.413247][T23216] team0: Port device team_slave_0 added
[  849.429621][T23218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  849.456491][T23216] team0: Port device team_slave_1 added
[  849.485268][T23217] team0: Port device team_slave_0 added
[  849.499547][T23212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  849.520898][T23218] team0: Port device team_slave_0 added
[  849.610451][T23216] device hsr_slave_0 entered promiscuous mode
[  849.647985][T23216] device hsr_slave_1 entered promiscuous mode
[  849.697696][T23216] debugfs: Directory 'hsr0' with parent '/' already present!
[  849.706437][T23217] team0: Port device team_slave_1 added
[  849.719231][T23218] team0: Port device team_slave_1 added
[  849.726582][T23212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  849.786612][T23212] team0: Port device team_slave_0 added
[  849.841729][T23217] device hsr_slave_0 entered promiscuous mode
[  849.887359][T23217] device hsr_slave_1 entered promiscuous mode
[  849.937904][T23217] debugfs: Directory 'hsr0' with parent '/' already present!
[  849.989919][T23218] device hsr_slave_0 entered promiscuous mode
[  850.027953][T23218] device hsr_slave_1 entered promiscuous mode
[  850.068723][T23218] debugfs: Directory 'hsr0' with parent '/' already present!
[  850.077306][T23212] team0: Port device team_slave_1 added
[  850.180689][T23212] device hsr_slave_0 entered promiscuous mode
[  850.217873][T23212] device hsr_slave_1 entered promiscuous mode
[  850.297618][T23212] debugfs: Directory 'hsr0' with parent '/' already present!
[  850.392004][T23216] 8021q: adding VLAN 0 to HW filter on device bond0
[  850.446828][T23216] 8021q: adding VLAN 0 to HW filter on device team0
[  850.472149][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  850.480364][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  850.531689][T23218] 8021q: adding VLAN 0 to HW filter on device bond0
[  850.548138][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  850.568687][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  850.577179][T10831] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.584304][T10831] bridge0: port 1(bridge_slave_0) entered forwarding state
[  850.593090][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  850.602220][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  850.611347][T10831] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.618500][T10831] bridge0: port 2(bridge_slave_1) entered forwarding state
[  850.626525][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  850.636569][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  850.661612][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  850.670684][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  850.681169][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  850.700906][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  850.709449][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  850.719057][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  850.732621][T23218] 8021q: adding VLAN 0 to HW filter on device team0
[  850.743513][T23217] 8021q: adding VLAN 0 to HW filter on device bond0
[  850.759135][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  850.766944][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  850.775731][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  850.784729][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  850.793291][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  850.801872][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  850.840268][T23212] 8021q: adding VLAN 0 to HW filter on device bond0
[  850.858377][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  850.867021][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  850.876244][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.883392][T14992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  850.892264][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  850.901175][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  850.910236][T14992] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.917379][T14992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  850.925517][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  850.937409][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  850.951368][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  850.960462][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  850.969334][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  850.979026][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  850.987820][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  850.995720][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  851.018377][T23212] 8021q: adding VLAN 0 to HW filter on device team0
[  851.036683][T23216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  851.047787][T23217] 8021q: adding VLAN 0 to HW filter on device team0
[  851.060785][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  851.069211][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  851.076808][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  851.085160][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  851.093440][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  851.102231][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  851.111048][T10831] bridge0: port 1(bridge_slave_0) entered blocking state
[  851.118156][T10831] bridge0: port 1(bridge_slave_0) entered forwarding state
[  851.126093][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  851.134762][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  851.156037][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  851.164162][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  851.172940][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  851.181698][T10831] bridge0: port 2(bridge_slave_1) entered blocking state
[  851.188810][T10831] bridge0: port 2(bridge_slave_1) entered forwarding state
[  851.196816][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  851.205547][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  851.223009][T23218] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  851.235324][T23218] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  851.247032][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  851.256211][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  851.265873][T13143] bridge0: port 1(bridge_slave_0) entered blocking state
[  851.273008][T13143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  851.282080][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  851.290986][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  851.299688][T13143] bridge0: port 2(bridge_slave_1) entered blocking state
[  851.306717][T13143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  851.314454][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  851.323439][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  851.331912][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  851.340929][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  851.351541][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  851.360218][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  851.400464][T23216] 8021q: adding VLAN 0 to HW filter on device batadv0
[  851.413725][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  851.423169][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  851.432490][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  851.442201][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  851.451211][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  851.460158][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  851.469042][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  851.477908][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  851.486309][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  851.495122][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  851.503499][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  851.513362][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  851.522119][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  851.539988][T23212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  851.980524][T23218] 8021q: adding VLAN 0 to HW filter on device batadv0
[  851.990671][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  852.016475][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  852.025881][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  852.035544][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  852.045466][T23217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  852.573787][T23212] 8021q: adding VLAN 0 to HW filter on device batadv0
[  852.610095][T23217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  853.120372][T23245] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  853.131029][T23245] CPU: 0 PID: 23245 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  853.138925][T23245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  853.148981][T23245] Call Trace:
[  853.152284][T23245]  dump_stack+0x172/0x1f0
[  853.156623][T23245]  dump_header+0x10b/0x82d
[  853.161043][T23245]  oom_kill_process.cold+0x10/0x15
[  853.166158][T23245]  out_of_memory+0x334/0x1340
[  853.170836][T23245]  ? __sched_text_start+0x8/0x8
[  853.175686][T23245]  ? oom_killer_disable+0x280/0x280
[  853.180900][T23245]  mem_cgroup_out_of_memory+0x1d8/0x240
[  853.186446][T23245]  ? memcg_stat_show+0xc40/0xc40
[  853.191427][T23245]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  853.197240][T23245]  ? cgroup_file_notify+0x140/0x1b0
[  853.202454][T23245]  memory_max_write+0x262/0x3a0
[  853.207311][T23245]  ? mem_cgroup_write+0x370/0x370
[  853.212357][T23245]  ? lock_acquire+0x190/0x410
[  853.217035][T23245]  ? kernfs_fop_write+0x227/0x480
[  853.222081][T23245]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  853.227630][T23245]  cgroup_file_write+0x241/0x790
[  853.232581][T23245]  ? mem_cgroup_write+0x370/0x370
[  853.237612][T23245]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  853.243279][T23245]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  853.248913][T23245]  kernfs_fop_write+0x2b8/0x480
[  853.253774][T23245]  __vfs_write+0x8a/0x110
[  853.258103][T23245]  ? kernfs_fop_open+0xd80/0xd80
[  853.263043][T23245]  __kernel_write+0x11b/0x3b0
[  853.267726][T23245]  write_pipe_buf+0x15d/0x1f0
[  853.272409][T23245]  ? do_splice_direct+0x2a0/0x2a0
[  853.277449][T23245]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  853.283691][T23245]  ? splice_from_pipe_next.part.0+0x262/0x300
[  853.289786][T23245]  __splice_from_pipe+0x397/0x7d0
[  853.294816][T23245]  ? do_splice_direct+0x2a0/0x2a0
[  853.299861][T23245]  ? do_splice_direct+0x2a0/0x2a0
[  853.304888][T23245]  splice_from_pipe+0x108/0x170
[  853.309750][T23245]  ? splice_shrink_spd+0xd0/0xd0
[  853.314711][T23245]  ? security_file_permission+0x8f/0x380
[  853.320347][T23245]  default_file_splice_write+0x3c/0x90
[  853.325804][T23245]  ? generic_splice_sendpage+0x50/0x50
[  853.331267][T23245]  direct_splice_actor+0x123/0x190
[  853.336386][T23245]  splice_direct_to_actor+0x366/0x970
[  853.341759][T23245]  ? generic_pipe_buf_nosteal+0x10/0x10
[  853.347309][T23245]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  853.353547][T23245]  ? do_splice_to+0x180/0x180
[  853.358236][T23245]  ? rw_verify_area+0x126/0x360
[  853.363108][T23245]  do_splice_direct+0x1da/0x2a0
[  853.367962][T23245]  ? splice_direct_to_actor+0x970/0x970
[  853.373502][T23245]  ? rcu_read_lock_any_held+0xcd/0xf0
[  853.378885][T23245]  ? __this_cpu_preempt_check+0x3a/0x210
[  853.384529][T23245]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  853.390780][T23245]  ? __sb_start_write+0x1e5/0x460
[  853.395813][T23245]  do_sendfile+0x597/0xd00
[  853.400229][T23245]  ? do_compat_pwritev64+0x1c0/0x1c0
[  853.405505][T23245]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  853.411746][T23245]  ? put_timespec64+0xda/0x140
[  853.416501][T23245]  __x64_sys_sendfile64+0x1dd/0x220
[  853.421681][T23245]  ? __ia32_sys_sendfile+0x230/0x230
[  853.426946][T23245]  ? do_syscall_64+0x26/0x760
[  853.431607][T23245]  ? lockdep_hardirqs_on+0x421/0x5e0
[  853.436885][T23245]  ? trace_hardirqs_on+0x67/0x240
[  853.441895][T23245]  do_syscall_64+0xfa/0x760
[  853.446394][T23245]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  853.452351][T23245] RIP: 0033:0x459f49
[  853.456229][T23245] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  853.475919][T23245] RSP: 002b:00007f2f999ffc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  853.484345][T23245] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  853.492314][T23245] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  853.500295][T23245] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  853.508262][T23245] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f2f99a006d4
[  853.516232][T23245] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  853.528429][T23245] memory: usage 1980kB, limit 0kB, failcnt 184
[  853.534662][T23245] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  853.541591][T23245] Memory cgroup stats for /syz5:
[  853.541712][T23245] anon 81920
[  853.541712][T23245] file 0
[  853.541712][T23245] kernel_stack 0
[  853.541712][T23245] slab 1638400
[  853.541712][T23245] sock 0
[  853.541712][T23245] shmem 143360
[  853.541712][T23245] file_mapped 135168
[  853.541712][T23245] file_dirty 0
[  853.541712][T23245] file_writeback 0
[  853.541712][T23245] anon_thp 0
[  853.541712][T23245] inactive_anon 0
[  853.541712][T23245] active_anon 81920
[  853.541712][T23245] inactive_file 24576
[  853.541712][T23245] active_file 167936
[  853.541712][T23245] unevictable 135168
[  853.541712][T23245] slab_reclaimable 946176
[  853.541712][T23245] slab_unreclaimable 692224
[  853.541712][T23245] pgfault 54879
[  853.541712][T23245] pgmajfault 0
[  853.541712][T23245] workingset_refault 0
[  853.541712][T23245] workingset_activate 0
[  853.541712][T23245] workingset_nodereclaim 0
[  853.541712][T23245] pgrefill 9261
[  853.541712][T23245] pgscan 25346
[  853.541712][T23245] pgsteal 7591
[  853.541712][T23245] pgactivate 11682
[  853.541735][T23245] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23242,uid=0
[  853.646659][T23245] Memory cgroup out of memory: Killed process 23245 (syz-executor.5) total-vm:72984kB, anon-rss:168kB, file-rss:35876kB, shmem-rss:0kB, UID:0 pgtables:147456kB oom_score_adj:1000
[  853.683868][ T1070] oom_reaper: reaped process 23245 (syz-executor.5), now anon-rss:0kB, file-rss:34932kB, shmem-rss:0kB
[  853.744596][T23218] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  853.757862][T23218] CPU: 0 PID: 23218 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  853.765785][T23218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  853.775866][T23218] Call Trace:
[  853.779170][T23218]  dump_stack+0x172/0x1f0
[  853.783521][T23218]  dump_header+0x10b/0x82d
[  853.787940][T23218]  ? oom_kill_process+0x94/0x3f0
[  853.792897][T23218]  oom_kill_process.cold+0x10/0x15
[  853.792916][T23218]  out_of_memory+0x334/0x1340
[  853.792937][T23218]  ? lock_downgrade+0x920/0x920
[  853.802702][T23218]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  853.802719][T23218]  ? oom_killer_disable+0x280/0x280
[  853.802742][T23218]  mem_cgroup_out_of_memory+0x1d8/0x240
[  853.824082][T23218]  ? memcg_stat_show+0xc40/0xc40
[  853.829048][T23218]  ? do_raw_spin_unlock+0x57/0x270
[  853.834190][T23218]  ? _raw_spin_unlock+0x2d/0x50
[  853.839061][T23218]  try_charge+0xf4b/0x1440
[  853.843500][T23218]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  853.849058][T23218]  ? percpu_ref_tryget_live+0x111/0x290
[  853.854643][T23218]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  853.860896][T23218]  ? __kasan_check_read+0x11/0x20
[  853.865940][T23218]  ? get_mem_cgroup_from_mm+0x156/0x320
[  853.871501][T23218]  mem_cgroup_try_charge+0x136/0x590
[  853.876806][T23218]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  853.882455][T23218]  wp_page_copy+0x407/0x1860
[  853.887061][T23218]  ? find_held_lock+0x35/0x130
[  853.891844][T23218]  ? do_wp_page+0x53b/0x15c0
[  853.896447][T23218]  ? pmd_devmap_trans_unstable+0x220/0x220
[  853.902297][T23218]  ? lock_downgrade+0x920/0x920
[  853.907160][T23218]  ? swp_swapcount+0x540/0x540
[  853.911934][T23218]  ? __kasan_check_read+0x11/0x20
[  853.916973][T23218]  ? do_raw_spin_unlock+0x57/0x270
[  853.922109][T23218]  do_wp_page+0x543/0x15c0
[  853.926548][T23218]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  853.931945][T23218]  __handle_mm_fault+0x23ec/0x4040
[  853.937076][T23218]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  853.942631][T23218]  ? handle_mm_fault+0x292/0xaa0
[  853.947593][T23218]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  853.953851][T23218]  ? __kasan_check_read+0x11/0x20
[  853.958891][T23218]  handle_mm_fault+0x3b7/0xaa0
[  853.963665][T23218]  __do_page_fault+0x536/0xdd0
[  853.968545][T23218]  do_page_fault+0x38/0x590
[  853.973063][T23218]  page_fault+0x39/0x40
[  853.977223][T23218] RIP: 0033:0x431026
[  853.981122][T23218] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  854.000732][T23218] RSP: 002b:00007ffc73f14820 EFLAGS: 00010206
[  854.006813][T23218] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  854.015137][T23218] RDX: 0000000001706930 RSI: 000000000170e970 RDI: 0000000000000003
[  854.023137][T23218] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001705940
[  854.031108][T23218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  854.039089][T23218] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  854.051830][T23218] memory: usage 1692kB, limit 0kB, failcnt 192
[  854.065641][T23218] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  854.080468][T23218] Memory cgroup stats for /syz5:
[  854.080572][T23218] anon 81920
[  854.080572][T23218] file 0
[  854.080572][T23218] kernel_stack 0
[  854.080572][T23218] slab 1638400
[  854.080572][T23218] sock 0
[  854.080572][T23218] shmem 143360
[  854.080572][T23218] file_mapped 135168
[  854.080572][T23218] file_dirty 0
[  854.080572][T23218] file_writeback 0
[  854.080572][T23218] anon_thp 0
[  854.080572][T23218] inactive_anon 0
[  854.080572][T23218] active_anon 81920
[  854.080572][T23218] inactive_file 24576
[  854.080572][T23218] active_file 167936
[  854.080572][T23218] unevictable 135168
[  854.080572][T23218] slab_reclaimable 946176
[  854.080572][T23218] slab_unreclaimable 692224
[  854.080572][T23218] pgfault 54879
[  854.080572][T23218] pgmajfault 0
[  854.080572][T23218] workingset_refault 0
[  854.080572][T23218] workingset_activate 0
[  854.080572][T23218] workingset_nodereclaim 0
[  854.080572][T23218] pgrefill 9261
[  854.080572][T23218] pgscan 25346
[  854.080572][T23218] pgsteal 7591
[  854.080572][T23218] pgactivate 11682
[  854.179578][T23218] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23218,uid=0
[  854.195531][T23218] Memory cgroup out of memory: Killed process 23218 (syz-executor.5) total-vm:72456kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  854.214510][ T1070] oom_reaper: reaped process 23218 (syz-executor.5), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  854.225686][T23263] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  854.250962][T23263] CPU: 1 PID: 23263 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  854.258898][T23263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  854.268963][T23263] Call Trace:
[  854.272269][T23263]  dump_stack+0x172/0x1f0
[  854.276614][T23263]  dump_header+0x10b/0x82d
[  854.281043][T23263]  oom_kill_process.cold+0x10/0x15
[  854.286165][T23263]  out_of_memory+0x334/0x1340
[  854.290855][T23263]  ? oom_killer_disable+0x280/0x280
[  854.296071][T23263]  mem_cgroup_out_of_memory+0x1d8/0x240
[  854.301807][T23263]  ? memcg_stat_show+0xc40/0xc40
[  854.306756][T23263]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  854.312571][T23263]  ? cgroup_file_notify+0x140/0x1b0
[  854.317778][T23263]  memory_max_write+0x262/0x3a0
[  854.322651][T23263]  ? mem_cgroup_write+0x370/0x370
[  854.327686][T23263]  ? lock_acquire+0x190/0x410
[  854.332374][T23263]  ? kernfs_fop_write+0x227/0x480
[  854.337403][T23263]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  854.342954][T23263]  cgroup_file_write+0x241/0x790
[  854.347899][T23263]  ? mem_cgroup_write+0x370/0x370
[  854.352927][T23263]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  854.358574][T23263]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  854.364208][T23263]  kernfs_fop_write+0x2b8/0x480
[  854.369064][T23263]  __vfs_write+0x8a/0x110
[  854.373392][T23263]  ? kernfs_fop_open+0xd80/0xd80
[  854.378328][T23263]  __kernel_write+0x11b/0x3b0
[  854.383014][T23263]  write_pipe_buf+0x15d/0x1f0
[  854.387695][T23263]  ? do_splice_direct+0x2a0/0x2a0
[  854.392730][T23263]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  854.398987][T23263]  ? splice_from_pipe_next.part.0+0x262/0x300
[  854.405067][T23263]  __splice_from_pipe+0x397/0x7d0
[  854.410121][T23263]  ? do_splice_direct+0x2a0/0x2a0
[  854.415175][T23263]  ? do_splice_direct+0x2a0/0x2a0
[  854.420204][T23263]  splice_from_pipe+0x108/0x170
[  854.425065][T23263]  ? splice_shrink_spd+0xd0/0xd0
[  854.430026][T23263]  ? security_file_permission+0x8f/0x380
[  854.435674][T23263]  default_file_splice_write+0x3c/0x90
[  854.441136][T23263]  ? generic_splice_sendpage+0x50/0x50
[  854.446602][T23263]  direct_splice_actor+0x123/0x190
[  854.451720][T23263]  splice_direct_to_actor+0x366/0x970
[  854.457102][T23263]  ? generic_pipe_buf_nosteal+0x10/0x10
[  854.462659][T23263]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  854.468905][T23263]  ? do_splice_to+0x180/0x180
[  854.473586][T23263]  ? rw_verify_area+0x126/0x360
[  854.478455][T23263]  do_splice_direct+0x1da/0x2a0
[  854.483326][T23263]  ? splice_direct_to_actor+0x970/0x970
[  854.488893][T23263]  ? rcu_read_lock_any_held+0xcd/0xf0
[  854.494290][T23263]  ? __this_cpu_preempt_check+0x3a/0x210
[  854.499927][T23263]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  854.506173][T23263]  ? __sb_start_write+0x1e5/0x460
[  854.511220][T23263]  do_sendfile+0x597/0xd00
[  854.515652][T23263]  ? do_compat_pwritev64+0x1c0/0x1c0
[  854.520942][T23263]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  854.527184][T23263]  ? put_timespec64+0xda/0x140
[  854.531960][T23263]  __x64_sys_sendfile64+0x1dd/0x220
[  854.537166][T23263]  ? __ia32_sys_sendfile+0x230/0x230
[  854.542453][T23263]  ? do_syscall_64+0x26/0x760
[  854.547142][T23263]  ? lockdep_hardirqs_on+0x421/0x5e0
[  854.552439][T23263]  ? trace_hardirqs_on+0x67/0x240
[  854.557490][T23263]  do_syscall_64+0xfa/0x760
[  854.562018][T23263]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  854.567916][T23263] RIP: 0033:0x459f49
[  854.571817][T23263] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  854.591438][T23263] RSP: 002b:00007fd33ee87c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  854.599859][T23263] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  854.607835][T23263] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  854.615813][T23263] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  854.623783][T23263] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fd33ee886d4
[  854.631767][T23263] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  854.648984][T23263] memory: usage 4972kB, limit 0kB, failcnt 505
[  854.655182][T23263] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  854.662680][T23263] Memory cgroup stats for /syz3:
[  854.662788][T23263] anon 4386816
[  854.662788][T23263] file 118784
[  854.662788][T23263] kernel_stack 0
[  854.662788][T23263] slab 692224
[  854.662788][T23263] sock 81920
[  854.662788][T23263] shmem 24576
[  854.662788][T23263] file_mapped 0
[  854.662788][T23263] file_dirty 135168
[  854.662788][T23263] file_writeback 0
[  854.662788][T23263] anon_thp 4194304
[  854.662788][T23263] inactive_anon 0
[  854.662788][T23263] active_anon 4386816
[  854.662788][T23263] inactive_file 98304
[  854.662788][T23263] active_file 0
[  854.662788][T23263] unevictable 135168
[  854.662788][T23263] slab_reclaimable 270336
[  854.662788][T23263] slab_unreclaimable 421888
[  854.662788][T23263] pgfault 59202
[  854.662788][T23263] pgmajfault 0
[  854.662788][T23263] workingset_refault 0
[  854.662788][T23263] workingset_activate 0
[  854.662788][T23263] workingset_nodereclaim 0
[  854.662788][T23263] pgrefill 8688
[  854.662788][T23263] pgscan 40193
[  854.662788][T23263] pgsteal 9652
[  854.773331][T23263] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23257,uid=0
[  854.790741][T23263] Memory cgroup out of memory: Killed process 23263 (syz-executor.3) total-vm:72720kB, anon-rss:4240kB, file-rss:35804kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  854.811469][ T1070] oom_reaper: reaped process 23263 (syz-executor.3), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB
[  854.817402][T23217] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  854.837856][T23217] CPU: 1 PID: 23217 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  854.845770][T23217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  854.855816][T23217] Call Trace:
[  854.859098][T23217]  dump_stack+0x172/0x1f0
[  854.863414][T23217]  dump_header+0x10b/0x82d
[  854.867825][T23217]  ? oom_kill_process+0x94/0x3f0
[  854.872752][T23217]  oom_kill_process.cold+0x10/0x15
[  854.877847][T23217]  out_of_memory+0x334/0x1340
[  854.882514][T23217]  ? lock_downgrade+0x920/0x920
[  854.887385][T23217]  ? oom_killer_disable+0x280/0x280
[  854.892598][T23217]  mem_cgroup_out_of_memory+0x1d8/0x240
[  854.898136][T23217]  ? memcg_stat_show+0xc40/0xc40
[  854.903068][T23217]  ? do_raw_spin_unlock+0x57/0x270
[  854.908168][T23217]  ? _raw_spin_unlock+0x2d/0x50
[  854.913002][T23217]  try_charge+0xf4b/0x1440
[  854.917409][T23217]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  854.922938][T23217]  ? percpu_ref_tryget_live+0x111/0x290
[  854.928466][T23217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  854.934689][T23217]  ? __kasan_check_read+0x11/0x20
[  854.939697][T23217]  ? get_mem_cgroup_from_mm+0x156/0x320
[  854.945235][T23217]  mem_cgroup_try_charge+0x136/0x590
[  854.950515][T23217]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  854.956133][T23217]  wp_page_copy+0x407/0x1860
[  854.960714][T23217]  ? find_held_lock+0x35/0x130
[  854.965470][T23217]  ? do_wp_page+0x53b/0x15c0
[  854.970059][T23217]  ? pmd_devmap_trans_unstable+0x220/0x220
[  854.975850][T23217]  ? lock_downgrade+0x920/0x920
[  854.980688][T23217]  ? swp_swapcount+0x540/0x540
[  854.985440][T23217]  ? __kasan_check_read+0x11/0x20
[  854.990446][T23217]  ? do_raw_spin_unlock+0x57/0x270
[  854.995541][T23217]  do_wp_page+0x543/0x15c0
[  854.999962][T23217]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  855.005325][T23217]  __handle_mm_fault+0x23ec/0x4040
[  855.010447][T23217]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  855.015987][T23217]  ? handle_mm_fault+0x292/0xaa0
[  855.020929][T23217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  855.027155][T23217]  ? __kasan_check_read+0x11/0x20
[  855.032164][T23217]  handle_mm_fault+0x3b7/0xaa0
[  855.036921][T23217]  __do_page_fault+0x536/0xdd0
[  855.041682][T23217]  do_page_fault+0x38/0x590
[  855.046169][T23217]  page_fault+0x39/0x40
[  855.050303][T23217] RIP: 0033:0x431026
[  855.054183][T23217] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  855.073770][T23217] RSP: 002b:00007ffc6c0964c0 EFLAGS: 00010206
[  855.079828][T23217] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  855.087781][T23217] RDX: 00000000025e0930 RSI: 00000000025e8970 RDI: 0000000000000003
[  855.095736][T23217] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000025df940
10:31:07 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:07 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:07 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x3000000}, 0x0)

10:31:07 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:07 executing program 4:
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0xc, 0x2}, 0x14)
r0 = openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xc5)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x3b7)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
recvmmsg(r1, &(0x7f0000000200), 0x38c, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000003c0))
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0xfffffffd}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
socket$rds(0x15, 0x5, 0x0)
r2 = socket$inet6(0xa, 0x803, 0xa5)
connect$inet6(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000000dc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2, 0x0)
accept4(r2, 0x0, &(0x7f0000001540)=0x33930b1a1b920071, 0x80800)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4081c0}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0xa4, r3, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x1d}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'rr\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x40, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x15}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xe5}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'teql0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10001}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
ppoll(&(0x7f0000000080)=[{r1, 0x9492}], 0x1, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000240)={0x8}, 0x8)
r4 = socket(0x11, 0x6, 0xb3)
sendmsg$rds(r4, &(0x7f0000000d80)={&(0x7f0000000380)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000400)=""/61, 0x3d}, {&(0x7f0000000440)=""/244, 0xf4}], 0x2, &(0x7f0000000b80)=[@mask_cswp={0x58, 0x114, 0x9, {{0xfffff801, 0x1}, &(0x7f0000000580)=0xf0e4, &(0x7f00000005c0)=0x401, 0x7, 0x2, 0x100000000, 0x1, 0x24, 0x7}}, @mask_cswp={0x58, 0x114, 0x9, {{0x7f, 0x320c}, &(0x7f0000000600)=0x6, &(0x7f0000000640)=0x4, 0x2, 0x6, 0x7, 0x9, 0x40, 0x3}}, @cswp={0x58, 0x114, 0x7, {{0x5, 0x1}, &(0x7f0000000680)=0xdddd, &(0x7f00000006c0), 0xffffffff, 0x8, 0x5, 0x6, 0x1, 0x40}}, @mask_cswp={0x58, 0x114, 0x9, {{0xffff, 0x100}, &(0x7f0000000700)=0x1, &(0x7f0000000740)=0x1, 0x8, 0x86, 0x8, 0xffffffffffffffff, 0xc}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000780)=""/223, 0xdf}, &(0x7f0000000880), 0x2}}, @rdma_args={0x48, 0x114, 0x1, {{0x9, 0x449f}, {&(0x7f00000008c0)=""/72, 0x48}, &(0x7f0000000b40)=[{&(0x7f0000000940)=""/165, 0xa5}, {&(0x7f0000000a00)=""/72, 0x48}, {&(0x7f0000000a80)=""/135, 0x87}], 0x3, 0x19, 0x80}}], 0x1d8, 0x40000}, 0x9d0480588ac03157)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f000000ab80)={0x0, 0x0, 0x0}, 0x0)
syz_extract_tcp_res(&(0x7f0000000180), 0xfffffffc, 0xfffffffd)
ioctl$SIOCAX25CTLCON(0xffffffffffffffff, 0x89e8, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)

10:31:07 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x0, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  855.103688][T23217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  855.111643][T23217] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  855.136047][T23217] memory: usage 860kB, limit 0kB, failcnt 268
[  855.158450][T23217] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  855.180948][T23217] Memory cgroup stats for /syz2:
[  855.181058][T23217] anon 45056
[  855.181058][T23217] file 0
[  855.181058][T23217] kernel_stack 0
[  855.181058][T23217] slab 1056768
[  855.181058][T23217] sock 4096
[  855.181058][T23217] shmem 20480
[  855.181058][T23217] file_mapped 135168
[  855.181058][T23217] file_dirty 135168
[  855.181058][T23217] file_writeback 0
[  855.181058][T23217] anon_thp 0
[  855.181058][T23217] inactive_anon 90112
[  855.181058][T23217] active_anon 53248
[  855.181058][T23217] inactive_file 57344
[  855.181058][T23217] active_file 135168
[  855.181058][T23217] unevictable 0
[  855.181058][T23217] slab_reclaimable 540672
[  855.181058][T23217] slab_unreclaimable 516096
[  855.181058][T23217] pgfault 65274
[  855.181058][T23217] pgmajfault 0
[  855.181058][T23217] workingset_refault 0
10:31:07 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  855.181058][T23217] workingset_activate 0
[  855.181058][T23217] workingset_nodereclaim 0
[  855.181058][T23217] pgrefill 15698
[  855.181058][T23217] pgscan 24440
[  855.181058][T23217] pgsteal 3058
10:31:07 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, 0x0, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  855.587575][    C1] net_ratelimit: 2 callbacks suppressed
[  855.587584][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  855.587601][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  855.593355][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  855.599055][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  855.616315][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  855.622140][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  855.624110][T23217] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23217,uid=0
[  855.643510][T23217] Memory cgroup out of memory: Killed process 23217 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  855.661647][ T1070] oom_reaper: reaped process 23217 (syz-executor.2), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  855.676247][T23212] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  855.697588][T23212] CPU: 1 PID: 23212 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  855.705526][T23212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  855.715596][T23212] Call Trace:
[  855.718902][T23212]  dump_stack+0x172/0x1f0
[  855.723247][T23212]  dump_header+0x10b/0x82d
[  855.727673][T23212]  ? oom_kill_process+0x94/0x3f0
[  855.732623][T23212]  oom_kill_process.cold+0x10/0x15
[  855.737766][T23212]  out_of_memory+0x334/0x1340
[  855.742445][T23212]  ? lock_downgrade+0x920/0x920
[  855.747320][T23212]  ? oom_killer_disable+0x280/0x280
[  855.752551][T23212]  mem_cgroup_out_of_memory+0x1d8/0x240
[  855.758112][T23212]  ? memcg_stat_show+0xc40/0xc40
[  855.763061][T23212]  ? do_raw_spin_unlock+0x57/0x270
[  855.768195][T23212]  ? _raw_spin_unlock+0x2d/0x50
[  855.773062][T23212]  try_charge+0xf4b/0x1440
[  855.777488][T23212]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  855.783029][T23212]  ? percpu_ref_tryget_live+0x111/0x290
[  855.788608][T23212]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  855.794853][T23212]  ? __kasan_check_read+0x11/0x20
[  855.799898][T23212]  ? get_mem_cgroup_from_mm+0x156/0x320
[  855.805460][T23212]  mem_cgroup_try_charge+0x136/0x590
[  855.810766][T23212]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  855.816407][T23212]  wp_page_copy+0x407/0x1860
[  855.821001][T23212]  ? find_held_lock+0x35/0x130
[  855.825766][T23212]  ? do_wp_page+0x53b/0x15c0
[  855.827659][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  855.830356][T23212]  ? pmd_devmap_trans_unstable+0x220/0x220
[  855.836108][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  855.841846][T23212]  ? lock_downgrade+0x920/0x920
[  855.841862][T23212]  ? swp_swapcount+0x540/0x540
[  855.841876][T23212]  ? __kasan_check_read+0x11/0x20
[  855.841888][T23212]  ? do_raw_spin_unlock+0x57/0x270
[  855.841906][T23212]  do_wp_page+0x543/0x15c0
[  855.871702][T23212]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  855.877086][T23212]  __handle_mm_fault+0x23ec/0x4040
[  855.882212][T23212]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  855.887762][T23212]  ? handle_mm_fault+0x292/0xaa0
[  855.892712][T23212]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  855.898957][T23212]  ? __kasan_check_read+0x11/0x20
[  855.903986][T23212]  handle_mm_fault+0x3b7/0xaa0
[  855.908766][T23212]  __do_page_fault+0x536/0xdd0
[  855.913544][T23212]  do_page_fault+0x38/0x590
[  855.918047][T23212]  page_fault+0x39/0x40
[  855.922201][T23212] RIP: 0033:0x431026
[  855.926099][T23212] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  855.945879][T23212] RSP: 002b:00007ffcf7506340 EFLAGS: 00010206
[  855.951964][T23212] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  855.959939][T23212] RDX: 0000000002300930 RSI: 0000000002308970 RDI: 0000000000000003
[  855.967913][T23212] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000022ff940
[  855.975908][T23212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  855.983884][T23212] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
10:31:08 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, 0x0, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  855.995847][T23212] memory: usage 608kB, limit 0kB, failcnt 513
[  856.002836][T23212] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  856.009872][T23212] Memory cgroup stats for /syz3:
[  856.009967][T23212] anon 114688
[  856.009967][T23212] file 118784
[  856.009967][T23212] kernel_stack 0
[  856.009967][T23212] slab 692224
[  856.009967][T23212] sock 81920
[  856.009967][T23212] shmem 24576
[  856.009967][T23212] file_mapped 0
[  856.009967][T23212] file_dirty 135168
[  856.009967][T23212] file_writeback 0
[  856.009967][T23212] anon_thp 0
[  856.009967][T23212] inactive_anon 0
[  856.009967][T23212] active_anon 114688
[  856.009967][T23212] inactive_file 98304
[  856.009967][T23212] active_file 0
[  856.009967][T23212] unevictable 135168
[  856.009967][T23212] slab_reclaimable 270336
[  856.009967][T23212] slab_unreclaimable 421888
[  856.009967][T23212] pgfault 59202
[  856.009967][T23212] pgmajfault 0
[  856.009967][T23212] workingset_refault 0
[  856.009967][T23212] workingset_activate 0
[  856.009967][T23212] workingset_nodereclaim 0
[  856.009967][T23212] pgrefill 8688
[  856.009967][T23212] pgscan 40193
[  856.009967][T23212] pgsteal 9652
[  856.009967][T23212] pgactivate 11286
[  856.108152][T23212] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23212,uid=0
10:31:08 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  856.149149][T23212] Memory cgroup out of memory: Killed process 23212 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
10:31:08 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, 0x0, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  856.223283][ T1070] oom_reaper: reaped process 23212 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
10:31:08 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x0, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  856.352548][T23295] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  856.398479][T23295] CPU: 1 PID: 23295 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  856.406442][T23295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  856.416506][T23295] Call Trace:
[  856.419815][T23295]  dump_stack+0x172/0x1f0
[  856.424257][T23295]  dump_header+0x10b/0x82d
[  856.428693][T23295]  oom_kill_process.cold+0x10/0x15
[  856.433810][T23295]  out_of_memory+0x334/0x1340
[  856.438489][T23295]  ? cgroup_file_notify+0x140/0x1b0
[  856.443695][T23295]  ? oom_killer_disable+0x280/0x280
[  856.448910][T23295]  mem_cgroup_out_of_memory+0x1d8/0x240
[  856.454473][T23295]  ? memcg_stat_show+0xc40/0xc40
[  856.459415][T23295]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  856.459433][T23295]  ? cgroup_file_notify+0x140/0x1b0
[  856.459451][T23295]  memory_max_write+0x262/0x3a0
[  856.459468][T23295]  ? mem_cgroup_write+0x370/0x370
[  856.459487][T23295]  ? lock_acquire+0x190/0x410
[  856.470471][T23295]  ? kernfs_fop_write+0x227/0x480
[  856.470487][T23295]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  856.470507][T23295]  cgroup_file_write+0x241/0x790
[  856.470523][T23295]  ? mem_cgroup_write+0x370/0x370
[  856.470537][T23295]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  856.470559][T23295]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  856.470571][T23295]  kernfs_fop_write+0x2b8/0x480
[  856.470590][T23295]  __vfs_write+0x8a/0x110
[  856.470604][T23295]  ? kernfs_fop_open+0xd80/0xd80
[  856.470619][T23295]  __kernel_write+0x11b/0x3b0
[  856.470637][T23295]  write_pipe_buf+0x15d/0x1f0
[  856.470660][T23295]  ? do_splice_direct+0x2a0/0x2a0
[  856.545274][T23295]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  856.551514][T23295]  ? splice_from_pipe_next.part.0+0x262/0x300
[  856.557586][T23295]  __splice_from_pipe+0x397/0x7d0
[  856.562607][T23295]  ? do_splice_direct+0x2a0/0x2a0
[  856.567634][T23295]  ? do_splice_direct+0x2a0/0x2a0
[  856.572658][T23295]  splice_from_pipe+0x108/0x170
[  856.577517][T23295]  ? splice_shrink_spd+0xd0/0xd0
[  856.582458][T23295]  ? security_file_permission+0x8f/0x380
[  856.588092][T23295]  default_file_splice_write+0x3c/0x90
[  856.593544][T23295]  ? generic_splice_sendpage+0x50/0x50
[  856.599001][T23295]  direct_splice_actor+0x123/0x190
[  856.604123][T23295]  splice_direct_to_actor+0x366/0x970
[  856.609503][T23295]  ? generic_pipe_buf_nosteal+0x10/0x10
[  856.615233][T23295]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  856.621463][T23295]  ? do_splice_to+0x180/0x180
[  856.626156][T23295]  ? rw_verify_area+0x126/0x360
[  856.631009][T23295]  do_splice_direct+0x1da/0x2a0
[  856.635851][T23295]  ? splice_direct_to_actor+0x970/0x970
[  856.641386][T23295]  ? rcu_read_lock_any_held+0xcd/0xf0
[  856.646884][T23295]  ? __this_cpu_preempt_check+0x3a/0x210
[  856.652535][T23295]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  856.658792][T23295]  ? __sb_start_write+0x1e5/0x460
[  856.663818][T23295]  do_sendfile+0x597/0xd00
[  856.668241][T23295]  ? do_compat_pwritev64+0x1c0/0x1c0
[  856.673523][T23295]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  856.679766][T23295]  ? put_timespec64+0xda/0x140
[  856.684533][T23295]  __x64_sys_sendfile64+0x1dd/0x220
[  856.689731][T23295]  ? __ia32_sys_sendfile+0x230/0x230
[  856.695000][T23295]  ? do_syscall_64+0x26/0x760
[  856.699672][T23295]  ? lockdep_hardirqs_on+0x421/0x5e0
[  856.704948][T23295]  ? trace_hardirqs_on+0x67/0x240
[  856.709977][T23295]  do_syscall_64+0xfa/0x760
[  856.714486][T23295]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  856.720363][T23295] RIP: 0033:0x459f49
[  856.724242][T23295] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  856.743836][T23295] RSP: 002b:00007f5e303dfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  856.752253][T23295] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  856.760230][T23295] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  856.768211][T23295] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  856.776179][T23295] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f5e303e06d4
[  856.784138][T23295] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  856.794512][T23295] memory: usage 6488kB, limit 0kB, failcnt 138
[  856.806555][T23295] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  856.813628][T23295] Memory cgroup stats for /syz4:
[  856.813762][T23295] anon 4284416
[  856.813762][T23295] file 69632
[  856.813762][T23295] kernel_stack 131072
[  856.813762][T23295] slab 2183168
[  856.813762][T23295] sock 0
[  856.813762][T23295] shmem 0
[  856.813762][T23295] file_mapped 135168
[  856.813762][T23295] file_dirty 135168
[  856.813762][T23295] file_writeback 0
[  856.813762][T23295] anon_thp 4194304
[  856.813762][T23295] inactive_anon 135168
[  856.813762][T23295] active_anon 4284416
[  856.813762][T23295] inactive_file 36864
[  856.813762][T23295] active_file 0
[  856.813762][T23295] unevictable 0
[  856.813762][T23295] slab_reclaimable 1081344
[  856.813762][T23295] slab_unreclaimable 1101824
[  856.813762][T23295] pgfault 49005
[  856.813762][T23295] pgmajfault 0
[  856.813762][T23295] workingset_refault 0
[  856.813762][T23295] workingset_activate 0
[  856.813762][T23295] workingset_nodereclaim 0
[  856.813762][T23295] pgrefill 4301
[  856.813762][T23295] pgscan 18220
[  856.813762][T23295] pgsteal 5051
[  856.914213][T23295] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23290,uid=0
[  856.988511][T23295] Memory cgroup out of memory: Killed process 23290 (syz-executor.4) total-vm:72716kB, anon-rss:4200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:143360kB oom_score_adj:1000
[  857.068299][ T1070] oom_reaper: reaped process 23290 (syz-executor.4), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB
10:31:10 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:10 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x0, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:10 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:10 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:10 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x4000000}, 0x0)

10:31:10 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  857.664885][T23216] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0
[  857.718756][T23216] CPU: 0 PID: 23216 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  857.726713][T23216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  857.736979][T23216] Call Trace:
[  857.740297][T23216]  dump_stack+0x172/0x1f0
[  857.744682][T23216]  dump_header+0x10b/0x82d
[  857.749118][T23216]  ? oom_kill_process+0x94/0x3f0
[  857.754081][T23216]  oom_kill_process.cold+0x10/0x15
[  857.759230][T23216]  out_of_memory+0x334/0x1340
[  857.763930][T23216]  ? lock_downgrade+0x920/0x920
[  857.768812][T23216]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  857.774646][T23216]  ? oom_killer_disable+0x280/0x280
[  857.779876][T23216]  mem_cgroup_out_of_memory+0x1d8/0x240
[  857.785463][T23216]  ? memcg_stat_show+0xc40/0xc40
[  857.790428][T23216]  ? do_raw_spin_unlock+0x57/0x270
[  857.795564][T23216]  ? _raw_spin_unlock+0x2d/0x50
[  857.800441][T23216]  try_charge+0xf4b/0x1440
[  857.804876][T23216]  ? find_held_lock+0x35/0x130
[  857.809670][T23216]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  857.815235][T23216]  ? get_mem_cgroup_from_mm+0x139/0x320
[  857.820801][T23216]  ? find_held_lock+0x35/0x130
[  857.825590][T23216]  ? get_mem_cgroup_from_mm+0x139/0x320
[  857.831174][T23216]  __memcg_kmem_charge_memcg+0x7c/0x130
[  857.836746][T23216]  ? memcg_kmem_put_cache+0x50/0x50
[  857.842006][T23216]  ? get_mem_cgroup_from_mm+0x156/0x320
[  857.847578][T23216]  __memcg_kmem_charge+0x13a/0x3a0
[  857.852715][T23216]  __alloc_pages_nodemask+0x4f5/0x900
[  857.858107][T23216]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  857.863673][T23216]  ? __alloc_pages_slowpath+0x2920/0x2920
[  857.869418][T23216]  ? percpu_ref_put_many+0xb6/0x190
[  857.874640][T23216]  ? lockdep_hardirqs_on+0x421/0x5e0
[  857.879943][T23216]  ? trace_hardirqs_on+0x67/0x240
[  857.885019][T23216]  ? __kasan_check_read+0x11/0x20
[  857.890090][T23216]  copy_process+0x3f8/0x6860
[  857.894708][T23216]  ? __kasan_check_read+0x11/0x20
[  857.899755][T23216]  ? __lock_acquire+0x16f2/0x4a00
[  857.904806][T23216]  ? __kasan_check_read+0x11/0x20
[  857.909855][T23216]  ? mark_lock+0xc2/0x1220
[  857.914384][T23216]  ? __cleanup_sighand+0x60/0x60
[  857.919341][T23216]  ? find_held_lock+0x35/0x130
[  857.924137][T23216]  _do_fork+0x146/0xfa0
[  857.928317][T23216]  ? copy_init_mm+0x20/0x20
[  857.932847][T23216]  ? __kasan_check_read+0x11/0x20
[  857.937902][T23216]  ? _copy_to_user+0x118/0x160
[  857.942701][T23216]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  857.948976][T23216]  ? put_timespec64+0xda/0x140
[  857.953785][T23216]  __x64_sys_clone+0x18d/0x250
[  857.958568][T23216]  ? __ia32_sys_vfork+0xc0/0xc0
[  857.963453][T23216]  ? lockdep_hardirqs_on+0x421/0x5e0
[  857.968758][T23216]  ? trace_hardirqs_on+0x67/0x240
[  857.973812][T23216]  do_syscall_64+0xfa/0x760
[  857.978361][T23216]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  857.984272][T23216] RIP: 0033:0x45851a
[  857.988181][T23216] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[  858.007791][T23216] RSP: 002b:00007ffc819d75b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  858.016218][T23216] RAX: ffffffffffffffda RBX: 00007ffc819d75b0 RCX: 000000000045851a
[  858.024207][T23216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  858.032193][T23216] RBP: 00007ffc819d75f0 R08: 0000000000000001 R09: 0000000001c29940
[  858.040176][T23216] R10: 0000000001c29c10 R11: 0000000000000246 R12: 0000000000000001
[  858.048159][T23216] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc819d7640
[  858.057227][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  858.063089][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:31:10 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x0, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  858.117683][T23216] memory: usage 2044kB, limit 0kB, failcnt 146
[  858.123879][T23216] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  858.155357][T23216] Memory cgroup stats for /syz4:
[  858.155472][T23216] anon 77824
[  858.155472][T23216] file 69632
[  858.155472][T23216] kernel_stack 65536
[  858.155472][T23216] slab 2183168
[  858.155472][T23216] sock 0
[  858.155472][T23216] shmem 0
[  858.155472][T23216] file_mapped 135168
[  858.155472][T23216] file_dirty 135168
[  858.155472][T23216] file_writeback 0
[  858.155472][T23216] anon_thp 0
[  858.155472][T23216] inactive_anon 135168
[  858.155472][T23216] active_anon 77824
[  858.155472][T23216] inactive_file 36864
[  858.155472][T23216] active_file 0
[  858.155472][T23216] unevictable 0
[  858.155472][T23216] slab_reclaimable 1081344
10:31:10 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x7000000}, 0x0)

10:31:10 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc))
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  858.155472][T23216] slab_unreclaimable 1101824
[  858.155472][T23216] pgfault 49038
[  858.155472][T23216] pgmajfault 0
[  858.155472][T23216] workingset_refault 0
[  858.155472][T23216] workingset_activate 0
[  858.155472][T23216] workingset_nodereclaim 0
[  858.155472][T23216] pgrefill 4301
[  858.155472][T23216] pgscan 18220
[  858.155472][T23216] pgsteal 5051
[  858.155472][T23216] pgactivate 6831
10:31:10 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:10 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:10 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:11 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  858.642043][T23216] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23216,uid=0
[  858.669156][T23216] Memory cgroup out of memory: Killed process 23216 (syz-executor.4) total-vm:72452kB, anon-rss:104kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  858.706927][ T1070] oom_reaper: reaped process 23216 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
10:31:11 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  859.096100][T11615] device bridge_slave_1 left promiscuous mode
[  859.103533][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.128998][T11615] device bridge_slave_0 left promiscuous mode
[  859.165664][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.213520][T11615] device bridge_slave_1 left promiscuous mode
[  859.220749][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.268843][T11615] device bridge_slave_0 left promiscuous mode
[  859.275076][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.339569][T11615] device bridge_slave_1 left promiscuous mode
[  859.345803][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.388888][T11615] device bridge_slave_0 left promiscuous mode
[  859.395074][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.318364][T11615] device hsr_slave_0 left promiscuous mode
[  865.358868][T11615] device hsr_slave_1 left promiscuous mode
[  865.416549][T11615] team0 (unregistering): Port device team_slave_1 removed
[  865.434553][T11615] team0 (unregistering): Port device team_slave_0 removed
[  865.446182][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  865.484835][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  865.586040][T11615] bond0 (unregistering): Released all slaves
[  865.738357][T11615] device hsr_slave_0 left promiscuous mode
[  865.797711][T11615] device hsr_slave_1 left promiscuous mode
[  865.870620][T11615] team0 (unregistering): Port device team_slave_1 removed
[  865.882300][T11615] team0 (unregistering): Port device team_slave_0 removed
[  865.895913][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  865.936763][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  866.042396][T11615] bond0 (unregistering): Released all slaves
[  866.228336][T11615] device hsr_slave_0 left promiscuous mode
[  866.267809][T11615] device hsr_slave_1 left promiscuous mode
[  866.345890][T11615] team0 (unregistering): Port device team_slave_1 removed
[  866.361700][T11615] team0 (unregistering): Port device team_slave_0 removed
[  866.373251][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  866.454340][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  866.546647][T11615] bond0 (unregistering): Released all slaves
[  866.639120][T23332] IPVS: ftp: loaded support on port[0] = 21
[  866.682592][T23335] IPVS: ftp: loaded support on port[0] = 21
[  866.685733][T23337] IPVS: ftp: loaded support on port[0] = 21
[  866.821487][T23332] chnl_net:caif_netlink_parms(): no params data found
[  866.915753][T23332] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.926601][T23332] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.934596][T23332] device bridge_slave_0 entered promiscuous mode
[  866.942908][T23332] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.950058][T23332] bridge0: port 2(bridge_slave_1) entered disabled state
[  866.958229][T23332] device bridge_slave_1 entered promiscuous mode
[  866.996202][T23337] chnl_net:caif_netlink_parms(): no params data found
[  867.015474][T23335] chnl_net:caif_netlink_parms(): no params data found
[  867.038014][T23332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  867.049538][T23332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  867.082921][T23332] team0: Port device team_slave_0 added
[  867.090041][T23332] team0: Port device team_slave_1 added
[  867.191236][T23332] device hsr_slave_0 entered promiscuous mode
[  867.232696][T23332] device hsr_slave_1 entered promiscuous mode
[  867.294056][T23335] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.302692][T23335] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.313763][T23335] device bridge_slave_0 entered promiscuous mode
[  867.368079][T23337] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.375188][T23337] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.383902][T23337] device bridge_slave_0 entered promiscuous mode
[  867.392002][T23337] bridge0: port 2(bridge_slave_1) entered blocking state
[  867.399160][T23337] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.407133][T23337] device bridge_slave_1 entered promiscuous mode
[  867.414935][T23335] bridge0: port 2(bridge_slave_1) entered blocking state
[  867.422516][T23335] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.431290][T23335] device bridge_slave_1 entered promiscuous mode
[  867.546446][T23332] bridge0: port 2(bridge_slave_1) entered blocking state
[  867.553592][T23332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  867.560992][T23332] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.568119][T23332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  867.617677][T23335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  867.639064][T23335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  867.674272][T23337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  867.698283][T23337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  867.727053][T23335] team0: Port device team_slave_0 added
[  867.752440][T23337] team0: Port device team_slave_0 added
[  867.760575][T23337] team0: Port device team_slave_1 added
[  867.768887][T23335] team0: Port device team_slave_1 added
[  867.775034][T13143] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.783770][T13143] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.910629][T23335] device hsr_slave_0 entered promiscuous mode
[  867.947991][T23335] device hsr_slave_1 entered promiscuous mode
[  867.987632][T23335] debugfs: Directory 'hsr0' with parent '/' already present!
[  868.005799][T23332] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.060720][T23337] device hsr_slave_0 entered promiscuous mode
[  868.087995][T23337] device hsr_slave_1 entered promiscuous mode
[  868.127624][T23337] debugfs: Directory 'hsr0' with parent '/' already present!
[  868.175720][T23332] 8021q: adding VLAN 0 to HW filter on device team0
[  868.194498][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  868.208262][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  868.257608][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  868.266392][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  868.275857][T22841] bridge0: port 1(bridge_slave_0) entered blocking state
[  868.282979][T22841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  868.291190][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  868.300591][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  868.309502][T22841] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.316574][T22841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  868.325350][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  868.389027][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  868.399322][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  868.408537][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  868.417084][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  868.427069][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  868.436095][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  868.445261][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  868.463828][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  868.512582][T23332] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  868.524290][T23332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  868.537758][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  868.546248][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  868.569430][T23337] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.586625][T23335] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.622587][T23337] 8021q: adding VLAN 0 to HW filter on device team0
[  868.639489][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  868.647268][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  868.655757][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  868.665841][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  868.675338][T13143] bridge0: port 1(bridge_slave_0) entered blocking state
[  868.682528][T13143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  868.693345][T23332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  868.705097][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  868.730132][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  868.739310][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  868.757735][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.764830][ T8841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  868.773702][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  868.792478][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  868.801344][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  868.828715][T23335] 8021q: adding VLAN 0 to HW filter on device team0
[  868.836464][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  868.859174][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  868.876390][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  868.885093][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  868.908630][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  868.949455][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  868.957449][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  868.967353][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  868.976234][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  868.985648][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  869.003721][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  869.038426][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  869.065297][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state
[  869.072435][ T8841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  869.087943][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  869.105908][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  869.126503][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state
[  869.133656][ T8841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  869.161079][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  869.190251][T23337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  869.228364][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  869.237012][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  869.255734][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  869.285740][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  869.303883][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  869.315920][T10831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  869.340105][T23351] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  869.346635][T23337] 8021q: adding VLAN 0 to HW filter on device batadv0
[  869.366128][T23335] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  869.387982][T23335] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  869.397623][T23351] CPU: 0 PID: 23351 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  869.400722][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  869.406229][T23351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  869.414921][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  869.423453][T23351] Call Trace:
[  869.423476][T23351]  dump_stack+0x172/0x1f0
[  869.423496][T23351]  dump_header+0x10b/0x82d
[  869.423512][T23351]  oom_kill_process.cold+0x10/0x15
[  869.423527][T23351]  out_of_memory+0x334/0x1340
[  869.423544][T23351]  ? __sched_text_start+0x8/0x8
[  869.423566][T23351]  ? oom_killer_disable+0x280/0x280
[  869.432195][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  869.434637][T23351]  mem_cgroup_out_of_memory+0x1d8/0x240
[  869.439780][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  869.443339][T23351]  ? memcg_stat_show+0xc40/0xc40
[  869.449084][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  869.453084][T23351]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  869.467646][T20282] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  869.470828][T23351]  ? cgroup_file_notify+0x140/0x1b0
[  869.480613][T23335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  869.484166][T23351]  memory_max_write+0x262/0x3a0
[  869.496794][T23351]  ? mem_cgroup_write+0x370/0x370
[  869.531459][T23351]  ? lock_acquire+0x190/0x410
[  869.536132][T23351]  ? kernfs_fop_write+0x227/0x480
[  869.541155][T23351]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  869.546700][T23351]  cgroup_file_write+0x241/0x790
[  869.551650][T23351]  ? mem_cgroup_write+0x370/0x370
[  869.556693][T23351]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  869.562350][T23351]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  869.567992][T23351]  kernfs_fop_write+0x2b8/0x480
[  869.572864][T23351]  __vfs_write+0x8a/0x110
[  869.577208][T23351]  ? kernfs_fop_open+0xd80/0xd80
[  869.582155][T23351]  __kernel_write+0x11b/0x3b0
[  869.586855][T23351]  write_pipe_buf+0x15d/0x1f0
[  869.591541][T23351]  ? do_splice_direct+0x2a0/0x2a0
[  869.596576][T23351]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  869.602833][T23351]  ? splice_from_pipe_next.part.0+0x262/0x300
[  869.608944][T23351]  __splice_from_pipe+0x397/0x7d0
[  869.613991][T23351]  ? do_splice_direct+0x2a0/0x2a0
[  869.619044][T23351]  ? do_splice_direct+0x2a0/0x2a0
[  869.624093][T23351]  splice_from_pipe+0x108/0x170
[  869.628967][T23351]  ? splice_shrink_spd+0xd0/0xd0
[  869.633928][T23351]  ? security_file_permission+0x8f/0x380
[  869.639580][T23351]  default_file_splice_write+0x3c/0x90
[  869.645019][T23351]  ? generic_splice_sendpage+0x50/0x50
[  869.650465][T23351]  direct_splice_actor+0x123/0x190
[  869.655559][T23351]  splice_direct_to_actor+0x366/0x970
[  869.660919][T23351]  ? generic_pipe_buf_nosteal+0x10/0x10
[  869.666460][T23351]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  869.672692][T23351]  ? do_splice_to+0x180/0x180
[  869.677353][T23351]  ? rw_verify_area+0x126/0x360
[  869.682227][T23351]  do_splice_direct+0x1da/0x2a0
[  869.687062][T23351]  ? splice_direct_to_actor+0x970/0x970
[  869.692594][T23351]  ? rcu_read_lock_any_held+0xcd/0xf0
[  869.697966][T23351]  ? __this_cpu_preempt_check+0x3a/0x210
[  869.703603][T23351]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  869.709827][T23351]  ? __sb_start_write+0x1e5/0x460
[  869.714848][T23351]  do_sendfile+0x597/0xd00
[  869.719270][T23351]  ? do_compat_pwritev64+0x1c0/0x1c0
[  869.724534][T23351]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  869.730773][T23351]  ? put_timespec64+0xda/0x140
[  869.735565][T23351]  __x64_sys_sendfile64+0x1dd/0x220
[  869.740764][T23351]  ? __ia32_sys_sendfile+0x230/0x230
[  869.746054][T23351]  ? do_syscall_64+0x26/0x760
[  869.750728][T23351]  ? lockdep_hardirqs_on+0x421/0x5e0
[  869.756005][T23351]  ? trace_hardirqs_on+0x67/0x240
[  869.761041][T23351]  do_syscall_64+0xfa/0x760
[  869.765548][T23351]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  869.771423][T23351] RIP: 0033:0x459f49
[  869.775309][T23351] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  869.794908][T23351] RSP: 002b:00007f120c27cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  869.803309][T23351] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  869.811281][T23351] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  869.819246][T23351] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  869.827196][T23351] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f120c27d6d4
[  869.835160][T23351] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  869.855302][T23351] memory: usage 1400kB, limit 0kB, failcnt 269
[  869.861539][T23351] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  869.868458][T23351] Memory cgroup stats for /syz2:
[  869.868558][T23351] anon 151552
[  869.868558][T23351] file 0
[  869.868558][T23351] kernel_stack 131072
[  869.868558][T23351] slab 1056768
[  869.868558][T23351] sock 4096
[  869.868558][T23351] shmem 20480
[  869.868558][T23351] file_mapped 0
[  869.868558][T23351] file_dirty 135168
[  869.868558][T23351] file_writeback 0
[  869.868558][T23351] anon_thp 0
[  869.868558][T23351] inactive_anon 90112
[  869.868558][T23351] active_anon 151552
[  869.868558][T23351] inactive_file 57344
[  869.868558][T23351] active_file 135168
[  869.868558][T23351] unevictable 0
[  869.868558][T23351] slab_reclaimable 540672
[  869.868558][T23351] slab_unreclaimable 516096
[  869.868558][T23351] pgfault 65406
[  869.868558][T23351] pgmajfault 0
[  869.868558][T23351] workingset_refault 0
[  869.868558][T23351] workingset_activate 0
[  869.868558][T23351] workingset_nodereclaim 0
[  869.868558][T23351] pgrefill 15698
[  869.868558][T23351] pgscan 24440
[  869.868558][T23351] pgsteal 3058
[  869.962709][T23351] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23332,uid=0
[  869.978345][T23351] Memory cgroup out of memory: Killed process 23332 (syz-executor.2) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  870.130224][T23367] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  870.151015][T23367] CPU: 0 PID: 23367 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  870.158956][T23367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  870.169013][T23367] Call Trace:
[  870.172348][T23367]  dump_stack+0x172/0x1f0
[  870.176702][T23367]  dump_header+0x10b/0x82d
[  870.181136][T23367]  oom_kill_process.cold+0x10/0x15
[  870.186264][T23367]  out_of_memory+0x334/0x1340
[  870.190954][T23367]  ? __sched_text_start+0x8/0x8
[  870.195805][T23367]  ? oom_killer_disable+0x280/0x280
[  870.201020][T23367]  mem_cgroup_out_of_memory+0x1d8/0x240
[  870.206558][T23367]  ? memcg_stat_show+0xc40/0xc40
[  870.211505][T23367]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  870.217340][T23367]  ? cgroup_file_notify+0x140/0x1b0
[  870.222565][T23367]  memory_max_write+0x262/0x3a0
[  870.227451][T23367]  ? mem_cgroup_write+0x370/0x370
[  870.232493][T23367]  ? lock_acquire+0x190/0x410
[  870.237180][T23367]  ? kernfs_fop_write+0x227/0x480
[  870.242232][T23367]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  870.247801][T23367]  cgroup_file_write+0x241/0x790
[  870.252744][T23367]  ? mem_cgroup_write+0x370/0x370
[  870.257774][T23367]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  870.263422][T23367]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  870.269092][T23367]  kernfs_fop_write+0x2b8/0x480
[  870.273962][T23367]  __vfs_write+0x8a/0x110
[  870.278307][T23367]  ? kernfs_fop_open+0xd80/0xd80
[  870.283428][T23367]  __kernel_write+0x11b/0x3b0
[  870.288110][T23367]  write_pipe_buf+0x15d/0x1f0
[  870.292784][T23367]  ? do_splice_direct+0x2a0/0x2a0
[  870.297954][T23367]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  870.304222][T23367]  ? splice_from_pipe_next.part.0+0x262/0x300
[  870.310326][T23367]  __splice_from_pipe+0x397/0x7d0
[  870.315354][T23367]  ? do_splice_direct+0x2a0/0x2a0
[  870.320391][T23367]  ? do_splice_direct+0x2a0/0x2a0
[  870.325411][T23367]  splice_from_pipe+0x108/0x170
[  870.330276][T23367]  ? splice_shrink_spd+0xd0/0xd0
[  870.335235][T23367]  ? security_file_permission+0x8f/0x380
[  870.340885][T23367]  default_file_splice_write+0x3c/0x90
[  870.346364][T23367]  ? generic_splice_sendpage+0x50/0x50
[  870.351843][T23367]  direct_splice_actor+0x123/0x190
[  870.356956][T23367]  splice_direct_to_actor+0x366/0x970
[  870.362359][T23367]  ? generic_pipe_buf_nosteal+0x10/0x10
[  870.367933][T23367]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  870.374179][T23367]  ? do_splice_to+0x180/0x180
[  870.378865][T23367]  ? rw_verify_area+0x126/0x360
[  870.383731][T23367]  do_splice_direct+0x1da/0x2a0
[  870.388597][T23367]  ? splice_direct_to_actor+0x970/0x970
[  870.394148][T23367]  ? rcu_read_lock_any_held+0xcd/0xf0
[  870.399535][T23367]  ? __this_cpu_preempt_check+0x3a/0x210
[  870.405879][T23367]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  870.412148][T23367]  ? __sb_start_write+0x1e5/0x460
[  870.417184][T23367]  do_sendfile+0x597/0xd00
[  870.421625][T23367]  ? do_compat_pwritev64+0x1c0/0x1c0
[  870.426925][T23367]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  870.433183][T23367]  ? put_timespec64+0xda/0x140
[  870.437962][T23367]  __x64_sys_sendfile64+0x1dd/0x220
[  870.443172][T23367]  ? __ia32_sys_sendfile+0x230/0x230
[  870.448441][T23367]  ? do_syscall_64+0x26/0x760
[  870.453105][T23367]  ? lockdep_hardirqs_on+0x421/0x5e0
[  870.458374][T23367]  ? trace_hardirqs_on+0x67/0x240
[  870.463384][T23367]  do_syscall_64+0xfa/0x760
[  870.467886][T23367]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  870.473771][T23367] RIP: 0033:0x459f49
[  870.477648][T23367] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  870.497755][T23367] RSP: 002b:00007fa308dd9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  870.506157][T23367] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  870.514115][T23367] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  870.522084][T23367] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  870.530036][T23367] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fa308dda6d4
[  870.537990][T23367] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  870.548880][T23367] memory: usage 5056kB, limit 0kB, failcnt 514
[  870.555057][T23367] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  870.562024][T23367] Memory cgroup stats for /syz3:
[  870.562201][T23367] anon 4259840
[  870.562201][T23367] file 118784
[  870.562201][T23367] kernel_stack 65536
[  870.562201][T23367] slab 692224
[  870.562201][T23367] sock 81920
[  870.562201][T23367] shmem 24576
[  870.562201][T23367] file_mapped 0
[  870.562201][T23367] file_dirty 135168
[  870.562201][T23367] file_writeback 0
[  870.562201][T23367] anon_thp 4194304
[  870.562201][T23367] inactive_anon 0
[  870.562201][T23367] active_anon 4259840
[  870.562201][T23367] inactive_file 98304
[  870.562201][T23367] active_file 0
[  870.562201][T23367] unevictable 135168
[  870.562201][T23367] slab_reclaimable 270336
[  870.562201][T23367] slab_unreclaimable 421888
[  870.562201][T23367] pgfault 59235
[  870.562201][T23367] pgmajfault 0
[  870.562201][T23367] workingset_refault 0
[  870.562201][T23367] workingset_activate 0
[  870.562201][T23367] workingset_nodereclaim 0
[  870.562201][T23367] pgrefill 8688
[  870.562201][T23367] pgscan 40193
[  870.562201][T23367] pgsteal 9652
[  870.664197][T23367] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  870.664223][T23367] ,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23362,uid=0
[  870.682424][T23367] Memory cgroup out of memory: Killed process 23362 (syz-executor.3) total-vm:72720kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[  870.703303][ T1070] oom_reaper: reaped process 23362 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  870.717342][T23372] syz-executor.5 invoked oom-killer: gfp_mask=0x101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), order=0, oom_score_adj=1000
[  870.738454][T23372] CPU: 0 PID: 23372 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  870.746382][T23372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  870.756529][T23372] Call Trace:
[  870.759833][T23372]  dump_stack+0x172/0x1f0
[  870.764191][T23372]  dump_header+0x10b/0x82d
[  870.768626][T23372]  oom_kill_process.cold+0x10/0x15
[  870.773740][T23372]  out_of_memory+0x334/0x1340
[  870.778443][T23372]  ? lock_downgrade+0x920/0x920
[  870.783326][T23372]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  870.789170][T23372]  ? oom_killer_disable+0x280/0x280
[  870.794420][T23372]  mem_cgroup_out_of_memory+0x1d8/0x240
[  870.799973][T23372]  ? memcg_stat_show+0xc40/0xc40
[  870.804918][T23372]  ? do_raw_spin_unlock+0x57/0x270
[  870.810058][T23372]  ? _raw_spin_unlock+0x2d/0x50
[  870.814921][T23372]  try_charge+0xf4b/0x1440
[  870.819370][T23372]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  870.824917][T23372]  ? percpu_ref_tryget_live+0x111/0x290
[  870.830473][T23372]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  870.836719][T23372]  ? __kasan_check_read+0x11/0x20
[  870.841751][T23372]  ? get_mem_cgroup_from_mm+0x156/0x320
[  870.847299][T23372]  mem_cgroup_try_charge+0x136/0x590
[  870.852599][T23372]  __add_to_page_cache_locked+0x43f/0xec0
[  870.858328][T23372]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  870.864323][T23372]  ? __kasan_check_read+0x11/0x20
[  870.869376][T23372]  ? __filemap_set_wb_err+0x2b0/0x2b0
[  870.874758][T23372]  ? __alloc_pages_nodemask+0x653/0x900
[  870.880316][T23372]  ? xas_descend+0x144/0x370
[  870.884911][T23372]  ? shadow_lru_isolate+0x430/0x430
[  870.890118][T23372]  add_to_page_cache_lru+0x1d8/0x790
[  870.895404][T23372]  ? add_to_page_cache_locked+0x40/0x40
[  870.900952][T23372]  ? __page_cache_alloc+0x116/0x490
[  870.906148][T23372]  pagecache_get_page+0x3c6/0xa00
[  870.911174][T23372]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  870.916722][T23372]  grab_cache_page_write_begin+0x75/0xb0
[  870.922348][T23372]  ext4_da_write_begin+0x33b/0xc00
[  870.927579][T23372]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  870.933861][T23372]  ? ext4_write_begin+0xd80/0xd80
[  870.938877][T23372]  ? copyin+0x150/0x150
[  870.943086][T23372]  generic_perform_write+0x23b/0x540
[  870.948397][T23372]  ? trace_event_raw_event_file_check_and_advance_wb_err+0x4b0/0x4b0
[  870.956472][T23372]  ? current_time+0x110/0x110
[  870.961152][T23372]  ? generic_write_check_limits.isra.0+0x270/0x270
[  870.967664][T23372]  ? aa_file_perm+0x40b/0xeb0
[  870.972352][T23372]  __generic_file_write_iter+0x25e/0x630
[  870.977997][T23372]  ext4_file_write_iter+0x317/0x13c0
[  870.983276][T23372]  ? __kasan_check_read+0x11/0x20
[  870.988406][T23372]  ? ext4_release_file+0x380/0x380
[  870.993506][T23372]  ? mark_lock+0xc2/0x1220
[  870.997919][T23372]  ? __kasan_check_read+0x11/0x20
[  871.002937][T23372]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  871.009175][T23372]  ? iov_iter_init+0xee/0x220
[  871.013849][T23372]  new_sync_write+0x4d3/0x770
[  871.018525][T23372]  ? new_sync_read+0x800/0x800
[  871.023306][T23372]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  871.029475][T23372]  ? rcu_read_lock_bh_held+0xb0/0xb0
[  871.034757][T23372]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  871.040994][T23372]  __vfs_write+0xe1/0x110
[  871.045321][T23372]  vfs_write+0x268/0x5d0
[  871.049560][T23372]  ksys_write+0x14f/0x290
[  871.053896][T23372]  ? __ia32_sys_read+0xb0/0xb0
[  871.058655][T23372]  ? do_syscall_64+0x26/0x760
[  871.063341][T23372]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  871.069399][T23372]  ? do_syscall_64+0x26/0x760
[  871.074072][T23372]  __x64_sys_write+0x73/0xb0
[  871.078659][T23372]  do_syscall_64+0xfa/0x760
[  871.083159][T23372]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  871.089039][T23372] RIP: 0033:0x459f49
[  871.092922][T23372] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  871.112515][T23372] RSP: 002b:00007fd5f09b7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  871.120937][T23372] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459f49
[  871.128919][T23372] RDX: 000000002343a726 RSI: 0000000020000040 RDI: 0000000000000006
[  871.136899][T23372] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  871.144871][T23372] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd5f09b86d4
[  871.152838][T23372] R13: 00000000004ca5fd R14: 00000000004e2760 R15: 00000000ffffffff
[  871.163204][T23372] memory: usage 5884kB, limit 0kB, failcnt 212
[  871.169665][T23372] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  871.176551][T23372] Memory cgroup stats for /syz5:
[  871.176652][T23372] anon 4300800
[  871.176652][T23372] file 0
[  871.176652][T23372] kernel_stack 65536
[  871.176652][T23372] slab 1368064
[  871.176652][T23372] sock 0
[  871.176652][T23372] shmem 143360
[  871.176652][T23372] file_mapped 135168
[  871.176652][T23372] file_dirty 135168
[  871.176652][T23372] file_writeback 0
[  871.176652][T23372] anon_thp 4194304
[  871.176652][T23372] inactive_anon 0
[  871.176652][T23372] active_anon 4300800
[  871.176652][T23372] inactive_file 57344
[  871.176652][T23372] active_file 225280
[  871.176652][T23372] unevictable 135168
[  871.176652][T23372] slab_reclaimable 811008
[  871.176652][T23372] slab_unreclaimable 557056
[  871.176652][T23372] pgfault 54945
[  871.176652][T23372] pgmajfault 0
[  871.176652][T23372] workingset_refault 0
[  871.176652][T23372] workingset_activate 0
[  871.176652][T23372] workingset_nodereclaim 0
[  871.176652][T23372] pgrefill 9815
[  871.176652][T23372] pgscan 27819
[  871.176652][T23372] pgsteal 8856
[  871.273530][T23372] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23364,uid=0
[  871.289542][T23372] Memory cgroup out of memory: Killed process 23368 (syz-executor.5) total-vm:73248kB, anon-rss:4276kB, file-rss:35852kB, shmem-rss:0kB, UID:0 pgtables:147456kB oom_score_adj:1000
[  871.308288][T23337] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  871.309807][ T1070] oom_reaper: reaped process 23368 (syz-executor.5), now anon-rss:0kB, file-rss:34892kB, shmem-rss:0kB
[  871.322961][T23337] CPU: 1 PID: 23337 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
10:31:23 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:23 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8000000}, 0x0)

10:31:23 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  871.337259][T23337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.347319][T23337] Call Trace:
[  871.350624][T23337]  dump_stack+0x172/0x1f0
[  871.354989][T23337]  dump_header+0x10b/0x82d
[  871.359415][T23337]  ? oom_kill_process+0x94/0x3f0
[  871.364371][T23337]  oom_kill_process.cold+0x10/0x15
[  871.369499][T23337]  out_of_memory+0x334/0x1340
[  871.374192][T23337]  ? lock_downgrade+0x920/0x920
[  871.379060][T23337]  ? oom_killer_disable+0x280/0x280
[  871.384292][T23337]  mem_cgroup_out_of_memory+0x1d8/0x240
[  871.389862][T23337]  ? memcg_stat_show+0xc40/0xc40
[  871.394785][T23337]  ? do_raw_spin_unlock+0x57/0x270
[  871.399890][T23337]  ? _raw_spin_unlock+0x2d/0x50
[  871.404722][T23337]  try_charge+0xf4b/0x1440
[  871.409146][T23337]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  871.414668][T23337]  ? percpu_ref_tryget_live+0x111/0x290
[  871.420192][T23337]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  871.426426][T23337]  ? __kasan_check_read+0x11/0x20
[  871.431437][T23337]  ? get_mem_cgroup_from_mm+0x156/0x320
[  871.436980][T23337]  mem_cgroup_try_charge+0x136/0x590
[  871.442272][T23337]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  871.447885][T23337]  wp_page_copy+0x407/0x1860
[  871.452454][T23337]  ? find_held_lock+0x35/0x130
[  871.457216][T23337]  ? do_wp_page+0x53b/0x15c0
[  871.461823][T23337]  ? pmd_devmap_trans_unstable+0x220/0x220
[  871.467668][T23337]  ? lock_downgrade+0x920/0x920
[  871.472518][T23337]  ? swp_swapcount+0x540/0x540
[  871.477332][T23337]  ? __kasan_check_read+0x11/0x20
[  871.482337][T23337]  ? do_raw_spin_unlock+0x57/0x270
[  871.487431][T23337]  do_wp_page+0x543/0x15c0
[  871.491881][T23337]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  871.497241][T23337]  __handle_mm_fault+0x23ec/0x4040
[  871.502344][T23337]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  871.507871][T23337]  ? handle_mm_fault+0x292/0xaa0
[  871.512805][T23337]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  871.519029][T23337]  ? __kasan_check_read+0x11/0x20
[  871.524035][T23337]  handle_mm_fault+0x3b7/0xaa0
[  871.528785][T23337]  __do_page_fault+0x536/0xdd0
[  871.533535][T23337]  do_page_fault+0x38/0x590
[  871.538021][T23337]  page_fault+0x39/0x40
[  871.542154][T23337] RIP: 0033:0x431026
[  871.546029][T23337] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  871.565625][T23337] RSP: 002b:00007ffe4208c710 EFLAGS: 00010206
[  871.571678][T23337] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  871.579645][T23337] RDX: 0000000000b98930 RSI: 0000000000ba0970 RDI: 0000000000000003
[  871.587602][T23337] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000b97940
[  871.595567][T23337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  871.603521][T23337] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  871.611923][    C1] net_ratelimit: 2 callbacks suppressed
[  871.611933][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  871.623360][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  871.631513][T23337] memory: usage 636kB, limit 0kB, failcnt 522
[  871.637742][T23337] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  871.644584][T23337] Memory cgroup stats for /syz3:
[  871.644692][T23337] anon 0
[  871.644692][T23337] file 118784
[  871.644692][T23337] kernel_stack 0
[  871.644692][T23337] slab 692224
[  871.644692][T23337] sock 81920
[  871.644692][T23337] shmem 24576
[  871.644692][T23337] file_mapped 0
[  871.644692][T23337] file_dirty 135168
[  871.644692][T23337] file_writeback 0
[  871.644692][T23337] anon_thp 0
[  871.644692][T23337] inactive_anon 0
[  871.644692][T23337] active_anon 0
[  871.644692][T23337] inactive_file 98304
[  871.644692][T23337] active_file 0
[  871.644692][T23337] unevictable 135168
[  871.644692][T23337] slab_reclaimable 270336
[  871.644692][T23337] slab_unreclaimable 421888
[  871.644692][T23337] pgfault 59268
[  871.644692][T23337] pgmajfault 0
[  871.644692][T23337] workingset_refault 0
[  871.644692][T23337] workingset_activate 0
[  871.644692][T23337] workingset_nodereclaim 0
[  871.644692][T23337] pgrefill 8688
[  871.644692][T23337] pgscan 40193
[  871.644692][T23337] pgsteal 9652
[  871.644692][T23337] pgactivate 11286
[  871.741259][T23337] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23337,uid=0
[  871.757200][T23337] Memory cgroup out of memory: Killed process 23337 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:118784kB oom_score_adj:0
[  871.775589][ T1070] oom_reaper: reaped process 23337 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  871.787768][T23335] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  871.800863][T23335] CPU: 0 PID: 23335 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  871.808779][T23335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.818836][T23335] Call Trace:
[  871.822135][T23335]  dump_stack+0x172/0x1f0
[  871.826482][T23335]  dump_header+0x10b/0x82d
[  871.830908][T23335]  ? oom_kill_process+0x94/0x3f0
[  871.835858][T23335]  oom_kill_process.cold+0x10/0x15
[  871.840984][T23335]  out_of_memory+0x334/0x1340
[  871.845680][T23335]  ? lock_downgrade+0x920/0x920
[  871.850548][T23335]  ? oom_killer_disable+0x280/0x280
[  871.855765][T23335]  mem_cgroup_out_of_memory+0x1d8/0x240
[  871.861317][T23335]  ? memcg_stat_show+0xc40/0xc40
[  871.866259][T23335]  ? do_raw_spin_unlock+0x57/0x270
[  871.871386][T23335]  ? _raw_spin_unlock+0x2d/0x50
[  871.876240][T23335]  try_charge+0xf4b/0x1440
[  871.880676][T23335]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  871.886228][T23335]  ? percpu_ref_tryget_live+0x111/0x290
[  871.891805][T23335]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  871.898055][T23335]  ? __kasan_check_read+0x11/0x20
[  871.903120][T23335]  ? get_mem_cgroup_from_mm+0x156/0x320
[  871.907867][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  871.908674][T23335]  mem_cgroup_try_charge+0x136/0x590
[  871.914405][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  871.919639][T23335]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  871.919656][T23335]  wp_page_copy+0x407/0x1860
[  871.919671][T23335]  ? find_held_lock+0x35/0x130
[  871.919689][T23335]  ? do_wp_page+0x53b/0x15c0
[  871.945003][T23335]  ? pmd_devmap_trans_unstable+0x220/0x220
[  871.950823][T23335]  ? lock_downgrade+0x920/0x920
[  871.955691][T23335]  ? swp_swapcount+0x540/0x540
[  871.960466][T23335]  ? __kasan_check_read+0x11/0x20
[  871.965507][T23335]  ? do_raw_spin_unlock+0x57/0x270
[  871.970638][T23335]  do_wp_page+0x543/0x15c0
[  871.975070][T23335]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  871.980473][T23335]  __handle_mm_fault+0x23ec/0x4040
[  871.985587][T23335]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  871.991134][T23335]  ? handle_mm_fault+0x292/0xaa0
[  871.996070][T23335]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  872.002293][T23335]  ? __kasan_check_read+0x11/0x20
[  872.007302][T23335]  handle_mm_fault+0x3b7/0xaa0
[  872.012063][T23335]  __do_page_fault+0x536/0xdd0
[  872.016815][T23335]  do_page_fault+0x38/0x590
[  872.021302][T23335]  page_fault+0x39/0x40
[  872.025445][T23335] RIP: 0033:0x431026
[  872.029322][T23335] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  872.048913][T23335] RSP: 002b:00007ffe4c039960 EFLAGS: 00010206
[  872.054959][T23335] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  872.062920][T23335] RDX: 0000000001faf930 RSI: 0000000001fb7970 RDI: 0000000000000003
[  872.070880][T23335] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001fae940
[  872.078842][T23335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  872.086804][T23335] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
10:31:24 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:24 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:24 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc))
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:24 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:24 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x8060000}, 0x0)

10:31:24 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  872.227784][T23335] memory: usage 1444kB, limit 0kB, failcnt 227
[  872.234016][T23335] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  872.316413][T23335] Memory cgroup stats for /syz5:
[  872.316515][T23335] anon 86016
[  872.316515][T23335] file 0
[  872.316515][T23335] kernel_stack 0
[  872.316515][T23335] slab 1368064
[  872.316515][T23335] sock 0
[  872.316515][T23335] shmem 143360
[  872.316515][T23335] file_mapped 135168
[  872.316515][T23335] file_dirty 135168
[  872.316515][T23335] file_writeback 0
[  872.316515][T23335] anon_thp 0
[  872.316515][T23335] inactive_anon 0
[  872.316515][T23335] active_anon 86016
[  872.316515][T23335] inactive_file 57344
[  872.316515][T23335] active_file 225280
[  872.316515][T23335] unevictable 135168
[  872.316515][T23335] slab_reclaimable 811008
[  872.316515][T23335] slab_unreclaimable 557056
[  872.316515][T23335] pgfault 54978
[  872.316515][T23335] pgmajfault 0
[  872.316515][T23335] workingset_refault 0
[  872.316515][T23335] workingset_activate 0
[  872.316515][T23335] workingset_nodereclaim 0
[  872.316515][T23335] pgrefill 9815
[  872.316515][T23335] pgscan 27819
[  872.316515][T23335] pgsteal 8856
[  872.316515][T23335] pgactivate 12903
10:31:24 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  872.437121][T23335] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23335,uid=0
[  872.462700][T23335] Memory cgroup out of memory: Killed process 23335 (syz-executor.5) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
10:31:24 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  872.505295][ T1070] oom_reaper: reaped process 23335 (syz-executor.5), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  872.547622][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  872.553455][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  872.627580][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  872.633449][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:31:25 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040), &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

[  873.923527][T23399] IPVS: ftp: loaded support on port[0] = 21
10:31:26 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:26 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040), &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

10:31:26 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc))
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:26 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x9000000}, 0x0)

[  874.334266][T23402] IPVS: ftp: loaded support on port[0] = 21
[  875.374980][T23399] chnl_net:caif_netlink_parms(): no params data found
[  875.829563][T23413] IPVS: ftp: loaded support on port[0] = 21
[  876.270766][T23399] bridge0: port 1(bridge_slave_0) entered blocking state
[  876.278996][T23399] bridge0: port 1(bridge_slave_0) entered disabled state
[  876.286751][T23399] device bridge_slave_0 entered promiscuous mode
[  876.297092][T23399] bridge0: port 2(bridge_slave_1) entered blocking state
[  876.304331][T23399] bridge0: port 2(bridge_slave_1) entered disabled state
[  876.312635][T23399] device bridge_slave_1 entered promiscuous mode
[  876.706495][T23402] chnl_net:caif_netlink_parms(): no params data found
[  876.733488][T23399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.147361][T23399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  877.187246][T23402] bridge0: port 1(bridge_slave_0) entered blocking state
[  877.194507][T23402] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.202709][T23402] device bridge_slave_0 entered promiscuous mode
[  877.218179][T23402] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.225346][T23402] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.233536][T23402] device bridge_slave_1 entered promiscuous mode
[  877.635992][T23399] team0: Port device team_slave_0 added
[  877.651304][T23402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.664430][T23399] team0: Port device team_slave_1 added
[  877.672665][T23402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  877.773078][T23399] device hsr_slave_0 entered promiscuous mode
[  877.818153][T23399] device hsr_slave_1 entered promiscuous mode
[  877.857661][T23399] debugfs: Directory 'hsr0' with parent '/' already present!
[  877.878240][T23413] chnl_net:caif_netlink_parms(): no params data found
[  877.891838][T23402] team0: Port device team_slave_0 added
[  877.898618][T11615] device bridge_slave_1 left promiscuous mode
[  877.904812][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.968364][T11615] device bridge_slave_0 left promiscuous mode
[  877.974560][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.049004][T11615] device bridge_slave_1 left promiscuous mode
[  878.055186][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.108807][T11615] device bridge_slave_0 left promiscuous mode
[  878.115016][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.169654][T11615] device bridge_slave_1 left promiscuous mode
[  878.175828][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.229286][T11615] device bridge_slave_0 left promiscuous mode
[  878.235474][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.289683][T11615] device bridge_slave_1 left promiscuous mode
[  878.295860][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.349593][T11615] device bridge_slave_0 left promiscuous mode
[  878.355794][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.428859][T11615] device bridge_slave_1 left promiscuous mode
[  878.435027][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.488562][T11615] device bridge_slave_0 left promiscuous mode
[  878.494741][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  888.978340][T11615] device hsr_slave_0 left promiscuous mode
[  889.017835][T11615] device hsr_slave_1 left promiscuous mode
[  889.071666][T11615] team0 (unregistering): Port device team_slave_1 removed
[  889.085868][T11615] team0 (unregistering): Port device team_slave_0 removed
[  889.098926][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  889.153178][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  889.276964][T11615] bond0 (unregistering): Released all slaves
[  889.458239][T11615] device hsr_slave_0 left promiscuous mode
[  889.517888][T11615] device hsr_slave_1 left promiscuous mode
[  889.585981][T11615] team0 (unregistering): Port device team_slave_1 removed
[  889.600391][T11615] team0 (unregistering): Port device team_slave_0 removed
[  889.613663][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  889.682080][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  889.757066][T11615] bond0 (unregistering): Released all slaves
[  889.888535][T11615] device hsr_slave_0 left promiscuous mode
[  889.937680][T11615] device hsr_slave_1 left promiscuous mode
[  890.002300][T11615] team0 (unregistering): Port device team_slave_1 removed
[  890.016362][T11615] team0 (unregistering): Port device team_slave_0 removed
[  890.029853][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  890.074285][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  890.151266][T11615] bond0 (unregistering): Released all slaves
[  890.328279][T11615] device hsr_slave_0 left promiscuous mode
[  890.377893][T11615] device hsr_slave_1 left promiscuous mode
[  890.431697][T11615] team0 (unregistering): Port device team_slave_1 removed
[  890.445662][T11615] team0 (unregistering): Port device team_slave_0 removed
[  890.458490][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  890.485049][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  890.576280][T11615] bond0 (unregistering): Released all slaves
[  890.748232][T11615] device hsr_slave_0 left promiscuous mode
[  890.827751][T11615] device hsr_slave_1 left promiscuous mode
[  890.895687][T11615] team0 (unregistering): Port device team_slave_1 removed
[  890.911427][T11615] team0 (unregistering): Port device team_slave_0 removed
[  890.922955][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  890.964619][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  891.060661][T11615] bond0 (unregistering): Released all slaves
[  891.184197][T23402] team0: Port device team_slave_1 added
[  891.204354][T23413] bridge0: port 1(bridge_slave_0) entered blocking state
[  891.211721][T23413] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.220066][T23413] device bridge_slave_0 entered promiscuous mode
[  891.299931][T23402] device hsr_slave_0 entered promiscuous mode
[  891.348189][T23402] device hsr_slave_1 entered promiscuous mode
[  891.390173][T23413] bridge0: port 2(bridge_slave_1) entered blocking state
[  891.397268][T23413] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.408718][T23413] device bridge_slave_1 entered promiscuous mode
[  891.449876][T23413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  891.469453][T23413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  891.512285][T23413] team0: Port device team_slave_0 added
[  891.526093][T23413] team0: Port device team_slave_1 added
[  891.566825][T23402] 8021q: adding VLAN 0 to HW filter on device bond0
[  891.610022][T23413] device hsr_slave_0 entered promiscuous mode
[  891.627876][T23413] device hsr_slave_1 entered promiscuous mode
[  891.677653][T23413] debugfs: Directory 'hsr0' with parent '/' already present!
[  891.688213][T23399] 8021q: adding VLAN 0 to HW filter on device bond0
[  891.704146][T23402] 8021q: adding VLAN 0 to HW filter on device team0
[  891.733749][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  891.741736][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  891.749698][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  891.759650][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  891.768742][T23379] bridge0: port 1(bridge_slave_0) entered blocking state
[  891.775787][T23379] bridge0: port 1(bridge_slave_0) entered forwarding state
[  891.783837][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  891.792981][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  891.801812][T23379] bridge0: port 2(bridge_slave_1) entered blocking state
[  891.808960][T23379] bridge0: port 2(bridge_slave_1) entered forwarding state
[  891.816555][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  891.825794][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  891.834729][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  891.843544][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  891.853393][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  891.861720][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  891.883573][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  891.891719][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  891.899679][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  891.909381][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  891.926400][T23399] 8021q: adding VLAN 0 to HW filter on device team0
[  891.940101][T23402] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  891.951898][T23402] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  891.964312][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  891.974074][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  891.982773][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  892.008197][T23402] 8021q: adding VLAN 0 to HW filter on device batadv0
[  892.029586][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  892.042792][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  892.053884][T23379] bridge0: port 1(bridge_slave_0) entered blocking state
[  892.061018][T23379] bridge0: port 1(bridge_slave_0) entered forwarding state
[  892.069197][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  892.078365][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  892.086851][T23379] bridge0: port 2(bridge_slave_1) entered blocking state
[  892.093973][T23379] bridge0: port 2(bridge_slave_1) entered forwarding state
[  892.101732][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  892.110633][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  892.120916][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  892.130592][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  892.140428][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  892.183581][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  892.192047][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  892.204851][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  892.214483][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  892.223272][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  892.271497][T23399] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  892.282878][T23399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  892.298136][T23413] 8021q: adding VLAN 0 to HW filter on device bond0
[  892.305907][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  892.314537][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  892.323652][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  892.406520][T23399] 8021q: adding VLAN 0 to HW filter on device batadv0
[  892.416385][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  892.433435][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  892.530998][T23413] 8021q: adding VLAN 0 to HW filter on device team0
[  892.555658][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  892.576106][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  892.616435][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state
[  892.623600][ T8848] bridge0: port 1(bridge_slave_0) entered forwarding state
[  892.669956][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  892.678778][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  892.708458][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  892.717099][ T8848] bridge0: port 2(bridge_slave_1) entered blocking state
[  892.724241][ T8848] bridge0: port 2(bridge_slave_1) entered forwarding state
[  892.791825][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  892.815768][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  892.854337][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  892.870641][T23429] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  892.883121][T23429] CPU: 1 PID: 23429 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  892.887321][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  892.891030][T23429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  892.891036][T23429] Call Trace:
[  892.891060][T23429]  dump_stack+0x172/0x1f0
[  892.891080][T23429]  dump_header+0x10b/0x82d
[  892.891099][T23429]  oom_kill_process.cold+0x10/0x15
[  892.910016][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  892.912255][T23429]  out_of_memory+0x334/0x1340
[  892.912275][T23429]  ? __sched_text_start+0x8/0x8
[  892.942804][T23429]  ? oom_killer_disable+0x280/0x280
[  892.948018][T23429]  mem_cgroup_out_of_memory+0x1d8/0x240
[  892.953563][T23429]  ? memcg_stat_show+0xc40/0xc40
[  892.958506][T23429]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  892.964311][T23429]  ? cgroup_file_notify+0x140/0x1b0
[  892.969539][T23429]  memory_max_write+0x262/0x3a0
[  892.974395][T23429]  ? mem_cgroup_write+0x370/0x370
[  892.979420][T23429]  ? lock_acquire+0x190/0x410
[  892.984098][T23429]  ? kernfs_fop_write+0x227/0x480
[  892.989125][T23429]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  892.994672][T23429]  cgroup_file_write+0x241/0x790
[  892.999783][T23429]  ? mem_cgroup_write+0x370/0x370
[  893.005686][T23429]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  893.011330][T23429]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  893.016963][T23429]  kernfs_fop_write+0x2b8/0x480
[  893.021826][T23429]  __vfs_write+0x8a/0x110
[  893.026162][T23429]  ? kernfs_fop_open+0xd80/0xd80
[  893.031102][T23429]  __kernel_write+0x11b/0x3b0
[  893.035781][T23429]  write_pipe_buf+0x15d/0x1f0
[  893.040464][T23429]  ? do_splice_direct+0x2a0/0x2a0
[  893.045490][T23429]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  893.051731][T23429]  ? splice_from_pipe_next.part.0+0x262/0x300
[  893.057899][T23429]  __splice_from_pipe+0x397/0x7d0
[  893.062922][T23429]  ? do_splice_direct+0x2a0/0x2a0
[  893.067954][T23429]  ? do_splice_direct+0x2a0/0x2a0
[  893.072988][T23429]  splice_from_pipe+0x108/0x170
[  893.077846][T23429]  ? splice_shrink_spd+0xd0/0xd0
[  893.082793][T23429]  ? security_file_permission+0x8f/0x380
[  893.088426][T23429]  default_file_splice_write+0x3c/0x90
[  893.093888][T23429]  ? generic_splice_sendpage+0x50/0x50
[  893.099350][T23429]  direct_splice_actor+0x123/0x190
[  893.104491][T23429]  splice_direct_to_actor+0x366/0x970
[  893.109866][T23429]  ? generic_pipe_buf_nosteal+0x10/0x10
[  893.115419][T23429]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  893.121656][T23429]  ? do_splice_to+0x180/0x180
[  893.126348][T23429]  ? rw_verify_area+0x126/0x360
[  893.131206][T23429]  do_splice_direct+0x1da/0x2a0
[  893.136071][T23429]  ? splice_direct_to_actor+0x970/0x970
[  893.141632][T23429]  ? rcu_read_lock_any_held+0xcd/0xf0
[  893.147015][T23429]  ? __this_cpu_preempt_check+0x3a/0x210
[  893.152650][T23429]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  893.158886][T23429]  ? __sb_start_write+0x1e5/0x460
[  893.163923][T23429]  do_sendfile+0x597/0xd00
[  893.168350][T23429]  ? do_compat_pwritev64+0x1c0/0x1c0
[  893.173636][T23429]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  893.179875][T23429]  ? put_timespec64+0xda/0x140
[  893.184825][T23429]  __x64_sys_sendfile64+0x1dd/0x220
[  893.190062][T23429]  ? __ia32_sys_sendfile+0x230/0x230
[  893.195341][T23429]  ? do_syscall_64+0x26/0x760
[  893.200040][T23429]  ? lockdep_hardirqs_on+0x421/0x5e0
[  893.205321][T23429]  ? trace_hardirqs_on+0x67/0x240
[  893.210368][T23429]  do_syscall_64+0xfa/0x760
[  893.214900][T23429]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  893.220805][T23429] RIP: 0033:0x459f49
[  893.224706][T23429] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  893.244311][T23429] RSP: 002b:00007fb48a386c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  893.252727][T23429] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  893.260697][T23429] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  893.268662][T23429] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  893.276654][T23429] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fb48a3876d4
[  893.284622][T23429] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  893.300263][T23429] memory: usage 1760kB, limit 0kB, failcnt 269
[  893.307396][T23429] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  893.314759][T23429] Memory cgroup stats for /syz2:
[  893.314870][T23429] anon 266240
[  893.314870][T23429] file 192512
[  893.314870][T23429] kernel_stack 65536
[  893.314870][T23429] slab 1191936
[  893.314870][T23429] sock 4096
[  893.314870][T23429] shmem 20480
[  893.314870][T23429] file_mapped 135168
[  893.314870][T23429] file_dirty 135168
[  893.314870][T23429] file_writeback 0
[  893.314870][T23429] anon_thp 0
[  893.314870][T23429] inactive_anon 90112
[  893.314870][T23429] active_anon 266240
[  893.314870][T23429] inactive_file 0
[  893.314870][T23429] active_file 188416
[  893.314870][T23429] unevictable 0
[  893.314870][T23429] slab_reclaimable 811008
[  893.314870][T23429] slab_unreclaimable 380928
[  893.314870][T23429] pgfault 65670
[  893.314870][T23429] pgmajfault 0
[  893.314870][T23429] workingset_refault 0
[  893.314870][T23429] workingset_activate 0
[  893.314870][T23429] workingset_nodereclaim 0
[  893.314870][T23429] pgrefill 18328
[  893.314870][T23429] pgscan 26591
[  893.314870][T23429] pgsteal 3058
[  893.315072][T23413] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  893.320472][T23429] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23402,uid=0
[  893.409422][T23413] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  893.445962][T23429] Memory cgroup out of memory: Killed process 23402 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  893.464114][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  893.476937][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  893.493707][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  893.505597][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  893.513769][T23435] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  893.532092][T23435] CPU: 0 PID: 23435 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  893.540020][T23435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  893.550088][T23435] Call Trace:
[  893.553385][T23435]  dump_stack+0x172/0x1f0
[  893.557725][T23435]  dump_header+0x10b/0x82d
[  893.562144][T23435]  oom_kill_process.cold+0x10/0x15
[  893.567256][T23435]  out_of_memory+0x334/0x1340
[  893.571955][T23435]  ? cgroup_file_notify+0x140/0x1b0
[  893.577177][T23435]  ? oom_killer_disable+0x280/0x280
[  893.582393][T23435]  mem_cgroup_out_of_memory+0x1d8/0x240
[  893.587943][T23435]  ? memcg_stat_show+0xc40/0xc40
[  893.592885][T23435]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  893.598696][T23435]  ? cgroup_file_notify+0x140/0x1b0
[  893.603894][T23435]  memory_max_write+0x262/0x3a0
[  893.608745][T23435]  ? mem_cgroup_write+0x370/0x370
[  893.613766][T23435]  ? lock_acquire+0x190/0x410
[  893.618441][T23435]  ? kernfs_fop_write+0x227/0x480
[  893.623464][T23435]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  893.629032][T23435]  cgroup_file_write+0x241/0x790
[  893.633980][T23435]  ? mem_cgroup_write+0x370/0x370
[  893.639010][T23435]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  893.644652][T23435]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  893.650285][T23435]  kernfs_fop_write+0x2b8/0x480
[  893.655140][T23435]  __vfs_write+0x8a/0x110
[  893.659466][T23435]  ? kernfs_fop_open+0xd80/0xd80
[  893.664400][T23435]  __kernel_write+0x11b/0x3b0
[  893.669085][T23435]  write_pipe_buf+0x15d/0x1f0
[  893.673781][T23435]  ? do_splice_direct+0x2a0/0x2a0
[  893.678806][T23435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  893.685062][T23435]  ? splice_from_pipe_next.part.0+0x262/0x300
[  893.691160][T23435]  __splice_from_pipe+0x397/0x7d0
[  893.696197][T23435]  ? do_splice_direct+0x2a0/0x2a0
[  893.701233][T23435]  ? do_splice_direct+0x2a0/0x2a0
[  893.706256][T23435]  splice_from_pipe+0x108/0x170
[  893.711112][T23435]  ? splice_shrink_spd+0xd0/0xd0
[  893.716055][T23435]  ? security_file_permission+0x8f/0x380
[  893.721711][T23435]  default_file_splice_write+0x3c/0x90
[  893.727185][T23435]  ? generic_splice_sendpage+0x50/0x50
[  893.732679][T23435]  direct_splice_actor+0x123/0x190
[  893.737922][T23435]  splice_direct_to_actor+0x366/0x970
[  893.743299][T23435]  ? generic_pipe_buf_nosteal+0x10/0x10
[  893.748853][T23435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  893.755111][T23435]  ? do_splice_to+0x180/0x180
[  893.759790][T23435]  ? rw_verify_area+0x126/0x360
[  893.764646][T23435]  do_splice_direct+0x1da/0x2a0
[  893.769498][T23435]  ? splice_direct_to_actor+0x970/0x970
[  893.775036][T23435]  ? rcu_read_lock_any_held+0xcd/0xf0
[  893.780427][T23435]  ? __this_cpu_preempt_check+0x3a/0x210
[  893.786073][T23435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  893.792325][T23435]  ? __sb_start_write+0x1e5/0x460
[  893.797350][T23435]  do_sendfile+0x597/0xd00
[  893.801774][T23435]  ? do_compat_pwritev64+0x1c0/0x1c0
[  893.807070][T23435]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  893.813326][T23435]  ? put_timespec64+0xda/0x140
[  893.818101][T23435]  __x64_sys_sendfile64+0x1dd/0x220
[  893.823423][T23435]  ? __ia32_sys_sendfile+0x230/0x230
[  893.828717][T23435]  ? do_syscall_64+0x26/0x760
[  893.833393][T23435]  ? lockdep_hardirqs_on+0x421/0x5e0
[  893.838674][T23435]  ? trace_hardirqs_on+0x67/0x240
[  893.843688][T23435]  do_syscall_64+0xfa/0x760
[  893.848173][T23435]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  893.854047][T23435] RIP: 0033:0x459f49
[  893.857923][T23435] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  893.877525][T23435] RSP: 002b:00007f0ccc3ccc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  893.885964][T23435] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  893.893953][T23435] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  893.901903][T23435] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  893.909854][T23435] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f0ccc3cd6d4
[  893.917821][T23435] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  893.929283][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  893.934996][T23435] memory: usage 5784kB, limit 0kB, failcnt 151
[  893.937969][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  893.944860][T23435] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  893.952174][T13143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  893.966771][T23435] Memory cgroup stats for /syz4:
[  893.966886][T23435] anon 4345856
[  893.966886][T23435] file 69632
[  893.966886][T23435] kernel_stack 131072
[  893.966886][T23435] slab 1642496
[  893.966886][T23435] sock 0
[  893.966886][T23435] shmem 0
[  893.966886][T23435] file_mapped 135168
[  893.966886][T23435] file_dirty 135168
[  893.966886][T23435] file_writeback 0
[  893.966886][T23435] anon_thp 4194304
[  893.966886][T23435] inactive_anon 135168
[  893.966886][T23435] active_anon 4345856
[  893.966886][T23435] inactive_file 36864
[  893.966886][T23435] active_file 0
[  893.966886][T23435] unevictable 0
[  893.966886][T23435] slab_reclaimable 675840
[  893.966886][T23435] slab_unreclaimable 966656
[  893.966886][T23435] pgfault 49104
[  893.966886][T23435] pgmajfault 0
[  893.966886][T23435] workingset_refault 0
[  893.966886][T23435] workingset_activate 0
[  893.966886][T23435] workingset_nodereclaim 0
[  893.966886][T23435] pgrefill 4301
[  893.966886][T23435] pgscan 18220
[  893.966886][T23435] pgsteal 5051
[  893.969906][T23413] 8021q: adding VLAN 0 to HW filter on device batadv0
[  894.010987][T23435] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23433,uid=0
10:31:46 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040), &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

10:31:46 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:46 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xa000000}, 0x0)

10:31:46 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  894.115117][T23435] Memory cgroup out of memory: Killed process 23433 (syz-executor.4) total-vm:72720kB, anon-rss:4244kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  894.144456][ T1070] oom_reaper: reaped process 23433 (syz-executor.4), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB
[  894.201056][T23399] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  894.224305][T23399] CPU: 1 PID: 23399 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  894.232242][T23399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  894.242344][T23399] Call Trace:
[  894.245661][T23399]  dump_stack+0x172/0x1f0
[  894.250017][T23399]  dump_header+0x10b/0x82d
[  894.254447][T23399]  ? oom_kill_process+0x94/0x3f0
[  894.259402][T23399]  oom_kill_process.cold+0x10/0x15
[  894.264546][T23399]  out_of_memory+0x334/0x1340
[  894.269246][T23399]  ? lock_downgrade+0x920/0x920
[  894.274116][T23399]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  894.279936][T23399]  ? oom_killer_disable+0x280/0x280
[  894.285163][T23399]  mem_cgroup_out_of_memory+0x1d8/0x240
[  894.290731][T23399]  ? memcg_stat_show+0xc40/0xc40
[  894.295690][T23399]  ? do_raw_spin_unlock+0x57/0x270
[  894.300824][T23399]  ? _raw_spin_unlock+0x2d/0x50
[  894.305705][T23399]  try_charge+0xf4b/0x1440
[  894.310145][T23399]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  894.315722][T23399]  ? percpu_ref_tryget_live+0x111/0x290
[  894.321281][T23399]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  894.327533][T23399]  ? __kasan_check_read+0x11/0x20
[  894.332576][T23399]  ? get_mem_cgroup_from_mm+0x156/0x320
[  894.338171][T23399]  mem_cgroup_try_charge+0x136/0x590
[  894.343480][T23399]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  894.349130][T23399]  __handle_mm_fault+0x1f0d/0x4040
[  894.354259][T23399]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  894.359847][T23399]  ? handle_mm_fault+0x292/0xaa0
[  894.364812][T23399]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  894.371071][T23399]  ? __kasan_check_read+0x11/0x20
[  894.376140][T23399]  handle_mm_fault+0x3b7/0xaa0
[  894.380929][T23399]  __do_page_fault+0x536/0xdd0
[  894.385724][T23399]  do_page_fault+0x38/0x590
[  894.390245][T23399]  page_fault+0x39/0x40
[  894.394407][T23399] RIP: 0033:0x457ee1
[  894.398312][T23399] Code: 48 81 ec 98 00 00 00 0f 05 48 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 00 48 89 e2 89 de bf 01 00 00 00 <e8> ba 13 00 00 85 c0 0f 88 98 00 00 00 8b 44 24 18 25 00 f0 00 00
[  894.417915][T23399] RSP: 002b:00007ffdd7b51f90 EFLAGS: 00010206
[  894.423978][T23399] RAX: 0000000000000003 RBX: 0000000000000003 RCX: 0000000000457ec0
[  894.431945][T23399] RDX: 00007ffdd7b51f90 RSI: 0000000000000003 RDI: 0000000000000001
[  894.439918][T23399] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000018ee940
[  894.447905][T23399] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffdd7b53170
[  894.455873][T23399] R13: 00007ffdd7b53160 R14: 0000000000000000 R15: 00007ffdd7b53170
[  894.467246][T23399] memory: usage 1356kB, limit 0kB, failcnt 159
[  894.468421][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.473652][T23399] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  894.479233][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  894.486146][T23399] Memory cgroup stats for /syz4:
[  894.486258][T23399] anon 61440
[  894.486258][T23399] file 69632
[  894.486258][T23399] kernel_stack 0
[  894.486258][T23399] slab 1642496
[  894.486258][T23399] sock 0
[  894.486258][T23399] shmem 0
[  894.486258][T23399] file_mapped 135168
[  894.486258][T23399] file_dirty 135168
[  894.486258][T23399] file_writeback 0
[  894.486258][T23399] anon_thp 0
[  894.486258][T23399] inactive_anon 135168
[  894.486258][T23399] active_anon 61440
[  894.486258][T23399] inactive_file 36864
[  894.486258][T23399] active_file 0
[  894.486258][T23399] unevictable 0
[  894.486258][T23399] slab_reclaimable 675840
[  894.486258][T23399] slab_unreclaimable 966656
[  894.486258][T23399] pgfault 49137
[  894.486258][T23399] pgmajfault 0
[  894.486258][T23399] workingset_refault 0
[  894.486258][T23399] workingset_activate 0
[  894.486258][T23399] workingset_nodereclaim 0
[  894.486258][T23399] pgrefill 4301
[  894.486258][T23399] pgscan 18220
[  894.486258][T23399] pgsteal 5051
[  894.486258][T23399] pgactivate 6831
[  894.492593][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.496813][T23399] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23399,uid=0
[  894.587741][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  894.587799][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  894.587843][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  894.617575][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.629862][T23399] Memory cgroup out of memory: Killed process 23399 (syz-executor.4) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
10:31:47 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  894.632205][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  894.651279][ T1070] oom_reaper: reaped process 23399 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
10:31:47 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  894.787798][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  894.793656][    C1] protocol 88fb is buggy, dev hsr_slave_1
10:31:47 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r5}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:47 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xe000000}, 0x0)

10:31:47 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:47 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  895.339003][T23461] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  895.357674][T23461] CPU: 0 PID: 23461 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  895.365640][T23461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  895.375704][T23461] Call Trace:
[  895.379003][T23461]  dump_stack+0x172/0x1f0
[  895.383338][T23461]  dump_header+0x10b/0x82d
[  895.387755][T23461]  oom_kill_process.cold+0x10/0x15
[  895.392868][T23461]  out_of_memory+0x334/0x1340
[  895.397545][T23461]  ? __sched_text_start+0x8/0x8
[  895.402413][T23461]  ? oom_killer_disable+0x280/0x280
[  895.407635][T23461]  mem_cgroup_out_of_memory+0x1d8/0x240
[  895.407650][T23461]  ? memcg_stat_show+0xc40/0xc40
[  895.407672][T23461]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  895.407691][T23461]  ? cgroup_file_notify+0x140/0x1b0
[  895.407709][T23461]  memory_max_write+0x262/0x3a0
[  895.407728][T23461]  ? mem_cgroup_write+0x370/0x370
[  895.407743][T23461]  ? lock_acquire+0x190/0x410
[  895.407764][T23461]  ? kernfs_fop_write+0x227/0x480
[  895.418240][T23461]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  895.454280][T23461]  cgroup_file_write+0x241/0x790
[  895.459225][T23461]  ? mem_cgroup_write+0x370/0x370
[  895.464249][T23461]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  895.469892][T23461]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  895.475527][T23461]  kernfs_fop_write+0x2b8/0x480
[  895.480384][T23461]  __vfs_write+0x8a/0x110
[  895.484709][T23461]  ? kernfs_fop_open+0xd80/0xd80
[  895.489647][T23461]  __kernel_write+0x11b/0x3b0
[  895.494354][T23461]  write_pipe_buf+0x15d/0x1f0
[  895.499036][T23461]  ? do_splice_direct+0x2a0/0x2a0
[  895.504063][T23461]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  895.510321][T23461]  ? splice_from_pipe_next.part.0+0x262/0x300
[  895.516497][T23461]  __splice_from_pipe+0x397/0x7d0
[  895.521569][T23461]  ? do_splice_direct+0x2a0/0x2a0
[  895.526620][T23461]  ? do_splice_direct+0x2a0/0x2a0
[  895.531664][T23461]  splice_from_pipe+0x108/0x170
[  895.536559][T23461]  ? splice_shrink_spd+0xd0/0xd0
[  895.541530][T23461]  ? security_file_permission+0x8f/0x380
[  895.547185][T23461]  default_file_splice_write+0x3c/0x90
[  895.552653][T23461]  ? generic_splice_sendpage+0x50/0x50
[  895.558134][T23461]  direct_splice_actor+0x123/0x190
[  895.563276][T23461]  splice_direct_to_actor+0x366/0x970
[  895.568671][T23461]  ? generic_pipe_buf_nosteal+0x10/0x10
[  895.574260][T23461]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  895.580485][T23461]  ? do_splice_to+0x180/0x180
[  895.585140][T23461]  ? rw_verify_area+0x126/0x360
[  895.590007][T23461]  do_splice_direct+0x1da/0x2a0
[  895.594860][T23461]  ? splice_direct_to_actor+0x970/0x970
[  895.600411][T23461]  ? rcu_read_lock_any_held+0xcd/0xf0
[  895.605787][T23461]  ? __this_cpu_preempt_check+0x3a/0x210
[  895.611411][T23461]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  895.617655][T23461]  ? __sb_start_write+0x1e5/0x460
[  895.622674][T23461]  do_sendfile+0x597/0xd00
[  895.627073][T23461]  ? do_compat_pwritev64+0x1c0/0x1c0
[  895.632362][T23461]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  895.638651][T23461]  ? put_timespec64+0xda/0x140
[  895.643440][T23461]  __x64_sys_sendfile64+0x1dd/0x220
[  895.648682][T23461]  ? __ia32_sys_sendfile+0x230/0x230
[  895.653985][T23461]  ? do_syscall_64+0x26/0x760
[  895.658675][T23461]  ? lockdep_hardirqs_on+0x421/0x5e0
[  895.663970][T23461]  ? trace_hardirqs_on+0x67/0x240
[  895.669018][T23461]  do_syscall_64+0xfa/0x760
[  895.673538][T23461]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  895.679438][T23461] RIP: 0033:0x459f49
[  895.683337][T23461] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  895.702954][T23461] RSP: 002b:00007fe6c85c3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  895.711381][T23461] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  895.719358][T23461] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  895.727339][T23461] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  895.735317][T23461] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fe6c85c46d4
[  895.743394][T23461] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  895.759799][T23465] IPVS: ftp: loaded support on port[0] = 21
[  895.765768][T23461] memory: usage 5068kB, limit 0kB, failcnt 523
[  895.776825][T23461] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  895.807297][T23461] Memory cgroup stats for /syz3:
[  895.807422][T23461] anon 4239360
[  895.807422][T23461] file 118784
[  895.807422][T23461] kernel_stack 65536
[  895.807422][T23461] slab 692224
[  895.807422][T23461] sock 81920
[  895.807422][T23461] shmem 24576
[  895.807422][T23461] file_mapped 0
[  895.807422][T23461] file_dirty 135168
[  895.807422][T23461] file_writeback 0
[  895.807422][T23461] anon_thp 4194304
[  895.807422][T23461] inactive_anon 0
[  895.807422][T23461] active_anon 4239360
[  895.807422][T23461] inactive_file 98304
[  895.807422][T23461] active_file 0
[  895.807422][T23461] unevictable 135168
[  895.807422][T23461] slab_reclaimable 270336
[  895.807422][T23461] slab_unreclaimable 421888
[  895.807422][T23461] pgfault 59334
[  895.807422][T23461] pgmajfault 0
[  895.807422][T23461] workingset_refault 0
[  895.807422][T23461] workingset_activate 0
[  895.807422][T23461] workingset_nodereclaim 0
[  895.807422][T23461] pgrefill 8688
[  895.807422][T23461] pgscan 40193
[  895.807422][T23461] pgsteal 9652
[  895.837836][T23461] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23457,uid=0
[  895.918325][T23461] Memory cgroup out of memory: Killed process 23457 (syz-executor.3) total-vm:72720kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  895.939063][ T1070] oom_reaper: reaped process 23457 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
10:31:48 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f000095dffc)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:48 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:48 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  895.968724][T23413] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  896.046522][T23413] CPU: 0 PID: 23413 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  896.054449][T23413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  896.054456][T23413] Call Trace:
[  896.054476][T23413]  dump_stack+0x172/0x1f0
[  896.054494][T23413]  dump_header+0x10b/0x82d
[  896.054506][T23413]  ? oom_kill_process+0x94/0x3f0
[  896.054521][T23413]  oom_kill_process.cold+0x10/0x15
[  896.054537][T23413]  out_of_memory+0x334/0x1340
[  896.054550][T23413]  ? lock_downgrade+0x920/0x920
[  896.054569][T23413]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  896.054586][T23413]  ? oom_killer_disable+0x280/0x280
[  896.102011][T23413]  mem_cgroup_out_of_memory+0x1d8/0x240
[  896.102025][T23413]  ? memcg_stat_show+0xc40/0xc40
[  896.102044][T23413]  ? do_raw_spin_unlock+0x57/0x270
[  896.102060][T23413]  ? _raw_spin_unlock+0x2d/0x50
[  896.102077][T23413]  try_charge+0xf4b/0x1440
[  896.102097][T23413]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  896.102114][T23413]  ? percpu_ref_tryget_live+0x111/0x290
[  896.122861][T23413]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  896.143168][T23413]  ? __kasan_check_read+0x11/0x20
[  896.154409][T23413]  ? get_mem_cgroup_from_mm+0x156/0x320
[  896.159978][T23413]  mem_cgroup_try_charge+0x136/0x590
[  896.165271][T23413]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  896.170984][T23413]  __handle_mm_fault+0x1f0d/0x4040
[  896.171003][T23413]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  896.171016][T23413]  ? handle_mm_fault+0x292/0xaa0
[  896.171043][T23413]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  896.171059][T23413]  ? __kasan_check_read+0x11/0x20
[  896.171075][T23413]  handle_mm_fault+0x3b7/0xaa0
[  896.171095][T23413]  __do_page_fault+0x536/0xdd0
[  896.171114][T23413]  do_page_fault+0x38/0x590
[  896.171128][T23413]  page_fault+0x39/0x40
[  896.171143][T23413] RIP: 0033:0x457ee1
[  896.207446][T23413] Code: 48 81 ec 98 00 00 00 0f 05 48 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 00 48 89 e2 89 de bf 01 00 00 00 <e8> ba 13 00 00 85 c0 0f 88 98 00 00 00 8b 44 24 18 25 00 f0 00 00
[  896.219947][T23413] RSP: 002b:00007ffe0fe94f90 EFLAGS: 00010206
[  896.219958][T23413] RAX: 0000000000000003 RBX: 0000000000000003 RCX: 0000000000457ec0
[  896.219965][T23413] RDX: 00007ffe0fe94f90 RSI: 0000000000000003 RDI: 0000000000000001
[  896.219973][T23413] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001907940
[  896.219981][T23413] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffe0fe96170
[  896.219988][T23413] R13: 00007ffe0fe96160 R14: 0000000000000000 R15: 00007ffe0fe96170
[  896.325167][T23413] memory: usage 644kB, limit 0kB, failcnt 531
[  896.331643][T23413] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  896.383887][T23413] Memory cgroup stats for /syz3:
[  896.383990][T23413] anon 61440
[  896.383990][T23413] file 118784
[  896.383990][T23413] kernel_stack 0
[  896.383990][T23413] slab 692224
[  896.383990][T23413] sock 81920
[  896.383990][T23413] shmem 24576
[  896.383990][T23413] file_mapped 0
[  896.383990][T23413] file_dirty 135168
[  896.383990][T23413] file_writeback 0
[  896.383990][T23413] anon_thp 0
[  896.383990][T23413] inactive_anon 0
[  896.383990][T23413] active_anon 61440
[  896.383990][T23413] inactive_file 98304
[  896.383990][T23413] active_file 0
[  896.383990][T23413] unevictable 135168
[  896.383990][T23413] slab_reclaimable 270336
[  896.383990][T23413] slab_unreclaimable 421888
[  896.383990][T23413] pgfault 59334
[  896.383990][T23413] pgmajfault 0
[  896.383990][T23413] workingset_refault 0
[  896.383990][T23413] workingset_activate 0
[  896.383990][T23413] workingset_nodereclaim 0
[  896.383990][T23413] pgrefill 8688
[  896.383990][T23413] pgscan 40193
[  896.383990][T23413] pgsteal 9652
[  896.383990][T23413] pgactivate 11286
[  896.507687][T23413] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23413,uid=0
[  896.537270][T23465] chnl_net:caif_netlink_parms(): no params data found
[  896.577951][T23413] Memory cgroup out of memory: Killed process 23413 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  896.641016][T23465] bridge0: port 1(bridge_slave_0) entered blocking state
[  896.663727][T23465] bridge0: port 1(bridge_slave_0) entered disabled state
[  896.672393][T23465] device bridge_slave_0 entered promiscuous mode
[  896.681308][T23465] bridge0: port 2(bridge_slave_1) entered blocking state
[  896.689023][T23465] bridge0: port 2(bridge_slave_1) entered disabled state
[  896.697079][T23465] device bridge_slave_1 entered promiscuous mode
[  896.953735][T23465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  896.966222][T23465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  897.007753][T23465] team0: Port device team_slave_0 added
[  897.014926][T23465] team0: Port device team_slave_1 added
[  897.119863][T23465] device hsr_slave_0 entered promiscuous mode
[  897.199504][T23465] device hsr_slave_1 entered promiscuous mode
[  897.247681][T23465] debugfs: Directory 'hsr0' with parent '/' already present!
[  897.386485][T23465] 8021q: adding VLAN 0 to HW filter on device bond0
[  897.405214][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  897.421428][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  897.438957][T23465] 8021q: adding VLAN 0 to HW filter on device team0
[  897.452464][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  897.461226][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  897.470286][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state
[  897.477340][ T8848] bridge0: port 1(bridge_slave_0) entered forwarding state
[  897.487461][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  897.503556][T23468] IPVS: ftp: loaded support on port[0] = 21
[  897.507627][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  897.519942][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  897.529697][T14992] bridge0: port 2(bridge_slave_1) entered blocking state
[  897.536750][T14992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  897.545186][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  897.554790][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  897.563653][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  897.572542][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  897.583169][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  897.591771][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  897.600460][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  897.628036][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  897.636360][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  897.659992][T23465] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  897.770914][T23465] 8021q: adding VLAN 0 to HW filter on device batadv0
[  897.792441][T23468] chnl_net:caif_netlink_parms(): no params data found
[  897.854799][T23471] IPVS: ftp: loaded support on port[0] = 21
[  897.905376][T23468] bridge0: port 1(bridge_slave_0) entered blocking state
[  897.915867][T23468] bridge0: port 1(bridge_slave_0) entered disabled state
[  897.932864][T23468] device bridge_slave_0 entered promiscuous mode
[  897.940980][T23468] bridge0: port 2(bridge_slave_1) entered blocking state
[  897.948607][T23468] bridge0: port 2(bridge_slave_1) entered disabled state
[  897.956604][T23468] device bridge_slave_1 entered promiscuous mode
[  897.982327][T23468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  898.010566][T23468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  898.056662][T23468] team0: Port device team_slave_0 added
[  898.086254][T23468] team0: Port device team_slave_1 added
[  898.190763][T23468] device hsr_slave_0 entered promiscuous mode
[  898.238221][T23468] device hsr_slave_1 entered promiscuous mode
[  898.277619][T23468] debugfs: Directory 'hsr0' with parent '/' already present!
[  898.290982][T23471] chnl_net:caif_netlink_parms(): no params data found
[  898.427019][T23484] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  898.447690][T23484] CPU: 0 PID: 23484 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  898.455593][T23484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  898.465641][T23484] Call Trace:
[  898.468937][T23484]  dump_stack+0x172/0x1f0
[  898.473302][T23484]  dump_header+0x10b/0x82d
[  898.477725][T23484]  oom_kill_process.cold+0x10/0x15
[  898.482838][T23484]  out_of_memory+0x334/0x1340
[  898.487537][T23484]  ? __sched_text_start+0x8/0x8
[  898.492403][T23484]  ? oom_killer_disable+0x280/0x280
[  898.497617][T23484]  mem_cgroup_out_of_memory+0x1d8/0x240
[  898.503161][T23484]  ? memcg_stat_show+0xc40/0xc40
[  898.508103][T23484]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  898.514027][T23484]  ? cgroup_file_notify+0x140/0x1b0
[  898.519224][T23484]  memory_max_write+0x262/0x3a0
[  898.524078][T23484]  ? mem_cgroup_write+0x370/0x370
[  898.529103][T23484]  ? lock_acquire+0x190/0x410
[  898.533805][T23484]  ? kernfs_fop_write+0x227/0x480
[  898.538844][T23484]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  898.544402][T23484]  cgroup_file_write+0x241/0x790
[  898.549350][T23484]  ? mem_cgroup_write+0x370/0x370
[  898.554376][T23484]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  898.560013][T23484]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  898.565641][T23484]  kernfs_fop_write+0x2b8/0x480
[  898.570494][T23484]  __vfs_write+0x8a/0x110
[  898.574840][T23484]  ? kernfs_fop_open+0xd80/0xd80
[  898.579781][T23484]  __kernel_write+0x11b/0x3b0
[  898.584460][T23484]  write_pipe_buf+0x15d/0x1f0
[  898.589138][T23484]  ? do_splice_direct+0x2a0/0x2a0
[  898.594159][T23484]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  898.600425][T23484]  ? splice_from_pipe_next.part.0+0x262/0x300
[  898.606518][T23484]  __splice_from_pipe+0x397/0x7d0
[  898.611575][T23484]  ? do_splice_direct+0x2a0/0x2a0
[  898.616620][T23484]  ? do_splice_direct+0x2a0/0x2a0
[  898.621649][T23484]  splice_from_pipe+0x108/0x170
[  898.626505][T23484]  ? splice_shrink_spd+0xd0/0xd0
[  898.631470][T23484]  ? security_file_permission+0x8f/0x380
[  898.637110][T23484]  default_file_splice_write+0x3c/0x90
[  898.642565][T23484]  ? generic_splice_sendpage+0x50/0x50
[  898.648027][T23484]  direct_splice_actor+0x123/0x190
[  898.653140][T23484]  splice_direct_to_actor+0x366/0x970
[  898.658512][T23484]  ? generic_pipe_buf_nosteal+0x10/0x10
[  898.664058][T23484]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  898.670323][T23484]  ? do_splice_to+0x180/0x180
[  898.675008][T23484]  ? rw_verify_area+0x126/0x360
[  898.679882][T23484]  do_splice_direct+0x1da/0x2a0
[  898.684733][T23484]  ? splice_direct_to_actor+0x970/0x970
[  898.690273][T23484]  ? rcu_read_lock_any_held+0xcd/0xf0
[  898.695677][T23484]  ? __this_cpu_preempt_check+0x3a/0x210
[  898.701312][T23484]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  898.707545][T23484]  ? __sb_start_write+0x1e5/0x460
[  898.712594][T23484]  do_sendfile+0x597/0xd00
[  898.717023][T23484]  ? do_compat_pwritev64+0x1c0/0x1c0
[  898.722305][T23484]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  898.728541][T23484]  ? put_timespec64+0xda/0x140
[  898.733312][T23484]  __x64_sys_sendfile64+0x1dd/0x220
[  898.738508][T23484]  ? __ia32_sys_sendfile+0x230/0x230
[  898.743787][T23484]  ? do_syscall_64+0x26/0x760
[  898.748472][T23484]  ? lockdep_hardirqs_on+0x421/0x5e0
[  898.753758][T23484]  ? trace_hardirqs_on+0x67/0x240
[  898.758783][T23484]  do_syscall_64+0xfa/0x760
[  898.763310][T23484]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  898.769224][T23484] RIP: 0033:0x459f49
[  898.773124][T23484] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  898.792839][T23484] RSP: 002b:00007f0f3886ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  898.801256][T23484] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  898.809226][T23484] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  898.817194][T23484] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  898.825158][T23484] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f0f3886f6d4
[  898.833124][T23484] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  898.845293][T23484] memory: usage 1704kB, limit 0kB, failcnt 228
[  898.851713][T23484] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  898.859057][T23484] Memory cgroup stats for /syz5:
[  898.859169][T23484] anon 188416
[  898.859169][T23484] file 126976
[  898.859169][T23484] kernel_stack 131072
[  898.859169][T23484] slab 1368064
[  898.859169][T23484] sock 0
[  898.859169][T23484] shmem 143360
[  898.859169][T23484] file_mapped 0
[  898.859169][T23484] file_dirty 135168
[  898.859169][T23484] file_writeback 0
[  898.859169][T23484] anon_thp 0
[  898.859169][T23484] inactive_anon 0
[  898.859169][T23484] active_anon 188416
[  898.859169][T23484] inactive_file 192512
[  898.859169][T23484] active_file 57344
[  898.859169][T23484] unevictable 135168
[  898.859169][T23484] slab_reclaimable 811008
[  898.859169][T23484] slab_unreclaimable 557056
[  898.859169][T23484] pgfault 55176
[  898.859169][T23484] pgmajfault 0
[  898.859169][T23484] workingset_refault 0
[  898.859169][T23484] workingset_activate 0
[  898.859169][T23484] workingset_nodereclaim 0
[  898.859169][T23484] pgrefill 11569
[  898.859169][T23484] pgscan 29263
[  898.859169][T23484] pgsteal 8856
[  898.966357][T23484] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23465,uid=0
[  898.993848][T23484] Memory cgroup out of memory: Killed process 23465 (syz-executor.5) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  899.018788][ T1070] oom_reaper: reaped process 23465 (syz-executor.5), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  899.550647][T23471] bridge0: port 1(bridge_slave_0) entered blocking state
[  899.559172][T23471] bridge0: port 1(bridge_slave_0) entered disabled state
[  899.566877][T23471] device bridge_slave_0 entered promiscuous mode
[  899.574918][T23471] bridge0: port 2(bridge_slave_1) entered blocking state
[  899.582456][T23471] bridge0: port 2(bridge_slave_1) entered disabled state
[  899.590986][T23471] device bridge_slave_1 entered promiscuous mode
10:31:52 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:52 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:52 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)

10:31:52 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f000095dffc)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  899.613324][T23471] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
10:31:52 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:52 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:31:52 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:31:52 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  899.917574][    C0] net_ratelimit: 2 callbacks suppressed
[  899.917583][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  899.929016][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:31:52 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  900.147845][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  900.153729][    C1] protocol 88fb is buggy, dev hsr_slave_1
10:31:52 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  900.387613][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  900.393434][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  900.576249][T23471] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  901.024160][T23471] team0: Port device team_slave_0 added
[  901.033118][T23471] team0: Port device team_slave_1 added
[  901.535925][T23509] IPVS: ftp: loaded support on port[0] = 21
[  901.536921][T23511] IPVS: ftp: loaded support on port[0] = 21
[  901.580761][T23471] device hsr_slave_0 entered promiscuous mode
[  901.638107][T23471] device hsr_slave_1 entered promiscuous mode
[  901.677659][T23471] debugfs: Directory 'hsr0' with parent '/' already present!
[  902.096462][T23468] 8021q: adding VLAN 0 to HW filter on device bond0
[  902.151992][T23468] 8021q: adding VLAN 0 to HW filter on device team0
[  902.544651][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  902.552885][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  902.582186][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  902.592211][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  902.601222][T14991] bridge0: port 1(bridge_slave_0) entered blocking state
[  902.608347][T14991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  902.615952][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  902.624758][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  902.633308][T14991] bridge0: port 2(bridge_slave_1) entered blocking state
[  902.640502][T14991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  902.648800][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  903.079295][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  903.134377][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  903.537385][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  903.546451][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  903.556017][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  903.574878][T23511] chnl_net:caif_netlink_parms(): no params data found
[  903.589169][T23509] chnl_net:caif_netlink_parms(): no params data found
[  903.608437][T23471] 8021q: adding VLAN 0 to HW filter on device bond0
[  903.615371][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  903.625273][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  903.668531][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  903.676921][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  903.685875][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  903.694709][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  904.116580][T23468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  904.133943][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  904.142345][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  904.151885][T23511] bridge0: port 1(bridge_slave_0) entered blocking state
[  904.159753][T23511] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.167430][T23511] device bridge_slave_0 entered promiscuous mode
[  904.175876][T23511] bridge0: port 2(bridge_slave_1) entered blocking state
[  904.183740][T23511] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.192659][T23511] device bridge_slave_1 entered promiscuous mode
[  904.224371][T23509] bridge0: port 1(bridge_slave_0) entered blocking state
[  904.232028][T23509] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.240549][T23509] device bridge_slave_0 entered promiscuous mode
[  904.249160][T23509] bridge0: port 2(bridge_slave_1) entered blocking state
[  904.256211][T23509] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.265303][T23509] device bridge_slave_1 entered promiscuous mode
[  904.275063][T23471] 8021q: adding VLAN 0 to HW filter on device team0
[  904.298624][T23511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  904.310454][T11615] device bridge_slave_1 left promiscuous mode
[  904.316686][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.368834][T11615] device bridge_slave_0 left promiscuous mode
[  904.375080][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.438874][T11615] device bridge_slave_1 left promiscuous mode
[  904.445042][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.508888][T11615] device bridge_slave_0 left promiscuous mode
[  904.515119][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.560233][T11615] device bridge_slave_1 left promiscuous mode
[  904.566390][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.608448][T11615] device bridge_slave_0 left promiscuous mode
[  904.614635][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.668949][T11615] device bridge_slave_1 left promiscuous mode
[  904.675275][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.721775][T11615] device bridge_slave_0 left promiscuous mode
[  904.728824][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.769485][T11615] device bridge_slave_1 left promiscuous mode
[  904.775657][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.839070][T11615] device bridge_slave_0 left promiscuous mode
[  904.845290][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  915.748384][T11615] device hsr_slave_0 left promiscuous mode
[  915.787952][T11615] device hsr_slave_1 left promiscuous mode
[  915.845847][T11615] team0 (unregistering): Port device team_slave_1 removed
[  915.860851][T11615] team0 (unregistering): Port device team_slave_0 removed
[  915.872994][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  915.914413][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  916.015597][T11615] bond0 (unregistering): Released all slaves
[  916.158459][T11615] device hsr_slave_0 left promiscuous mode
[  916.197937][T11615] device hsr_slave_1 left promiscuous mode
[  916.252487][T11615] team0 (unregistering): Port device team_slave_1 removed
[  916.267540][T11615] team0 (unregistering): Port device team_slave_0 removed
[  916.282028][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  916.364200][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  916.457100][T11615] bond0 (unregistering): Released all slaves
[  916.608734][T11615] device hsr_slave_0 left promiscuous mode
[  916.647922][T11615] device hsr_slave_1 left promiscuous mode
[  916.702247][T11615] team0 (unregistering): Port device team_slave_1 removed
[  916.717619][T11615] team0 (unregistering): Port device team_slave_0 removed
[  916.731149][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  916.775123][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  916.850957][T11615] bond0 (unregistering): Released all slaves
[  916.978317][T11615] device hsr_slave_0 left promiscuous mode
[  917.028157][T11615] device hsr_slave_1 left promiscuous mode
[  917.082617][T11615] team0 (unregistering): Port device team_slave_1 removed
[  917.094274][T11615] team0 (unregistering): Port device team_slave_0 removed
[  917.109784][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  917.174110][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  917.270976][T11615] bond0 (unregistering): Released all slaves
[  917.438347][T11615] device hsr_slave_0 left promiscuous mode
[  917.487961][T11615] device hsr_slave_1 left promiscuous mode
[  917.565872][T11615] team0 (unregistering): Port device team_slave_1 removed
[  917.580539][T11615] team0 (unregistering): Port device team_slave_0 removed
[  917.593013][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  917.632116][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  917.726895][T11615] bond0 (unregistering): Released all slaves
[  917.819397][T23468] 8021q: adding VLAN 0 to HW filter on device batadv0
[  917.853659][T23511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  917.890978][T23509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  917.916959][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  917.928554][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  917.937228][T14991] bridge0: port 1(bridge_slave_0) entered blocking state
[  917.944701][T14991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  917.952958][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  917.962461][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  917.971243][T14991] bridge0: port 2(bridge_slave_1) entered blocking state
[  917.978911][T14991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  917.986886][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  917.997273][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  918.006687][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  918.016092][T23511] team0: Port device team_slave_0 added
[  918.025072][T23509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  918.049460][T23511] team0: Port device team_slave_1 added
[  918.057341][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  918.066843][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  918.096267][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  918.116062][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  918.125337][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  918.147233][T23471] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  918.158674][T23471] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  918.187303][T23509] team0: Port device team_slave_0 added
[  918.195503][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  918.206587][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  918.225350][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  918.235459][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  918.253072][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  918.268587][T23509] team0: Port device team_slave_1 added
[  918.300659][T23511] device hsr_slave_0 entered promiscuous mode
[  918.338441][T23511] device hsr_slave_1 entered promiscuous mode
[  918.406967][T23471] 8021q: adding VLAN 0 to HW filter on device batadv0
[  918.460679][T23509] device hsr_slave_0 entered promiscuous mode
[  918.466404][T23525] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  918.484890][T23525] CPU: 1 PID: 23525 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  918.493113][T23525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  918.503255][T23525] Call Trace:
[  918.506814][T23525]  dump_stack+0x172/0x1f0
[  918.511162][T23525]  dump_header+0x10b/0x82d
[  918.515699][T23525]  oom_kill_process.cold+0x10/0x15
[  918.520935][T23525]  out_of_memory+0x334/0x1340
[  918.525873][T23525]  ? __sched_text_start+0x8/0x8
[  918.530924][T23525]  ? oom_killer_disable+0x280/0x280
[  918.536301][T23525]  mem_cgroup_out_of_memory+0x1d8/0x240
[  918.541863][T23525]  ? memcg_stat_show+0xc40/0xc40
[  918.546803][T23525]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  918.552762][T23525]  ? cgroup_file_notify+0x140/0x1b0
[  918.558003][T23525]  memory_max_write+0x262/0x3a0
[  918.562849][T23525]  ? mem_cgroup_write+0x370/0x370
[  918.568008][T23525]  ? lock_acquire+0x190/0x410
[  918.572775][T23525]  ? kernfs_fop_write+0x227/0x480
[  918.577794][T23525]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  918.583551][T23525]  cgroup_file_write+0x241/0x790
[  918.588797][T23525]  ? mem_cgroup_write+0x370/0x370
[  918.594010][T23525]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  918.599881][T23525]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  918.605511][T23525]  kernfs_fop_write+0x2b8/0x480
[  918.610412][T23525]  __vfs_write+0x8a/0x110
[  918.614744][T23525]  ? kernfs_fop_open+0xd80/0xd80
[  918.619680][T23525]  __kernel_write+0x11b/0x3b0
[  918.624530][T23525]  write_pipe_buf+0x15d/0x1f0
[  918.629210][T23525]  ? do_splice_direct+0x2a0/0x2a0
[  918.634232][T23525]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  918.640553][T23525]  ? splice_from_pipe_next.part.0+0x262/0x300
[  918.646697][T23525]  __splice_from_pipe+0x397/0x7d0
[  918.651822][T23525]  ? do_splice_direct+0x2a0/0x2a0
[  918.656887][T23525]  ? do_splice_direct+0x2a0/0x2a0
[  918.661907][T23525]  splice_from_pipe+0x108/0x170
[  918.666754][T23525]  ? splice_shrink_spd+0xd0/0xd0
[  918.671840][T23525]  ? security_file_permission+0x8f/0x380
[  918.677475][T23525]  default_file_splice_write+0x3c/0x90
[  918.683142][T23525]  ? generic_splice_sendpage+0x50/0x50
[  918.688651][T23525]  direct_splice_actor+0x123/0x190
[  918.693786][T23525]  splice_direct_to_actor+0x366/0x970
[  918.699256][T23525]  ? generic_pipe_buf_nosteal+0x10/0x10
[  918.704867][T23525]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  918.711201][T23525]  ? do_splice_to+0x180/0x180
[  918.715880][T23525]  ? rw_verify_area+0x126/0x360
[  918.720990][T23525]  do_splice_direct+0x1da/0x2a0
[  918.725852][T23525]  ? splice_direct_to_actor+0x970/0x970
[  918.731720][T23525]  ? rcu_read_lock_any_held+0xcd/0xf0
[  918.737332][T23525]  ? __this_cpu_preempt_check+0x3a/0x210
[  918.743049][T23525]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  918.749286][T23525]  ? __sb_start_write+0x1e5/0x460
[  918.754664][T23525]  do_sendfile+0x597/0xd00
[  918.759246][T23525]  ? do_compat_pwritev64+0x1c0/0x1c0
[  918.764592][T23525]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  918.770885][T23525]  ? put_timespec64+0xda/0x140
[  918.775705][T23525]  __x64_sys_sendfile64+0x1dd/0x220
[  918.780949][T23525]  ? __ia32_sys_sendfile+0x230/0x230
[  918.786227][T23525]  ? do_syscall_64+0x26/0x760
[  918.791064][T23525]  ? lockdep_hardirqs_on+0x421/0x5e0
[  918.796343][T23525]  ? trace_hardirqs_on+0x67/0x240
[  918.801455][T23525]  do_syscall_64+0xfa/0x760
[  918.805957][T23525]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  918.811845][T23525] RIP: 0033:0x459f49
[  918.815887][T23525] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  918.835631][T23525] RSP: 002b:00007f32ad21fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  918.844040][T23525] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  918.852016][T23525] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  918.859980][T23525] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  918.868089][T23525] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f32ad2206d4
[  918.876170][T23525] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  918.889484][T23525] memory: usage 1932kB, limit 0kB, failcnt 269
[  918.895784][T23525] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  918.903457][T23525] Memory cgroup stats for /syz2:
[  918.903581][T23525] anon 94208
[  918.903581][T23525] file 200704
[  918.903581][T23525] kernel_stack 131072
[  918.903581][T23525] slab 1327104
[  918.903581][T23525] sock 4096
[  918.903581][T23525] shmem 20480
[  918.903581][T23525] file_mapped 135168
[  918.903581][T23525] file_dirty 135168
[  918.903581][T23525] file_writeback 0
[  918.903581][T23525] anon_thp 0
[  918.903581][T23525] inactive_anon 90112
[  918.903581][T23525] active_anon 94208
[  918.903581][T23525] inactive_file 110592
[  918.903581][T23525] active_file 81920
[  918.903581][T23525] unevictable 0
[  918.903581][T23525] slab_reclaimable 946176
[  918.903581][T23525] slab_unreclaimable 380928
[  918.903581][T23525] pgfault 65868
[  918.903581][T23525] pgmajfault 0
[  918.903581][T23525] workingset_refault 0
[  918.903581][T23525] workingset_activate 0
[  918.903581][T23525] workingset_nodereclaim 0
[  918.903581][T23525] pgrefill 18637
[  918.903581][T23525] pgscan 26770
[  918.903581][T23525] pgsteal 3058
[  918.999315][T23525] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23468,uid=0
[  918.999465][T23509] device hsr_slave_1 entered promiscuous mode
[  919.022989][T23525] Memory cgroup out of memory: Killed process 23468 (syz-executor.2) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  919.041240][ T1070] oom_reaper: reaped process 23468 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  919.077757][T23509] debugfs: Directory 'hsr0' with parent '/' already present!
10:32:11 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  919.363336][T23511] 8021q: adding VLAN 0 to HW filter on device bond0
[  919.382066][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  919.392059][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  919.412977][T23509] 8021q: adding VLAN 0 to HW filter on device bond0
[  919.451569][T23511] 8021q: adding VLAN 0 to HW filter on device team0
[  919.637884][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  919.646857][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  919.664888][ T9575] bridge0: port 1(bridge_slave_0) entered blocking state
[  919.672202][ T9575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  919.688551][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  919.697053][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  919.713377][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  919.737577][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  919.746570][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  919.764993][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  919.772158][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  919.788535][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  919.804232][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  919.886896][T23538] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  919.897779][T23538] CPU: 1 PID: 23538 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  919.900062][T23509] 8021q: adding VLAN 0 to HW filter on device team0
[  919.905781][T23538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  919.922703][T23538] Call Trace:
[  919.926009][T23538]  dump_stack+0x172/0x1f0
[  919.930526][T23538]  dump_header+0x10b/0x82d
[  919.935074][T23538]  oom_kill_process.cold+0x10/0x15
[  919.940480][T23538]  out_of_memory+0x334/0x1340
[  919.942581][T23511] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  919.945176][T23538]  ? cgroup_file_notify+0x140/0x1b0
[  919.945204][T23538]  ? oom_killer_disable+0x280/0x280
[  919.966334][T23538]  mem_cgroup_out_of_memory+0x1d8/0x240
[  919.970173][T23511] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  919.971974][T23538]  ? memcg_stat_show+0xc40/0xc40
[  919.972002][T23538]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  919.993472][T23538]  ? cgroup_file_notify+0x140/0x1b0
[  919.998710][T23538]  memory_max_write+0x262/0x3a0
[  920.003590][T23538]  ? mem_cgroup_write+0x370/0x370
[  920.008753][T23538]  ? lock_acquire+0x190/0x410
[  920.013601][T23538]  ? kernfs_fop_write+0x227/0x480
[  920.018745][T23538]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  920.024321][T23538]  cgroup_file_write+0x241/0x790
[  920.026136][T23511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  920.029459][T23538]  ? mem_cgroup_write+0x370/0x370
[  920.029478][T23538]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  920.029504][T23538]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  920.053009][T23538]  kernfs_fop_write+0x2b8/0x480
[  920.057881][T23538]  __vfs_write+0x8a/0x110
[  920.062235][T23538]  ? kernfs_fop_open+0xd80/0xd80
[  920.067288][T23538]  __kernel_write+0x11b/0x3b0
[  920.072136][T23538]  write_pipe_buf+0x15d/0x1f0
[  920.076824][T23538]  ? do_splice_direct+0x2a0/0x2a0
[  920.081861][T23538]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  920.088280][T23538]  ? splice_from_pipe_next.part.0+0x262/0x300
[  920.094370][T23538]  __splice_from_pipe+0x397/0x7d0
[  920.099406][T23538]  ? do_splice_direct+0x2a0/0x2a0
[  920.104451][T23538]  ? do_splice_direct+0x2a0/0x2a0
[  920.109575][T23538]  splice_from_pipe+0x108/0x170
[  920.114552][T23538]  ? splice_shrink_spd+0xd0/0xd0
[  920.119510][T23538]  ? security_file_permission+0x8f/0x380
[  920.125244][T23538]  default_file_splice_write+0x3c/0x90
[  920.130750][T23538]  ? generic_splice_sendpage+0x50/0x50
[  920.136432][T23538]  direct_splice_actor+0x123/0x190
[  920.141568][T23538]  splice_direct_to_actor+0x366/0x970
[  920.147114][T23538]  ? generic_pipe_buf_nosteal+0x10/0x10
[  920.152680][T23538]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  920.159168][T23538]  ? do_splice_to+0x180/0x180
[  920.163861][T23538]  ? rw_verify_area+0x126/0x360
[  920.169065][T23538]  do_splice_direct+0x1da/0x2a0
[  920.174367][T23538]  ? splice_direct_to_actor+0x970/0x970
[  920.180429][T23538]  ? rcu_read_lock_any_held+0xcd/0xf0
[  920.186165][T23538]  ? __this_cpu_preempt_check+0x3a/0x210
[  920.191819][T23538]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  920.198387][T23538]  ? __sb_start_write+0x1e5/0x460
[  920.203433][T23538]  do_sendfile+0x597/0xd00
[  920.207986][T23538]  ? do_compat_pwritev64+0x1c0/0x1c0
[  920.213287][T23538]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  920.219564][T23538]  ? put_timespec64+0xda/0x140
[  920.224409][T23538]  __x64_sys_sendfile64+0x1dd/0x220
[  920.229624][T23538]  ? __ia32_sys_sendfile+0x230/0x230
[  920.234918][T23538]  ? do_syscall_64+0x26/0x760
[  920.239857][T23538]  ? lockdep_hardirqs_on+0x421/0x5e0
[  920.245300][T23538]  ? trace_hardirqs_on+0x67/0x240
[  920.250348][T23538]  do_syscall_64+0xfa/0x760
[  920.254962][T23538]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  920.260862][T23538] RIP: 0033:0x459f49
[  920.264869][T23538] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  920.284742][T23538] RSP: 002b:00007f1f1cdc2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  920.293372][T23538] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  920.301549][T23538] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  920.309735][T23538] RBP: 000000000075c1c0 R08: 0000000000000000 R09: 0000000000000000
[  920.317881][T23538] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f1f1cdc36d4
[  920.326124][T23538] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  920.338837][T23538] memory: usage 5676kB, limit 0kB, failcnt 196
[  920.356651][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  920.379865][T23538] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  920.390372][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  920.399922][T23538] Memory cgroup stats for /syz4:
[  920.400041][T23538] anon 4341760
[  920.400041][T23538] file 135168
[  920.400041][T23538] kernel_stack 131072
[  920.400041][T23538] slab 962560
[  920.400041][T23538] sock 0
[  920.400041][T23538] shmem 0
[  920.400041][T23538] file_mapped 135168
[  920.400041][T23538] file_dirty 0
[  920.400041][T23538] file_writeback 0
[  920.400041][T23538] anon_thp 4194304
[  920.400041][T23538] inactive_anon 135168
[  920.400041][T23538] active_anon 4341760
[  920.400041][T23538] inactive_file 167936
[  920.400041][T23538] active_file 8192
[  920.400041][T23538] unevictable 0
[  920.400041][T23538] slab_reclaimable 540672
[  920.400041][T23538] slab_unreclaimable 421888
[  920.400041][T23538] pgfault 49203
[  920.400041][T23538] pgmajfault 0
[  920.400041][T23538] workingset_refault 0
[  920.400041][T23538] workingset_activate 0
[  920.400041][T23538] workingset_nodereclaim 0
[  920.400041][T23538] pgrefill 8154
[  920.400041][T23538] pgscan 26260
[  920.400041][T23538] pgsteal 7898
[  920.499977][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  920.509364][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  920.518391][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  920.528263][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  920.536855][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  920.546511][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  920.582527][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  920.591660][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  920.599811][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  920.604444][T23538] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23531,uid=0
[  920.611409][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  920.638421][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.645511][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  920.659509][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  920.667838][T23538] Memory cgroup out of memory: Killed process 23538 (syz-executor.4) total-vm:73116kB, anon-rss:4268kB, file-rss:35904kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[  920.687395][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  920.695973][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  920.703076][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  920.712607][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  920.713182][ T1070] oom_reaper: reaped process 23538 (syz-executor.4), now anon-rss:0kB, file-rss:34944kB, shmem-rss:0kB
[  920.721574][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  920.748218][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  920.770755][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
10:32:13 executing program 4:

10:32:13 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040), &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:32:13 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x18000000}, 0x0)

10:32:13 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  920.785442][T23471] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  920.795826][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  920.826938][T23471] CPU: 0 PID: 23471 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  920.835049][T23471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  920.845110][T23471] Call Trace:
[  920.848407][T23471]  dump_stack+0x172/0x1f0
[  920.848430][T23471]  dump_header+0x10b/0x82d
[  920.857169][T23471]  ? oom_kill_process+0x94/0x3f0
[  920.862128][T23471]  oom_kill_process.cold+0x10/0x15
[  920.867260][T23471]  out_of_memory+0x334/0x1340
[  920.871947][T23471]  ? lock_downgrade+0x920/0x920
[  920.876810][T23471]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  920.882634][T23471]  ? oom_killer_disable+0x280/0x280
[  920.887885][T23471]  mem_cgroup_out_of_memory+0x1d8/0x240
[  920.893448][T23471]  ? memcg_stat_show+0xc40/0xc40
[  920.898399][T23471]  ? do_raw_spin_unlock+0x57/0x270
[  920.903530][T23471]  ? _raw_spin_unlock+0x2d/0x50
[  920.908407][T23471]  try_charge+0xf4b/0x1440
[  920.912844][T23471]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  920.918401][T23471]  ? percpu_ref_tryget_live+0x111/0x290
[  920.923966][T23471]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  920.930244][T23471]  ? __kasan_check_read+0x11/0x20
[  920.935292][T23471]  ? get_mem_cgroup_from_mm+0x156/0x320
[  920.940861][T23471]  mem_cgroup_try_charge+0x136/0x590
[  920.946177][T23471]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  920.947570][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  920.951837][T23471]  __handle_mm_fault+0x1f0d/0x4040
[  920.951861][T23471]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  920.951874][T23471]  ? handle_mm_fault+0x292/0xaa0
[  920.951897][T23471]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  920.951915][T23471]  ? __kasan_check_read+0x11/0x20
[  920.957699][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  920.962718][T23471]  handle_mm_fault+0x3b7/0xaa0
[  920.995513][T23471]  __do_page_fault+0x536/0xdd0
[  921.000337][T23471]  do_page_fault+0x38/0x590
[  921.004862][T23471]  page_fault+0x39/0x40
[  921.009030][T23471] RIP: 0033:0x432931
[  921.012931][T23471] Code: 05 a8 3c 2e 00 90 17 43 00 c3 0f 1f 80 00 00 00 00 c7 05 a6 43 64 00 00 00 00 00 c3 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 55 <53> 48 83 ec 08 48 8b 05 8b 3c 2e 00 48 85 c0 0f 85 42 01 00 00 48
[  921.032920][T23471] RSP: 002b:00007ffc31f1b000 EFLAGS: 00010287
[  921.039004][T23471] RAX: 0000000000001000 RBX: 0000000000000003 RCX: 00000000004592b4
[  921.046988][T23471] RDX: 00007ffc31f1b010 RSI: 00007ffc31f1b010 RDI: 0000000000008030
[  921.054975][T23471] RBP: 0000000000008000 R08: 0000000000000001 R09: 0000000001ee0940
[  921.062957][T23471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc31f1c1f0
[  921.070949][T23471] R13: 00007ffc31f1c1e0 R14: 0000000000000000 R15: 00007ffc31f1c1f0
[  921.079250][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  921.085049][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  921.091648][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  921.097450][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  921.104041][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  921.109896][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  921.119326][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  921.135288][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  921.172332][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  921.184057][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  921.205659][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  921.231072][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  921.243205][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  921.278940][T23509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  921.348165][T23471] memory: usage 1108kB, limit 0kB, failcnt 205
[  921.355002][T23509] 8021q: adding VLAN 0 to HW filter on device batadv0
[  921.357268][T23471] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  921.396880][T23471] Memory cgroup stats for /syz4:
[  921.396987][T23471] anon 126976
[  921.396987][T23471] file 135168
[  921.396987][T23471] kernel_stack 0
[  921.396987][T23471] slab 962560
[  921.396987][T23471] sock 0
[  921.396987][T23471] shmem 0
[  921.396987][T23471] file_mapped 135168
[  921.396987][T23471] file_dirty 0
[  921.396987][T23471] file_writeback 0
[  921.396987][T23471] anon_thp 0
[  921.396987][T23471] inactive_anon 135168
[  921.396987][T23471] active_anon 126976
[  921.396987][T23471] inactive_file 167936
[  921.396987][T23471] active_file 8192
[  921.396987][T23471] unevictable 0
[  921.396987][T23471] slab_reclaimable 540672
[  921.396987][T23471] slab_unreclaimable 421888
[  921.396987][T23471] pgfault 49236
[  921.396987][T23471] pgmajfault 0
[  921.396987][T23471] workingset_refault 0
[  921.396987][T23471] workingset_activate 0
[  921.396987][T23471] workingset_nodereclaim 0
[  921.396987][T23471] pgrefill 8154
[  921.396987][T23471] pgscan 26260
[  921.396987][T23471] pgsteal 7898
[  921.396987][T23471] pgactivate 11979
[  921.535070][T23471] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23471,uid=0
[  921.582269][T23471] Memory cgroup out of memory: Killed process 23471 (syz-executor.4) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  921.611959][ T1070] oom_reaper: reaped process 23471 (syz-executor.4), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  921.626829][T23552] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  921.664986][T23552] CPU: 0 PID: 23552 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  921.672941][T23552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  921.682997][T23552] Call Trace:
[  921.686291][T23552]  dump_stack+0x172/0x1f0
[  921.690625][T23552]  dump_header+0x10b/0x82d
[  921.695043][T23552]  oom_kill_process.cold+0x10/0x15
[  921.700156][T23552]  out_of_memory+0x334/0x1340
[  921.704831][T23552]  ? cgroup_file_notify+0x140/0x1b0
[  921.710038][T23552]  ? oom_killer_disable+0x280/0x280
[  921.715243][T23552]  mem_cgroup_out_of_memory+0x1d8/0x240
[  921.720798][T23552]  ? memcg_stat_show+0xc40/0xc40
[  921.725755][T23552]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  921.731578][T23552]  ? cgroup_file_notify+0x140/0x1b0
[  921.736791][T23552]  memory_max_write+0x262/0x3a0
[  921.741647][T23552]  ? mem_cgroup_write+0x370/0x370
[  921.746666][T23552]  ? lock_acquire+0x190/0x410
[  921.751354][T23552]  ? kernfs_fop_write+0x227/0x480
[  921.756380][T23552]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  921.761930][T23552]  cgroup_file_write+0x241/0x790
[  921.766869][T23552]  ? mem_cgroup_write+0x370/0x370
[  921.771881][T23552]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  921.777541][T23552]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  921.783194][T23552]  kernfs_fop_write+0x2b8/0x480
[  921.788040][T23552]  __vfs_write+0x8a/0x110
[  921.792356][T23552]  ? kernfs_fop_open+0xd80/0xd80
[  921.797281][T23552]  __kernel_write+0x11b/0x3b0
[  921.801946][T23552]  write_pipe_buf+0x15d/0x1f0
[  921.806609][T23552]  ? do_splice_direct+0x2a0/0x2a0
[  921.811620][T23552]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  921.817842][T23552]  ? splice_from_pipe_next.part.0+0x262/0x300
[  921.823902][T23552]  __splice_from_pipe+0x397/0x7d0
[  921.828913][T23552]  ? do_splice_direct+0x2a0/0x2a0
[  921.833924][T23552]  ? do_splice_direct+0x2a0/0x2a0
[  921.838933][T23552]  splice_from_pipe+0x108/0x170
[  921.843769][T23552]  ? splice_shrink_spd+0xd0/0xd0
[  921.848698][T23552]  ? security_file_permission+0x8f/0x380
[  921.854317][T23552]  default_file_splice_write+0x3c/0x90
[  921.860102][T23552]  ? generic_splice_sendpage+0x50/0x50
[  921.865549][T23552]  direct_splice_actor+0x123/0x190
[  921.870648][T23552]  splice_direct_to_actor+0x366/0x970
[  921.876005][T23552]  ? generic_pipe_buf_nosteal+0x10/0x10
[  921.881547][T23552]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  921.887768][T23552]  ? do_splice_to+0x180/0x180
[  921.892430][T23552]  ? rw_verify_area+0x126/0x360
[  921.897266][T23552]  do_splice_direct+0x1da/0x2a0
[  921.902105][T23552]  ? splice_direct_to_actor+0x970/0x970
[  921.908689][T23552]  ? rcu_read_lock_any_held+0xcd/0xf0
[  921.914058][T23552]  ? __this_cpu_preempt_check+0x3a/0x210
[  921.919676][T23552]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  921.925899][T23552]  ? __sb_start_write+0x1e5/0x460
[  921.930909][T23552]  do_sendfile+0x597/0xd00
[  921.935315][T23552]  ? do_compat_pwritev64+0x1c0/0x1c0
[  921.940581][T23552]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  921.946805][T23552]  ? put_timespec64+0xda/0x140
[  921.951560][T23552]  __x64_sys_sendfile64+0x1dd/0x220
[  921.956751][T23552]  ? __ia32_sys_sendfile+0x230/0x230
[  921.962017][T23552]  ? do_syscall_64+0x26/0x760
[  921.966674][T23552]  ? lockdep_hardirqs_on+0x421/0x5e0
[  921.971946][T23552]  ? trace_hardirqs_on+0x67/0x240
[  921.976964][T23552]  do_syscall_64+0xfa/0x760
[  921.981458][T23552]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  921.987342][T23552] RIP: 0033:0x459f49
[  921.991231][T23552] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  922.010820][T23552] RSP: 002b:00007f7dd6d6ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  922.019212][T23552] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  922.027167][T23552] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  922.035121][T23552] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  922.043076][T23552] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f7dd6d6f6d4
[  922.051036][T23552] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  922.070524][T23552] memory: usage 1544kB, limit 0kB, failcnt 228
[  922.076895][T23552] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  922.084350][T23552] Memory cgroup stats for /syz5:
[  922.084461][T23552] anon 155648
[  922.084461][T23552] file 49152
[  922.084461][T23552] kernel_stack 65536
[  922.084461][T23552] slab 1232896
[  922.084461][T23552] sock 0
[  922.084461][T23552] shmem 143360
[  922.084461][T23552] file_mapped 135168
[  922.084461][T23552] file_dirty 0
[  922.084461][T23552] file_writeback 0
[  922.084461][T23552] anon_thp 0
[  922.084461][T23552] inactive_anon 0
[  922.084461][T23552] active_anon 155648
[  922.084461][T23552] inactive_file 53248
[  922.084461][T23552] active_file 45056
[  922.084461][T23552] unevictable 135168
[  922.084461][T23552] slab_reclaimable 675840
[  922.084461][T23552] slab_unreclaimable 557056
[  922.084461][T23552] pgfault 55275
[  922.084461][T23552] pgmajfault 0
[  922.084461][T23552] workingset_refault 0
[  922.084461][T23552] workingset_activate 0
[  922.084461][T23552] workingset_nodereclaim 0
[  922.084461][T23552] pgrefill 11872
[  922.084461][T23552] pgscan 29619
[  922.084461][T23552] pgsteal 8856
[  922.178207][T23552] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23511,uid=0
[  922.221021][T23552] Memory cgroup out of memory: Killed process 23511 (syz-executor.5) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  922.261642][T23567] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  922.272612][ T1070] oom_reaper: reaped process 23511 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  922.291663][T23567] CPU: 1 PID: 23567 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  922.299571][T23567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  922.309631][T23567] Call Trace:
[  922.312925][T23567]  dump_stack+0x172/0x1f0
[  922.317257][T23567]  dump_header+0x10b/0x82d
[  922.321681][T23567]  oom_kill_process.cold+0x10/0x15
[  922.326792][T23567]  out_of_memory+0x334/0x1340
[  922.331474][T23567]  ? oom_killer_disable+0x280/0x280
[  922.336680][T23567]  mem_cgroup_out_of_memory+0x1d8/0x240
[  922.342219][T23567]  ? memcg_stat_show+0xc40/0xc40
[  922.347163][T23567]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  922.352992][T23567]  ? cgroup_file_notify+0x140/0x1b0
[  922.358190][T23567]  memory_max_write+0x262/0x3a0
[  922.363043][T23567]  ? mem_cgroup_write+0x370/0x370
[  922.368061][T23567]  ? lock_acquire+0x190/0x410
[  922.372736][T23567]  ? kernfs_fop_write+0x227/0x480
[  922.377760][T23567]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  922.383325][T23567]  cgroup_file_write+0x241/0x790
[  922.388270][T23567]  ? mem_cgroup_write+0x370/0x370
[  922.393298][T23567]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  922.398941][T23567]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  922.404570][T23567]  kernfs_fop_write+0x2b8/0x480
[  922.409424][T23567]  __vfs_write+0x8a/0x110
[  922.413748][T23567]  ? kernfs_fop_open+0xd80/0xd80
[  922.418681][T23567]  __kernel_write+0x11b/0x3b0
[  922.423362][T23567]  write_pipe_buf+0x15d/0x1f0
[  922.428040][T23567]  ? do_splice_direct+0x2a0/0x2a0
[  922.433066][T23567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  922.439302][T23567]  ? splice_from_pipe_next.part.0+0x262/0x300
[  922.445374][T23567]  __splice_from_pipe+0x397/0x7d0
[  922.450409][T23567]  ? do_splice_direct+0x2a0/0x2a0
[  922.455441][T23567]  ? do_splice_direct+0x2a0/0x2a0
[  922.460468][T23567]  splice_from_pipe+0x108/0x170
[  922.465318][T23567]  ? splice_shrink_spd+0xd0/0xd0
[  922.470263][T23567]  ? security_file_permission+0x8f/0x380
[  922.475992][T23567]  default_file_splice_write+0x3c/0x90
[  922.481465][T23567]  ? generic_splice_sendpage+0x50/0x50
[  922.486934][T23567]  direct_splice_actor+0x123/0x190
[  922.492059][T23567]  splice_direct_to_actor+0x366/0x970
[  922.497440][T23567]  ? generic_pipe_buf_nosteal+0x10/0x10
[  922.502989][T23567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  922.509239][T23567]  ? do_splice_to+0x180/0x180
[  922.513923][T23567]  ? rw_verify_area+0x126/0x360
[  922.518773][T23567]  do_splice_direct+0x1da/0x2a0
[  922.523624][T23567]  ? splice_direct_to_actor+0x970/0x970
[  922.529167][T23567]  ? rcu_read_lock_any_held+0xcd/0xf0
[  922.534541][T23567]  ? __this_cpu_preempt_check+0x3a/0x210
[  922.540177][T23567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  922.546422][T23567]  ? __sb_start_write+0x1e5/0x460
[  922.551455][T23567]  do_sendfile+0x597/0xd00
[  922.555881][T23567]  ? do_compat_pwritev64+0x1c0/0x1c0
[  922.561217][T23567]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  922.567436][T23567]  ? put_timespec64+0xda/0x140
[  922.572195][T23567]  __x64_sys_sendfile64+0x1dd/0x220
[  922.577392][T23567]  ? __ia32_sys_sendfile+0x230/0x230
[  922.582810][T23567]  ? do_syscall_64+0x26/0x760
[  922.587513][T23567]  ? lockdep_hardirqs_on+0x421/0x5e0
[  922.592885][T23567]  ? trace_hardirqs_on+0x67/0x240
[  922.597921][T23567]  do_syscall_64+0xfa/0x760
[  922.602412][T23567]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  922.608282][T23567] RIP: 0033:0x459f49
[  922.612169][T23567] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  922.631759][T23567] RSP: 002b:00007fca23317c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  922.640155][T23567] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  922.648117][T23567] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  922.656075][T23567] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  922.664031][T23567] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fca233186d4
[  922.671982][T23567] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  922.686981][T23567] memory: usage 4928kB, limit 0kB, failcnt 532
[  922.693354][T23567] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  922.700462][T23567] Memory cgroup stats for /syz3:
[  922.700572][T23567] anon 4296704
[  922.700572][T23567] file 118784
[  922.700572][T23567] kernel_stack 0
[  922.700572][T23567] slab 692224
[  922.700572][T23567] sock 81920
[  922.700572][T23567] shmem 24576
[  922.700572][T23567] file_mapped 0
[  922.700572][T23567] file_dirty 135168
[  922.700572][T23567] file_writeback 0
[  922.700572][T23567] anon_thp 4194304
[  922.700572][T23567] inactive_anon 0
[  922.700572][T23567] active_anon 4296704
[  922.700572][T23567] inactive_file 98304
[  922.700572][T23567] active_file 0
[  922.700572][T23567] unevictable 135168
[  922.700572][T23567] slab_reclaimable 270336
[  922.700572][T23567] slab_unreclaimable 421888
[  922.700572][T23567] pgfault 59433
[  922.700572][T23567] pgmajfault 0
[  922.700572][T23567] workingset_refault 0
[  922.700572][T23567] workingset_activate 0
[  922.700572][T23567] workingset_nodereclaim 0
[  922.700572][T23567] pgrefill 8688
[  922.700572][T23567] pgscan 40193
[  922.700572][T23567] pgsteal 9652
[  922.795268][T23567] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23564,uid=0
[  922.832365][T23567] Memory cgroup out of memory: Killed process 23567 (syz-executor.3) total-vm:72720kB, anon-rss:4240kB, file-rss:35804kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  922.859295][ T1070] oom_reaper: reaped process 23567 (syz-executor.3), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB
10:32:15 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f000095dffc)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:15 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040), &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  922.949901][T23509] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  922.988118][T23509] CPU: 0 PID: 23509 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  922.996048][T23509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  923.006125][T23509] Call Trace:
[  923.009421][T23509]  dump_stack+0x172/0x1f0
[  923.013765][T23509]  dump_header+0x10b/0x82d
[  923.018178][T23509]  ? oom_kill_process+0x94/0x3f0
[  923.023115][T23509]  oom_kill_process.cold+0x10/0x15
[  923.028228][T23509]  out_of_memory+0x334/0x1340
[  923.032901][T23509]  ? lock_downgrade+0x920/0x920
[  923.037747][T23509]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  923.043549][T23509]  ? oom_killer_disable+0x280/0x280
[  923.048763][T23509]  mem_cgroup_out_of_memory+0x1d8/0x240
[  923.054301][T23509]  ? memcg_stat_show+0xc40/0xc40
[  923.059246][T23509]  ? do_raw_spin_unlock+0x57/0x270
[  923.064357][T23509]  ? _raw_spin_unlock+0x2d/0x50
[  923.069215][T23509]  try_charge+0xf4b/0x1440
[  923.073641][T23509]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  923.079183][T23509]  ? percpu_ref_tryget_live+0x111/0x290
[  923.084726][T23509]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  923.090962][T23509]  ? __kasan_check_read+0x11/0x20
[  923.095986][T23509]  ? get_mem_cgroup_from_mm+0x156/0x320
[  923.101528][T23509]  mem_cgroup_try_charge+0x136/0x590
[  923.106815][T23509]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  923.112450][T23509]  wp_page_copy+0x407/0x1860
[  923.117047][T23509]  ? find_held_lock+0x35/0x130
[  923.122416][T23509]  ? do_wp_page+0x53b/0x15c0
[  923.127007][T23509]  ? pmd_devmap_trans_unstable+0x220/0x220
[  923.132811][T23509]  ? lock_downgrade+0x920/0x920
[  923.137658][T23509]  ? swp_swapcount+0x540/0x540
[  923.142418][T23509]  ? __kasan_check_read+0x11/0x20
[  923.147434][T23509]  ? do_raw_spin_unlock+0x57/0x270
[  923.152547][T23509]  do_wp_page+0x543/0x15c0
[  923.156970][T23509]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  923.162360][T23509]  __handle_mm_fault+0x23ec/0x4040
[  923.167480][T23509]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  923.173027][T23509]  ? handle_mm_fault+0x292/0xaa0
[  923.177984][T23509]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  923.184339][T23509]  ? __kasan_check_read+0x11/0x20
[  923.189376][T23509]  handle_mm_fault+0x3b7/0xaa0
[  923.194151][T23509]  __do_page_fault+0x536/0xdd0
[  923.198922][T23509]  do_page_fault+0x38/0x590
[  923.203434][T23509]  page_fault+0x39/0x40
[  923.207587][T23509] RIP: 0033:0x431026
[  923.211481][T23509] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  923.231087][T23509] RSP: 002b:00007ffd5b4495e0 EFLAGS: 00010206
[  923.237159][T23509] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  923.245130][T23509] RDX: 0000000000c42930 RSI: 0000000000c4a970 RDI: 0000000000000003
[  923.253096][T23509] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000c41940
[  923.261070][T23509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  923.269047][T23509] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  923.278773][T23509] memory: usage 564kB, limit 0kB, failcnt 540
[  923.284866][T23509] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  923.292147][T23509] Memory cgroup stats for /syz3:
[  923.292249][T23509] anon 61440
[  923.292249][T23509] file 118784
[  923.292249][T23509] kernel_stack 0
[  923.292249][T23509] slab 692224
[  923.292249][T23509] sock 81920
[  923.292249][T23509] shmem 24576
[  923.292249][T23509] file_mapped 0
[  923.292249][T23509] file_dirty 135168
[  923.292249][T23509] file_writeback 0
[  923.292249][T23509] anon_thp 0
[  923.292249][T23509] inactive_anon 0
[  923.292249][T23509] active_anon 61440
[  923.292249][T23509] inactive_file 98304
[  923.292249][T23509] active_file 0
[  923.292249][T23509] unevictable 135168
[  923.292249][T23509] slab_reclaimable 270336
[  923.292249][T23509] slab_unreclaimable 421888
[  923.292249][T23509] pgfault 59433
[  923.292249][T23509] pgmajfault 0
[  923.292249][T23509] workingset_refault 0
[  923.292249][T23509] workingset_activate 0
[  923.292249][T23509] workingset_nodereclaim 0
[  923.292249][T23509] pgrefill 8688
[  923.292249][T23509] pgscan 40193
[  923.292249][T23509] pgsteal 9652
[  923.292249][T23509] pgactivate 11286
[  923.389575][T23509] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23509,uid=0
[  923.405833][T23509] Memory cgroup out of memory: Killed process 23509 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  923.424234][ T1070] oom_reaper: reaped process 23509 (syz-executor.3), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  923.492481][T23571] IPVS: ftp: loaded support on port[0] = 21
10:32:16 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:16 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x40000000}, 0x0)

10:32:16 executing program 0:
r0 = socket(0x100000000011, 0x2, 0x0)
bind(r0, &(0x7f0000000140)=@generic={0x11, "00001900000000000800449452922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee342b76795000b0000000000000101013c5811039e15775027d6ce66fd792b1b0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000020006ad8e5ecc326d3a09ffc2c65400"}, 0x80)
getsockname$packet(r0, &(0x7f0000000040), &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f0000000400)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

10:32:16 executing program 4:

10:32:16 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:16 executing program 0:

10:32:16 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x43050000}, 0x0)

10:32:16 executing program 0:

10:32:16 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  924.147843][T23571] chnl_net:caif_netlink_parms(): no params data found
[  924.323853][T23571] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.367686][T23571] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.375749][T23571] device bridge_slave_0 entered promiscuous mode
[  924.404700][T23571] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.422793][T23571] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.433130][T23571] device bridge_slave_1 entered promiscuous mode
[  924.463213][T23571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  924.482364][T23571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  924.542311][T23571] team0: Port device team_slave_0 added
[  924.562324][T23571] team0: Port device team_slave_1 added
[  924.640584][T23571] device hsr_slave_0 entered promiscuous mode
[  924.709249][T23571] device hsr_slave_1 entered promiscuous mode
[  924.767623][T23571] debugfs: Directory 'hsr0' with parent '/' already present!
[  924.793665][T23571] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.800783][T23571] bridge0: port 2(bridge_slave_1) entered forwarding state
[  924.808181][T23571] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.815267][T23571] bridge0: port 1(bridge_slave_0) entered forwarding state
[  924.853329][T23571] 8021q: adding VLAN 0 to HW filter on device bond0
[  924.867049][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  924.876417][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.884874][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.899547][T23571] 8021q: adding VLAN 0 to HW filter on device team0
[  924.911225][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  924.919967][ T9575] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.927005][ T9575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  924.938149][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  924.946625][T19895] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.953708][T19895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  924.978147][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  924.986835][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  924.997031][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  925.006137][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  925.014707][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  925.024088][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  925.032690][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  925.041325][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  925.049748][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  925.058283][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  925.070054][T23571] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  925.078317][T19895] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  925.101867][T23571] 8021q: adding VLAN 0 to HW filter on device batadv0
[  925.473664][T23601] IPVS: ftp: loaded support on port[0] = 21
[  925.580082][T23601] chnl_net:caif_netlink_parms(): no params data found
[  925.691363][T23602] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  925.704999][T23601] bridge0: port 1(bridge_slave_0) entered blocking state
[  925.713407][T23602] CPU: 1 PID: 23602 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  925.713557][T23601] bridge0: port 1(bridge_slave_0) entered disabled state
[  925.721302][T23602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  925.721308][T23602] Call Trace:
[  925.721329][T23602]  dump_stack+0x172/0x1f0
[  925.721349][T23602]  dump_header+0x10b/0x82d
[  925.721366][T23602]  oom_kill_process.cold+0x10/0x15
[  925.721383][T23602]  out_of_memory+0x334/0x1340
[  925.721401][T23602]  ? __sched_text_start+0x8/0x8
[  925.721414][T23602]  ? oom_killer_disable+0x280/0x280
[  925.721439][T23602]  mem_cgroup_out_of_memory+0x1d8/0x240
[  925.738483][T23602]  ? memcg_stat_show+0xc40/0xc40
[  925.738504][T23602]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  925.738524][T23602]  ? cgroup_file_notify+0x140/0x1b0
[  925.742547][T23601] device bridge_slave_0 entered promiscuous mode
[  925.746118][T23602]  memory_max_write+0x262/0x3a0
[  925.755615][T23602]  ? mem_cgroup_write+0x370/0x370
[  925.765115][T23602]  ? lock_acquire+0x190/0x410
[  925.770827][T23601] bridge0: port 2(bridge_slave_1) entered blocking state
[  925.775836][T23602]  ? kernfs_fop_write+0x227/0x480
[  925.780807][T23601] bridge0: port 2(bridge_slave_1) entered disabled state
[  925.786531][T23602]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  925.798735][T23602]  cgroup_file_write+0x241/0x790
[  925.798755][T23602]  ? mem_cgroup_write+0x370/0x370
[  925.798769][T23602]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  925.798790][T23602]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  925.804500][T23601] device bridge_slave_1 entered promiscuous mode
[  925.808627][T23602]  kernfs_fop_write+0x2b8/0x480
[  925.808644][T23602]  __vfs_write+0x8a/0x110
[  925.808656][T23602]  ? kernfs_fop_open+0xd80/0xd80
[  925.808674][T23602]  __kernel_write+0x11b/0x3b0
[  925.820339][T23602]  write_pipe_buf+0x15d/0x1f0
[  925.820355][T23602]  ? do_splice_direct+0x2a0/0x2a0
[  925.820378][T23602]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  925.832380][T23602]  ? splice_from_pipe_next.part.0+0x262/0x300
[  925.832401][T23602]  __splice_from_pipe+0x397/0x7d0
[  925.832419][T23602]  ? do_splice_direct+0x2a0/0x2a0
[  925.842868][T23602]  ? do_splice_direct+0x2a0/0x2a0
[  925.853482][T23602]  splice_from_pipe+0x108/0x170
[  925.865409][T23602]  ? splice_shrink_spd+0xd0/0xd0
[  925.874544][T23602]  ? security_file_permission+0x8f/0x380
[  925.884115][T23602]  default_file_splice_write+0x3c/0x90
[  925.893795][T23602]  ? generic_splice_sendpage+0x50/0x50
[  925.906054][T23602]  direct_splice_actor+0x123/0x190
[  925.916076][T23602]  splice_direct_to_actor+0x366/0x970
[  925.925913][T23602]  ? generic_pipe_buf_nosteal+0x10/0x10
[  925.936454][T23602]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  925.947317][T23602]  ? do_splice_to+0x180/0x180
[  925.957754][T23602]  ? rw_verify_area+0x126/0x360
[  925.957777][T23602]  do_splice_direct+0x1da/0x2a0
[  925.969541][T23602]  ? splice_direct_to_actor+0x970/0x970
[  925.969557][T23602]  ? rcu_read_lock_any_held+0xcd/0xf0
[  925.969579][T23602]  ? __this_cpu_preempt_check+0x3a/0x210
[  925.979073][T23602]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  925.979092][T23602]  ? __sb_start_write+0x1e5/0x460
[  925.979109][T23602]  do_sendfile+0x597/0xd00
[  925.989467][T23602]  ? do_compat_pwritev64+0x1c0/0x1c0
[  925.989481][T23602]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  925.989500][T23602]  ? put_timespec64+0xda/0x140
[  926.000456][T23602]  __x64_sys_sendfile64+0x1dd/0x220
[  926.000477][T23602]  ? __ia32_sys_sendfile+0x230/0x230
[  926.011699][T23602]  ? do_syscall_64+0x26/0x760
[  926.011715][T23602]  ? lockdep_hardirqs_on+0x421/0x5e0
[  926.011733][T23602]  ? trace_hardirqs_on+0x67/0x240
[  926.021390][T23602]  do_syscall_64+0xfa/0x760
[  926.021410][T23602]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  926.021425][T23602] RIP: 0033:0x459f49
[  926.032385][T23602] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  926.042805][T23602] RSP: 002b:00007fe9b0823c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  926.052724][T23602] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  926.052736][T23602] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  926.062206][T23602] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000
[  926.062218][T23602] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fe9b08246d4
[  926.071958][T23602] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  926.148965][T23602] memory: usage 2036kB, limit 0kB, failcnt 269
[  926.155475][T23602] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  926.162479][T23602] Memory cgroup stats for /syz2:
[  926.162944][T23602] anon 81920
[  926.162944][T23602] file 167936
[  926.162944][T23602] kernel_stack 65536
[  926.162944][T23602] slab 1327104
[  926.162944][T23602] sock 4096
[  926.162944][T23602] shmem 20480
[  926.162944][T23602] file_mapped 135168
[  926.162944][T23602] file_dirty 135168
[  926.162944][T23602] file_writeback 0
[  926.162944][T23602] anon_thp 0
[  926.162944][T23602] inactive_anon 90112
[  926.162944][T23602] active_anon 81920
[  926.162944][T23602] inactive_file 110592
[  926.162944][T23602] active_file 110592
[  926.162944][T23602] unevictable 0
[  926.162944][T23602] slab_reclaimable 946176
[  926.162944][T23602] slab_unreclaimable 380928
[  926.162944][T23602] pgfault 66099
[  926.162944][T23602] pgmajfault 0
[  926.162944][T23602] workingset_refault 0
[  926.162944][T23602] workingset_activate 0
[  926.162944][T23602] workingset_nodereclaim 0
[  926.162944][T23602] pgrefill 20228
[  926.162944][T23602] pgscan 28208
[  926.162944][T23602] pgsteal 3058
[  926.177569][T23602] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23571,uid=0
[  926.275867][T23602] Memory cgroup out of memory: Killed process 23571 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:118784kB oom_score_adj:0
[  926.314172][T23601] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  926.338420][T23605] IPVS: ftp: loaded support on port[0] = 21
[  927.063423][T23601] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  927.271410][T23601] team0: Port device team_slave_0 added
[  927.280035][T23601] team0: Port device team_slave_1 added
10:32:20 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:20 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:20 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x60000000}, 0x0)

10:32:20 executing program 0:

10:32:20 executing program 0:

[  927.731015][T23601] device hsr_slave_0 entered promiscuous mode
10:32:20 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  927.787986][T23601] device hsr_slave_1 entered promiscuous mode
[  927.827635][T23601] debugfs: Directory 'hsr0' with parent '/' already present!
[  928.207097][T23617] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  928.217637][T23617] CPU: 0 PID: 23617 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  928.225537][T23617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  928.235585][T23617] Call Trace:
[  928.238877][T23617]  dump_stack+0x172/0x1f0
[  928.243198][T23617]  dump_header+0x10b/0x82d
[  928.247602][T23617]  oom_kill_process.cold+0x10/0x15
[  928.252701][T23617]  out_of_memory+0x334/0x1340
[  928.257362][T23617]  ? __sched_text_start+0x8/0x8
[  928.262206][T23617]  ? oom_killer_disable+0x280/0x280
[  928.267392][T23617]  mem_cgroup_out_of_memory+0x1d8/0x240
[  928.272930][T23617]  ? memcg_stat_show+0xc40/0xc40
[  928.277855][T23617]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  928.283644][T23617]  ? cgroup_file_notify+0x140/0x1b0
[  928.288835][T23617]  memory_max_write+0x262/0x3a0
[  928.293671][T23617]  ? mem_cgroup_write+0x370/0x370
[  928.298678][T23617]  ? lock_acquire+0x190/0x410
[  928.303340][T23617]  ? kernfs_fop_write+0x227/0x480
[  928.308348][T23617]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  928.313888][T23617]  cgroup_file_write+0x241/0x790
[  928.318811][T23617]  ? mem_cgroup_write+0x370/0x370
[  928.323818][T23617]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  928.329444][T23617]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  928.335068][T23617]  kernfs_fop_write+0x2b8/0x480
[  928.339912][T23617]  __vfs_write+0x8a/0x110
[  928.344223][T23617]  ? kernfs_fop_open+0xd80/0xd80
[  928.349148][T23617]  __kernel_write+0x11b/0x3b0
[  928.353824][T23617]  write_pipe_buf+0x15d/0x1f0
[  928.358571][T23617]  ? do_splice_direct+0x2a0/0x2a0
[  928.363579][T23617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  928.369801][T23617]  ? splice_from_pipe_next.part.0+0x262/0x300
[  928.375860][T23617]  __splice_from_pipe+0x397/0x7d0
[  928.380875][T23617]  ? do_splice_direct+0x2a0/0x2a0
[  928.385897][T23617]  ? do_splice_direct+0x2a0/0x2a0
[  928.390906][T23617]  splice_from_pipe+0x108/0x170
[  928.395741][T23617]  ? splice_shrink_spd+0xd0/0xd0
[  928.400671][T23617]  ? security_file_permission+0x8f/0x380
[  928.406290][T23617]  default_file_splice_write+0x3c/0x90
[  928.411729][T23617]  ? generic_splice_sendpage+0x50/0x50
[  928.417185][T23617]  direct_splice_actor+0x123/0x190
[  928.422282][T23617]  splice_direct_to_actor+0x366/0x970
[  928.427651][T23617]  ? generic_pipe_buf_nosteal+0x10/0x10
[  928.433189][T23617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  928.439412][T23617]  ? do_splice_to+0x180/0x180
[  928.444083][T23617]  ? rw_verify_area+0x126/0x360
[  928.448919][T23617]  do_splice_direct+0x1da/0x2a0
[  928.453753][T23617]  ? splice_direct_to_actor+0x970/0x970
[  928.459288][T23617]  ? rcu_read_lock_any_held+0xcd/0xf0
[  928.464647][T23617]  ? __this_cpu_preempt_check+0x3a/0x210
[  928.470263][T23617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  928.476485][T23617]  ? __sb_start_write+0x1e5/0x460
[  928.481502][T23617]  do_sendfile+0x597/0xd00
[  928.485912][T23617]  ? do_compat_pwritev64+0x1c0/0x1c0
[  928.491180][T23617]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  928.497401][T23617]  ? put_timespec64+0xda/0x140
[  928.502154][T23617]  __x64_sys_sendfile64+0x1dd/0x220
[  928.507336][T23617]  ? __ia32_sys_sendfile+0x230/0x230
[  928.512602][T23617]  ? do_syscall_64+0x26/0x760
[  928.517270][T23617]  ? lockdep_hardirqs_on+0x421/0x5e0
[  928.522538][T23617]  ? trace_hardirqs_on+0x67/0x240
[  928.527548][T23617]  do_syscall_64+0xfa/0x760
[  928.532037][T23617]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  928.537910][T23617] RIP: 0033:0x459f49
[  928.541790][T23617] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  928.561386][T23617] RSP: 002b:00007f920dc09c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  928.569788][T23617] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  928.577742][T23617] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  928.585695][T23617] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  928.593651][T23617] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f920dc0a6d4
[  928.601619][T23617] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  928.609844][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  928.615650][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  928.626086][T23617] memory: usage 2480kB, limit 0kB, failcnt 61
[  928.633198][T23617] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  928.640640][T23617] Memory cgroup stats for /syz0:
[  928.640763][T23617] anon 245760
[  928.640763][T23617] file 221184
[  928.640763][T23617] kernel_stack 196608
[  928.640763][T23617] slab 2187264
[  928.640763][T23617] sock 0
[  928.640763][T23617] shmem 122880
[  928.640763][T23617] file_mapped 0
[  928.640763][T23617] file_dirty 0
[  928.640763][T23617] file_writeback 0
[  928.640763][T23617] anon_thp 0
[  928.640763][T23617] inactive_anon 0
[  928.640763][T23617] active_anon 163840
[  928.640763][T23617] inactive_file 163840
[  928.640763][T23617] active_file 147456
[  928.640763][T23617] unevictable 0
[  928.640763][T23617] slab_reclaimable 946176
[  928.640763][T23617] slab_unreclaimable 1241088
[  928.640763][T23617] pgfault 82500
[  928.640763][T23617] pgmajfault 0
[  928.640763][T23617] workingset_refault 0
[  928.640763][T23617] workingset_activate 0
[  928.640763][T23617] workingset_nodereclaim 0
[  928.640763][T23617] pgrefill 168
[  928.640763][T23617] pgscan 5119
[  928.640763][T23617] pgsteal 4281
[  928.640763][T23617] pgactivate 198
[  928.739047][T23617] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=22674,uid=0
[  928.755513][T23617] Memory cgroup out of memory: Killed process 22674 (syz-executor.0) total-vm:72452kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  928.773955][ T1070] oom_reaper: reaped process 22674 (syz-executor.0), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  928.785255][T23617] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  928.796778][T23617] CPU: 0 PID: 23617 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  928.804687][T23617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  928.814741][T23617] Call Trace:
[  928.818045][T23617]  dump_stack+0x172/0x1f0
[  928.822384][T23617]  dump_header+0x10b/0x82d
[  928.826811][T23617]  oom_kill_process.cold+0x10/0x15
[  928.831930][T23617]  out_of_memory+0x334/0x1340
[  928.836616][T23617]  ? __sched_text_start+0x8/0x8
[  928.841470][T23617]  ? oom_killer_disable+0x280/0x280
[  928.846684][T23617]  mem_cgroup_out_of_memory+0x1d8/0x240
[  928.852234][T23617]  ? memcg_stat_show+0xc40/0xc40
[  928.857189][T23617]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  928.863006][T23617]  ? cgroup_file_notify+0x140/0x1b0
[  928.868213][T23617]  memory_max_write+0x262/0x3a0
[  928.873076][T23617]  ? mem_cgroup_write+0x370/0x370
[  928.878104][T23617]  ? lock_acquire+0x190/0x410
[  928.882782][T23617]  ? kernfs_fop_write+0x227/0x480
[  928.887808][T23617]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  928.893369][T23617]  cgroup_file_write+0x241/0x790
[  928.898313][T23617]  ? mem_cgroup_write+0x370/0x370
[  928.903338][T23617]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  928.909007][T23617]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  928.914660][T23617]  kernfs_fop_write+0x2b8/0x480
[  928.919515][T23617]  __vfs_write+0x8a/0x110
[  928.923839][T23617]  ? kernfs_fop_open+0xd80/0xd80
[  928.928777][T23617]  __kernel_write+0x11b/0x3b0
[  928.933459][T23617]  write_pipe_buf+0x15d/0x1f0
[  928.938140][T23617]  ? do_splice_direct+0x2a0/0x2a0
[  928.943168][T23617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  928.949427][T23617]  ? splice_from_pipe_next.part.0+0x262/0x300
[  928.955500][T23617]  __splice_from_pipe+0x397/0x7d0
[  928.960528][T23617]  ? do_splice_direct+0x2a0/0x2a0
[  928.965569][T23617]  ? do_splice_direct+0x2a0/0x2a0
[  928.970604][T23617]  splice_from_pipe+0x108/0x170
[  928.975477][T23617]  ? splice_shrink_spd+0xd0/0xd0
[  928.980453][T23617]  ? security_file_permission+0x8f/0x380
[  928.986092][T23617]  default_file_splice_write+0x3c/0x90
[  928.991554][T23617]  ? generic_splice_sendpage+0x50/0x50
[  928.997016][T23617]  direct_splice_actor+0x123/0x190
[  929.002141][T23617]  splice_direct_to_actor+0x366/0x970
[  929.007516][T23617]  ? generic_pipe_buf_nosteal+0x10/0x10
[  929.013069][T23617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  929.019316][T23617]  ? do_splice_to+0x180/0x180
[  929.023999][T23617]  ? rw_verify_area+0x126/0x360
[  929.028868][T23617]  do_splice_direct+0x1da/0x2a0
[  929.033724][T23617]  ? splice_direct_to_actor+0x970/0x970
[  929.039273][T23617]  ? rcu_read_lock_any_held+0xcd/0xf0
[  929.044656][T23617]  ? __this_cpu_preempt_check+0x3a/0x210
[  929.050292][T23617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  929.056531][T23617]  ? __sb_start_write+0x1e5/0x460
[  929.061558][T23617]  do_sendfile+0x597/0xd00
[  929.066016][T23617]  ? do_compat_pwritev64+0x1c0/0x1c0
[  929.071313][T23617]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  929.077560][T23617]  ? put_timespec64+0xda/0x140
[  929.082343][T23617]  __x64_sys_sendfile64+0x1dd/0x220
[  929.087546][T23617]  ? __ia32_sys_sendfile+0x230/0x230
[  929.092831][T23617]  ? do_syscall_64+0x26/0x760
[  929.097506][T23617]  ? lockdep_hardirqs_on+0x421/0x5e0
[  929.102790][T23617]  ? trace_hardirqs_on+0x67/0x240
[  929.107820][T23617]  do_syscall_64+0xfa/0x760
[  929.112332][T23617]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  929.118218][T23617] RIP: 0033:0x459f49
[  929.122112][T23617] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  929.141732][T23617] RSP: 002b:00007f920dc09c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  929.150150][T23617] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  929.158109][T23617] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  929.166070][T23617] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  929.174025][T23617] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f920dc0a6d4
[  929.181985][T23617] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  929.195322][T23617] memory: usage 2320kB, limit 0kB, failcnt 61
[  929.202124][T23617] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  929.218302][T23617] Memory cgroup stats for /syz0:
[  929.218414][T23617] anon 245760
[  929.218414][T23617] file 221184
[  929.218414][T23617] kernel_stack 65536
[  929.218414][T23617] slab 2187264
[  929.218414][T23617] sock 0
[  929.218414][T23617] shmem 122880
[  929.218414][T23617] file_mapped 0
[  929.218414][T23617] file_dirty 0
[  929.218414][T23617] file_writeback 0
[  929.218414][T23617] anon_thp 0
[  929.218414][T23617] inactive_anon 0
[  929.218414][T23617] active_anon 163840
[  929.218414][T23617] inactive_file 163840
[  929.218414][T23617] active_file 147456
[  929.218414][T23617] unevictable 0
[  929.218414][T23617] slab_reclaimable 946176
[  929.218414][T23617] slab_unreclaimable 1241088
[  929.218414][T23617] pgfault 82500
[  929.218414][T23617] pgmajfault 0
[  929.218414][T23617] workingset_refault 0
[  929.218414][T23617] workingset_activate 0
[  929.218414][T23617] workingset_nodereclaim 0
[  929.218414][T23617] pgrefill 168
[  929.218414][T23617] pgscan 5119
[  929.218414][T23617] pgsteal 4281
[  929.218414][T23617] pgactivate 198
[  929.223394][T23617] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=23613,uid=0
[  929.332270][T23617] Memory cgroup out of memory: Killed process 23617 (syz-executor.0) total-vm:72980kB, anon-rss:164kB, file-rss:35968kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  929.351282][ T1070] oom_reaper: reaped process 23617 (syz-executor.0), now anon-rss:0kB, file-rss:35008kB, shmem-rss:0kB
[  930.015504][T23623] IPVS: ftp: loaded support on port[0] = 21
[  930.906846][T23605] chnl_net:caif_netlink_parms(): no params data found
[  931.289269][T23623] chnl_net:caif_netlink_parms(): no params data found
[  931.332630][T23605] bridge0: port 1(bridge_slave_0) entered blocking state
[  931.340525][T23605] bridge0: port 1(bridge_slave_0) entered disabled state
[  931.350195][T23605] device bridge_slave_0 entered promiscuous mode
[  931.359462][T23605] bridge0: port 2(bridge_slave_1) entered blocking state
[  931.366605][T23605] bridge0: port 2(bridge_slave_1) entered disabled state
[  931.379022][T23605] device bridge_slave_1 entered promiscuous mode
[  931.800390][T23605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  931.815748][T23623] bridge0: port 1(bridge_slave_0) entered blocking state
[  931.824764][T23623] bridge0: port 1(bridge_slave_0) entered disabled state
[  931.833950][T23623] device bridge_slave_0 entered promiscuous mode
[  931.843032][T23605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  931.855762][T23601] 8021q: adding VLAN 0 to HW filter on device bond0
[  931.863841][T23623] bridge0: port 2(bridge_slave_1) entered blocking state
[  931.871962][T23623] bridge0: port 2(bridge_slave_1) entered disabled state
[  931.879932][T23623] device bridge_slave_1 entered promiscuous mode
[  932.291720][T23623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  932.306802][T23623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  932.325900][T23605] team0: Port device team_slave_0 added
[  932.336072][T11615] device bridge_slave_1 left promiscuous mode
[  932.344366][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.379405][T11615] device bridge_slave_0 left promiscuous mode
[  932.385640][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.448946][T11615] device bridge_slave_1 left promiscuous mode
[  932.455257][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.518680][T11615] device bridge_slave_0 left promiscuous mode
[  932.524890][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.559802][T11615] device bridge_slave_1 left promiscuous mode
[  932.566009][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.609225][T11615] device bridge_slave_0 left promiscuous mode
[  932.615555][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.669636][T11615] device bridge_slave_1 left promiscuous mode
[  932.675854][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.709903][T11615] device bridge_slave_0 left promiscuous mode
[  932.716129][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.779380][T11615] device bridge_slave_1 left promiscuous mode
[  932.785553][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.838969][T11615] device bridge_slave_0 left promiscuous mode
[  932.845196][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  943.268291][T11615] device hsr_slave_0 left promiscuous mode
[  943.337664][T11615] device hsr_slave_1 left promiscuous mode
[  943.405314][T11615] team0 (unregistering): Port device team_slave_1 removed
[  943.419140][T11615] team0 (unregistering): Port device team_slave_0 removed
[  943.431116][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  943.475292][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  943.568639][T11615] bond0 (unregistering): Released all slaves
[  943.699499][T11615] device hsr_slave_0 left promiscuous mode
[  943.757768][T11615] device hsr_slave_1 left promiscuous mode
[  943.821505][T11615] team0 (unregistering): Port device team_slave_1 removed
[  943.839895][T11615] team0 (unregistering): Port device team_slave_0 removed
[  943.852974][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  943.883229][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  943.980818][T11615] bond0 (unregistering): Released all slaves
[  944.108103][T11615] device hsr_slave_0 left promiscuous mode
[  944.157701][T11615] device hsr_slave_1 left promiscuous mode
[  944.216094][T11615] team0 (unregistering): Port device team_slave_1 removed
[  944.232191][T11615] team0 (unregistering): Port device team_slave_0 removed
[  944.245801][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  944.301655][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  944.375685][T11615] bond0 (unregistering): Released all slaves
[  944.538494][T11615] device hsr_slave_0 left promiscuous mode
[  944.577875][T11615] device hsr_slave_1 left promiscuous mode
[  944.631208][T11615] team0 (unregistering): Port device team_slave_1 removed
[  944.642744][T11615] team0 (unregistering): Port device team_slave_0 removed
[  944.655812][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  944.715407][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  944.829654][T11615] bond0 (unregistering): Released all slaves
[  944.978439][T11615] device hsr_slave_0 left promiscuous mode
[  945.018734][T11615] device hsr_slave_1 left promiscuous mode
[  945.067161][T11615] team0 (unregistering): Port device team_slave_1 removed
[  945.082815][T11615] team0 (unregistering): Port device team_slave_0 removed
[  945.095893][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  945.134580][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  945.225704][T11615] bond0 (unregistering): Released all slaves
[  945.310982][T23605] team0: Port device team_slave_1 added
[  945.317879][T23623] team0: Port device team_slave_0 added
[  945.327087][T23623] team0: Port device team_slave_1 added
[  945.336758][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  945.347436][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  945.358402][T23601] 8021q: adding VLAN 0 to HW filter on device team0
[  945.382193][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  945.392621][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  945.401331][T13814] bridge0: port 1(bridge_slave_0) entered blocking state
[  945.408463][T13814] bridge0: port 1(bridge_slave_0) entered forwarding state
[  945.475057][T23623] device hsr_slave_0 entered promiscuous mode
[  945.528064][T23623] device hsr_slave_1 entered promiscuous mode
[  945.629440][T23605] device hsr_slave_0 entered promiscuous mode
[  945.668602][T23605] device hsr_slave_1 entered promiscuous mode
[  945.717637][T23605] debugfs: Directory 'hsr0' with parent '/' already present!
[  945.725326][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  945.733638][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  945.742315][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  945.750822][T13814] bridge0: port 2(bridge_slave_1) entered blocking state
[  945.758012][T13814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  945.777601][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  945.786213][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  945.795362][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  945.804236][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  945.813178][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  945.821975][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  945.844949][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  945.852901][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  945.861371][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  945.876353][T23601] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  945.888803][T23601] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  945.899330][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  945.908304][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  945.959500][T23601] 8021q: adding VLAN 0 to HW filter on device batadv0
[  946.034411][T23623] 8021q: adding VLAN 0 to HW filter on device bond0
[  946.062726][T23605] 8021q: adding VLAN 0 to HW filter on device bond0
10:32:38 executing program 4:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)

10:32:38 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:38 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x65580000}, 0x0)

10:32:38 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  946.093218][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  946.110644][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  946.160977][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  946.180427][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  946.200224][T23623] 8021q: adding VLAN 0 to HW filter on device team0
[  946.209845][T23605] 8021q: adding VLAN 0 to HW filter on device team0
[  946.217582][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  946.223409][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  946.249182][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  946.258956][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  946.268629][T13814] bridge0: port 1(bridge_slave_0) entered blocking state
[  946.275753][T13814] bridge0: port 1(bridge_slave_0) entered forwarding state
[  946.283604][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  946.293314][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  946.302250][T13814] bridge0: port 2(bridge_slave_1) entered blocking state
[  946.309406][T13814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  946.317615][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  946.323443][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  946.337582][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  946.343435][    C1] protocol 88fb is buggy, dev hsr_slave_1
10:32:38 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x80350000}, 0x0)

[  946.390437][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  946.408373][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  946.417161][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  946.482360][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  946.507085][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  946.524341][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  946.534365][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  946.543536][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  946.555492][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  946.564916][ T8844] bridge0: port 1(bridge_slave_0) entered blocking state
[  946.572093][ T8844] bridge0: port 1(bridge_slave_0) entered forwarding state
[  946.580826][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  946.612017][T23605] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  946.632413][T23605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  946.655545][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  946.666819][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  946.684119][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  946.695893][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  946.712379][T20283] bridge0: port 2(bridge_slave_1) entered blocking state
[  946.719589][T20283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  946.734363][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  946.743938][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  946.751931][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  946.758535][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  946.766894][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  946.775903][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  946.784852][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  946.795127][T13814] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  946.875784][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  946.884806][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  946.895739][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  946.905931][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  947.002607][T23623] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  947.017014][T23623] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  947.067884][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  947.076492][T23379] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  947.096398][T23605] 8021q: adding VLAN 0 to HW filter on device batadv0
[  947.143190][T23623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  947.414788][T23661] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  947.428610][T23661] CPU: 0 PID: 23661 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  947.436539][T23661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  947.446608][T23661] Call Trace:
[  947.449910][T23661]  dump_stack+0x172/0x1f0
[  947.454249][T23661]  dump_header+0x10b/0x82d
[  947.458678][T23661]  oom_kill_process.cold+0x10/0x15
[  947.463792][T23661]  out_of_memory+0x334/0x1340
[  947.468467][T23661]  ? __sched_text_start+0x8/0x8
[  947.473317][T23661]  ? oom_killer_disable+0x280/0x280
[  947.478526][T23661]  mem_cgroup_out_of_memory+0x1d8/0x240
[  947.484067][T23661]  ? memcg_stat_show+0xc40/0xc40
[  947.489011][T23661]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  947.494815][T23661]  ? cgroup_file_notify+0x140/0x1b0
[  947.500017][T23661]  memory_max_write+0x262/0x3a0
[  947.504868][T23661]  ? mem_cgroup_write+0x370/0x370
[  947.509895][T23661]  ? lock_acquire+0x190/0x410
[  947.514588][T23661]  ? kernfs_fop_write+0x227/0x480
[  947.519614][T23661]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  947.525166][T23661]  cgroup_file_write+0x241/0x790
[  947.530104][T23661]  ? mem_cgroup_write+0x370/0x370
[  947.535123][T23661]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  947.540764][T23661]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  947.546396][T23661]  kernfs_fop_write+0x2b8/0x480
[  947.551247][T23661]  __vfs_write+0x8a/0x110
[  947.555571][T23661]  ? kernfs_fop_open+0xd80/0xd80
[  947.560514][T23661]  __kernel_write+0x11b/0x3b0
[  947.565199][T23661]  write_pipe_buf+0x15d/0x1f0
[  947.569901][T23661]  ? do_splice_direct+0x2a0/0x2a0
[  947.574924][T23661]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  947.581161][T23661]  ? splice_from_pipe_next.part.0+0x262/0x300
[  947.587244][T23661]  __splice_from_pipe+0x397/0x7d0
[  947.592281][T23661]  ? do_splice_direct+0x2a0/0x2a0
[  947.597333][T23661]  ? do_splice_direct+0x2a0/0x2a0
[  947.602362][T23661]  splice_from_pipe+0x108/0x170
[  947.607240][T23661]  ? splice_shrink_spd+0xd0/0xd0
[  947.612191][T23661]  ? security_file_permission+0x8f/0x380
[  947.617833][T23661]  default_file_splice_write+0x3c/0x90
[  947.623305][T23661]  ? generic_splice_sendpage+0x50/0x50
[  947.628780][T23661]  direct_splice_actor+0x123/0x190
[  947.633897][T23661]  splice_direct_to_actor+0x366/0x970
[  947.639276][T23661]  ? generic_pipe_buf_nosteal+0x10/0x10
[  947.644826][T23661]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  947.651067][T23661]  ? do_splice_to+0x180/0x180
[  947.655741][T23661]  ? rw_verify_area+0x126/0x360
[  947.660602][T23661]  do_splice_direct+0x1da/0x2a0
[  947.665463][T23661]  ? splice_direct_to_actor+0x970/0x970
[  947.671031][T23661]  ? rcu_read_lock_any_held+0xcd/0xf0
[  947.676419][T23661]  ? __this_cpu_preempt_check+0x3a/0x210
[  947.682062][T23661]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  947.688329][T23661]  ? __sb_start_write+0x1e5/0x460
[  947.693357][T23661]  do_sendfile+0x597/0xd00
[  947.697791][T23661]  ? do_compat_pwritev64+0x1c0/0x1c0
[  947.703100][T23661]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  947.709353][T23661]  ? put_timespec64+0xda/0x140
[  947.714157][T23661]  __x64_sys_sendfile64+0x1dd/0x220
[  947.719366][T23661]  ? __ia32_sys_sendfile+0x230/0x230
[  947.724651][T23661]  ? do_syscall_64+0x26/0x760
[  947.729342][T23661]  ? lockdep_hardirqs_on+0x421/0x5e0
[  947.734652][T23661]  ? trace_hardirqs_on+0x67/0x240
[  947.739696][T23661]  do_syscall_64+0xfa/0x760
[  947.744225][T23661]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  947.750124][T23661] RIP: 0033:0x459f49
[  947.754021][T23661] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  947.773631][T23661] RSP: 002b:00007f723d6d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  947.782063][T23661] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  947.790034][T23661] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  947.798002][T23661] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  947.805966][T23661] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f723d6d46d4
[  947.813931][T23661] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  947.857739][T23661] memory: usage 2976kB, limit 0kB, failcnt 541
[  947.864463][T23661] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  947.903294][T23661] Memory cgroup stats for /syz3:
[  947.903415][T23661] anon 2174976
[  947.903415][T23661] file 118784
[  947.903415][T23661] kernel_stack 131072
[  947.903415][T23661] slab 692224
[  947.903415][T23661] sock 81920
[  947.903415][T23661] shmem 24576
[  947.903415][T23661] file_mapped 0
[  947.903415][T23661] file_dirty 135168
[  947.903415][T23661] file_writeback 0
[  947.903415][T23661] anon_thp 2097152
[  947.903415][T23661] inactive_anon 0
[  947.903415][T23661] active_anon 2174976
[  947.903415][T23661] inactive_file 98304
[  947.903415][T23661] active_file 0
[  947.903415][T23661] unevictable 135168
[  947.903415][T23661] slab_reclaimable 270336
[  947.903415][T23661] slab_unreclaimable 421888
[  947.903415][T23661] pgfault 59499
[  947.903415][T23661] pgmajfault 0
[  947.903415][T23661] workingset_refault 0
[  947.903415][T23661] workingset_activate 0
[  947.903415][T23661] workingset_nodereclaim 0
[  947.903415][T23661] pgrefill 8688
[  947.903415][T23661] pgscan 40193
[  947.903415][T23661] pgsteal 9652
[  948.004739][T23668] IPVS: ftp: loaded support on port[0] = 21
[  948.013005][T23661] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23656,uid=0
[  948.034601][T23661] Memory cgroup out of memory: Killed process 23656 (syz-executor.3) total-vm:72720kB, anon-rss:2144kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  948.060313][T23660] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  948.061497][ T1070] oom_reaper: reaped process 23656 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  948.076121][T23660] CPU: 1 PID: 23660 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  948.089962][T23660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  948.100031][T23660] Call Trace:
[  948.103332][T23660]  dump_stack+0x172/0x1f0
[  948.107677][T23660]  dump_header+0x10b/0x82d
[  948.112189][T23660]  oom_kill_process.cold+0x10/0x15
[  948.117321][T23660]  out_of_memory+0x334/0x1340
[  948.117345][T23660]  ? oom_killer_disable+0x280/0x280
[  948.117370][T23660]  mem_cgroup_out_of_memory+0x1d8/0x240
[  948.132767][T23660]  ? memcg_stat_show+0xc40/0xc40
[  948.137721][T23660]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  948.143541][T23660]  ? cgroup_file_notify+0x140/0x1b0
[  948.143563][T23660]  memory_max_write+0x262/0x3a0
[  948.143582][T23660]  ? mem_cgroup_write+0x370/0x370
[  948.143602][T23660]  ? lock_acquire+0x190/0x410
[  948.163322][T23660]  ? kernfs_fop_write+0x227/0x480
[  948.168350][T23660]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  948.168372][T23660]  cgroup_file_write+0x241/0x790
[  948.168395][T23660]  ? mem_cgroup_write+0x370/0x370
[  948.183859][T23660]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  948.189672][T23660]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  948.189690][T23660]  kernfs_fop_write+0x2b8/0x480
[  948.189707][T23660]  __vfs_write+0x8a/0x110
[  948.200160][T23660]  ? kernfs_fop_open+0xd80/0xd80
[  948.200177][T23660]  __kernel_write+0x11b/0x3b0
[  948.200197][T23660]  write_pipe_buf+0x15d/0x1f0
[  948.214092][T23660]  ? do_splice_direct+0x2a0/0x2a0
[  948.214114][T23660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  948.229983][T23660]  ? splice_from_pipe_next.part.0+0x262/0x300
[  948.230006][T23660]  __splice_from_pipe+0x397/0x7d0
[  948.230020][T23660]  ? do_splice_direct+0x2a0/0x2a0
[  948.230042][T23660]  ? do_splice_direct+0x2a0/0x2a0
[  948.251131][T23660]  splice_from_pipe+0x108/0x170
[  948.251155][T23660]  ? splice_shrink_spd+0xd0/0xd0
[  948.260939][T23660]  ? security_file_permission+0x8f/0x380
[  948.260958][T23660]  default_file_splice_write+0x3c/0x90
[  948.260974][T23660]  ? generic_splice_sendpage+0x50/0x50
[  948.277464][T23660]  direct_splice_actor+0x123/0x190
[  948.282580][T23660]  splice_direct_to_actor+0x366/0x970
[  948.287948][T23660]  ? generic_pipe_buf_nosteal+0x10/0x10
[  948.287969][T23660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  948.287986][T23660]  ? do_splice_to+0x180/0x180
[  948.304391][T23660]  ? rw_verify_area+0x126/0x360
[  948.309258][T23660]  do_splice_direct+0x1da/0x2a0
[  948.309276][T23660]  ? splice_direct_to_actor+0x970/0x970
[  948.309290][T23660]  ? rcu_read_lock_any_held+0xcd/0xf0
[  948.309311][T23660]  ? __this_cpu_preempt_check+0x3a/0x210
[  948.330671][T23660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  948.330693][T23660]  ? __sb_start_write+0x1e5/0x460
[  948.341935][T23660]  do_sendfile+0x597/0xd00
[  948.341960][T23660]  ? do_compat_pwritev64+0x1c0/0x1c0
[  948.341973][T23660]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  948.341991][T23660]  ? put_timespec64+0xda/0x140
[  948.351660][T23660]  __x64_sys_sendfile64+0x1dd/0x220
[  948.351677][T23660]  ? __ia32_sys_sendfile+0x230/0x230
[  948.351697][T23660]  ? do_syscall_64+0x26/0x760
[  948.373116][T23660]  ? lockdep_hardirqs_on+0x421/0x5e0
[  948.373137][T23660]  ? trace_hardirqs_on+0x67/0x240
[  948.388062][T23660]  do_syscall_64+0xfa/0x760
[  948.388090][T23660]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  948.388104][T23660] RIP: 0033:0x459f49
[  948.398470][T23660] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  948.421920][T23660] RSP: 002b:00007f46ed931c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  948.421934][T23660] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  948.421942][T23660] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  948.421950][T23660] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  948.421959][T23660] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f46ed9326d4
[  948.421973][T23660] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  948.471703][T23660] memory: usage 1384kB, limit 0kB, failcnt 228
[  948.478769][T23660] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  948.492616][T23660] Memory cgroup stats for /syz5:
[  948.492738][T23660] anon 184320
[  948.492738][T23660] file 0
[  948.492738][T23660] kernel_stack 65536
[  948.492738][T23660] slab 1097728
[  948.492738][T23660] sock 0
[  948.492738][T23660] shmem 143360
[  948.492738][T23660] file_mapped 135168
[  948.492738][T23660] file_dirty 0
[  948.492738][T23660] file_writeback 0
[  948.492738][T23660] anon_thp 0
[  948.492738][T23660] inactive_anon 0
[  948.492738][T23660] active_anon 184320
[  948.492738][T23660] inactive_file 53248
[  948.492738][T23660] active_file 45056
[  948.492738][T23660] unevictable 135168
[  948.492738][T23660] slab_reclaimable 540672
[  948.492738][T23660] slab_unreclaimable 557056
[  948.492738][T23660] pgfault 55407
[  948.492738][T23660] pgmajfault 0
[  948.492738][T23660] workingset_refault 0
[  948.492738][T23660] workingset_activate 0
[  948.492738][T23660] workingset_nodereclaim 0
[  948.492738][T23660] pgrefill 11872
[  948.492738][T23660] pgscan 29619
[  948.492738][T23660] pgsteal 8856
[  948.586338][T23660] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23657,uid=0
[  948.601994][T23660] Memory cgroup out of memory: Killed process 23660 (syz-executor.5) total-vm:72984kB, anon-rss:160kB, file-rss:35868kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  948.602846][ T1070] oom_reaper: reaped process 23660 (syz-executor.5), now anon-rss:0kB, file-rss:34908kB, shmem-rss:0kB
[  948.634052][T23623] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  948.649259][T23623] CPU: 0 PID: 23623 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  948.657207][T23623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  948.667341][T23623] Call Trace:
[  948.670622][T23623]  dump_stack+0x172/0x1f0
[  948.674935][T23623]  dump_header+0x10b/0x82d
[  948.679333][T23623]  ? oom_kill_process+0x94/0x3f0
[  948.684257][T23623]  oom_kill_process.cold+0x10/0x15
[  948.689355][T23623]  out_of_memory+0x334/0x1340
[  948.694015][T23623]  ? lock_downgrade+0x920/0x920
[  948.698862][T23623]  ? oom_killer_disable+0x280/0x280
[  948.704049][T23623]  mem_cgroup_out_of_memory+0x1d8/0x240
[  948.709592][T23623]  ? memcg_stat_show+0xc40/0xc40
[  948.714524][T23623]  ? do_raw_spin_unlock+0x57/0x270
[  948.719649][T23623]  ? _raw_spin_unlock+0x2d/0x50
[  948.724498][T23623]  try_charge+0xf4b/0x1440
[  948.728909][T23623]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  948.734435][T23623]  ? percpu_ref_tryget_live+0x111/0x290
[  948.739965][T23623]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  948.746202][T23623]  ? __kasan_check_read+0x11/0x20
[  948.751213][T23623]  ? get_mem_cgroup_from_mm+0x156/0x320
[  948.756743][T23623]  mem_cgroup_try_charge+0x136/0x590
[  948.762015][T23623]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  948.767650][T23623]  wp_page_copy+0x407/0x1860
[  948.772250][T23623]  ? find_held_lock+0x35/0x130
[  948.777014][T23623]  ? do_wp_page+0x53b/0x15c0
[  948.781591][T23623]  ? pmd_devmap_trans_unstable+0x220/0x220
[  948.787379][T23623]  ? lock_downgrade+0x920/0x920
[  948.792216][T23623]  ? swp_swapcount+0x540/0x540
[  948.796962][T23623]  ? __kasan_check_read+0x11/0x20
[  948.801965][T23623]  ? do_raw_spin_unlock+0x57/0x270
[  948.807076][T23623]  do_wp_page+0x543/0x15c0
[  948.811476][T23623]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  948.816855][T23623]  __handle_mm_fault+0x23ec/0x4040
[  948.821953][T23623]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  948.827485][T23623]  ? handle_mm_fault+0x292/0xaa0
[  948.832415][T23623]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  948.838639][T23623]  ? __kasan_check_read+0x11/0x20
[  948.843647][T23623]  handle_mm_fault+0x3b7/0xaa0
[  948.848398][T23623]  __do_page_fault+0x536/0xdd0
[  948.853149][T23623]  do_page_fault+0x38/0x590
[  948.857635][T23623]  page_fault+0x39/0x40
[  948.861787][T23623] RIP: 0033:0x431026
[  948.865683][T23623] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  948.886574][T23623] RSP: 002b:00007ffdcff94870 EFLAGS: 00010206
[  948.892647][T23623] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  948.900601][T23623] RDX: 000000000148f930 RSI: 0000000001497970 RDI: 0000000000000003
[  948.908553][T23623] RBP: 0000000000008041 R08: 0000000000000001 R09: 000000000148e940
[  948.920154][T23623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  948.928109][T23623] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  948.944581][T23669] IPVS: ftp: loaded support on port[0] = 21
10:32:41 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:41 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:41 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x81000000}, 0x0)

10:32:41 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  948.998440][T23623] memory: usage 580kB, limit 0kB, failcnt 549
[  949.004553][T23623] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  949.033060][T23623] Memory cgroup stats for /syz3:
[  949.033170][T23623] anon 73728
[  949.033170][T23623] file 118784
[  949.033170][T23623] kernel_stack 0
[  949.033170][T23623] slab 692224
[  949.033170][T23623] sock 81920
[  949.033170][T23623] shmem 24576
[  949.033170][T23623] file_mapped 0
[  949.033170][T23623] file_dirty 135168
[  949.033170][T23623] file_writeback 0
[  949.033170][T23623] anon_thp 0
[  949.033170][T23623] inactive_anon 0
[  949.033170][T23623] active_anon 73728
[  949.033170][T23623] inactive_file 98304
[  949.033170][T23623] active_file 0
[  949.033170][T23623] unevictable 135168
[  949.033170][T23623] slab_reclaimable 270336
[  949.033170][T23623] slab_unreclaimable 421888
[  949.033170][T23623] pgfault 59499
[  949.033170][T23623] pgmajfault 0
[  949.033170][T23623] workingset_refault 0
[  949.033170][T23623] workingset_activate 0
[  949.033170][T23623] workingset_nodereclaim 0
[  949.033170][T23623] pgrefill 8688
[  949.033170][T23623] pgscan 40193
[  949.033170][T23623] pgsteal 9652
[  949.033170][T23623] pgactivate 11286
[  949.131790][T23623] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23623,uid=0
[  949.148060][T23623] Memory cgroup out of memory: Killed process 23623 (syz-executor.3) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  949.174001][T23605] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  949.211881][T23605] CPU: 0 PID: 23605 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  949.219823][T23605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  949.229890][T23605] Call Trace:
[  949.233201][T23605]  dump_stack+0x172/0x1f0
[  949.237560][T23605]  dump_header+0x10b/0x82d
[  949.241999][T23605]  ? oom_kill_process+0x94/0x3f0
[  949.246954][T23605]  oom_kill_process.cold+0x10/0x15
[  949.252087][T23605]  out_of_memory+0x334/0x1340
[  949.256778][T23605]  ? lock_downgrade+0x920/0x920
[  949.261647][T23605]  ? oom_killer_disable+0x280/0x280
[  949.266868][T23605]  mem_cgroup_out_of_memory+0x1d8/0x240
[  949.272426][T23605]  ? memcg_stat_show+0xc40/0xc40
[  949.277408][T23605]  ? do_raw_spin_unlock+0x57/0x270
[  949.282553][T23605]  ? _raw_spin_unlock+0x2d/0x50
[  949.287773][T23605]  try_charge+0xf4b/0x1440
[  949.292213][T23605]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  949.297774][T23605]  ? percpu_ref_tryget_live+0x111/0x290
[  949.303336][T23605]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  949.309600][T23605]  ? __kasan_check_read+0x11/0x20
[  949.314641][T23605]  ? get_mem_cgroup_from_mm+0x156/0x320
[  949.320200][T23605]  mem_cgroup_try_charge+0x136/0x590
[  949.325495][T23605]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  949.331140][T23605]  __handle_mm_fault+0x1f0d/0x4040
[  949.336264][T23605]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  949.341815][T23605]  ? handle_mm_fault+0x292/0xaa0
[  949.346772][T23605]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  949.353031][T23605]  ? __kasan_check_read+0x11/0x20
[  949.358063][T23605]  handle_mm_fault+0x3b7/0xaa0
[  949.362836][T23605]  __do_page_fault+0x536/0xdd0
[  949.367640][T23605]  do_page_fault+0x38/0x590
[  949.372152][T23605]  page_fault+0x39/0x40
[  949.376345][T23605] RIP: 0033:0x403a42
[  949.380249][T23605] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 <e8> 29 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 49 44 05 00 48
[  949.399868][T23605] RSP: 002b:00007ffdf2a39e60 EFLAGS: 00010246
[  949.405943][T23605] RAX: 0000000000000000 RBX: 00000000000e77a2 RCX: 0000000000413a00
[  949.414014][T23605] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffdf2a3af90
[  949.422001][T23605] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000001ad4940
[  949.429985][T23605] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdf2a3af90
[  949.437970][T23605] R13: 00007ffdf2a3af80 R14: 0000000000000000 R15: 00007ffdf2a3af90
10:32:41 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x86ddffff}, 0x0)

[  949.647708][T23605] memory: usage 1104kB, limit 0kB, failcnt 236
[  949.653953][T23605] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  949.661624][T23605] Memory cgroup stats for /syz5:
[  949.661729][T23605] anon 184320
[  949.661729][T23605] file 0
[  949.661729][T23605] kernel_stack 0
[  949.661729][T23605] slab 1097728
[  949.661729][T23605] sock 0
[  949.661729][T23605] shmem 143360
[  949.661729][T23605] file_mapped 135168
[  949.661729][T23605] file_dirty 0
[  949.661729][T23605] file_writeback 0
[  949.661729][T23605] anon_thp 0
[  949.661729][T23605] inactive_anon 0
[  949.661729][T23605] active_anon 184320
[  949.661729][T23605] inactive_file 53248
[  949.661729][T23605] active_file 45056
[  949.661729][T23605] unevictable 135168
[  949.661729][T23605] slab_reclaimable 540672
[  949.661729][T23605] slab_unreclaimable 557056
[  949.661729][T23605] pgfault 55407
[  949.661729][T23605] pgmajfault 0
[  949.661729][T23605] workingset_refault 0
[  949.661729][T23605] workingset_activate 0
[  949.661729][T23605] workingset_nodereclaim 0
[  949.661729][T23605] pgrefill 11872
[  949.661729][T23605] pgscan 29619
[  949.661729][T23605] pgsteal 8856
[  949.661729][T23605] pgactivate 14619
[  949.769050][T23605] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23605,uid=0
[  949.785052][T23605] Memory cgroup out of memory: Killed process 23605 (syz-executor.5) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  949.803319][ T1070] oom_reaper: reaped process 23605 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  949.814856][T23681] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  949.827913][T23681] CPU: 1 PID: 23681 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  949.835998][T23681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  949.846081][T23681] Call Trace:
[  949.849381][T23681]  dump_stack+0x172/0x1f0
[  949.853715][T23681]  dump_header+0x10b/0x82d
[  949.858134][T23681]  oom_kill_process.cold+0x10/0x15
[  949.863249][T23681]  out_of_memory+0x334/0x1340
[  949.867926][T23681]  ? cgroup_file_notify+0x140/0x1b0
[  949.873132][T23681]  ? oom_killer_disable+0x280/0x280
[  949.878345][T23681]  mem_cgroup_out_of_memory+0x1d8/0x240
[  949.883891][T23681]  ? memcg_stat_show+0xc40/0xc40
[  949.888844][T23681]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  949.894665][T23681]  ? cgroup_file_notify+0x140/0x1b0
[  949.899871][T23681]  memory_max_write+0x262/0x3a0
[  949.904750][T23681]  ? mem_cgroup_write+0x370/0x370
[  949.909794][T23681]  ? lock_acquire+0x190/0x410
[  949.914478][T23681]  ? kernfs_fop_write+0x227/0x480
[  949.919505][T23681]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  949.925055][T23681]  cgroup_file_write+0x241/0x790
[  949.930000][T23681]  ? mem_cgroup_write+0x370/0x370
[  949.935026][T23681]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  949.940670][T23681]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  949.946607][T23681]  kernfs_fop_write+0x2b8/0x480
[  949.951462][T23681]  __vfs_write+0x8a/0x110
[  949.955790][T23681]  ? kernfs_fop_open+0xd80/0xd80
[  949.960729][T23681]  __kernel_write+0x11b/0x3b0
[  949.965413][T23681]  write_pipe_buf+0x15d/0x1f0
[  949.970111][T23681]  ? do_splice_direct+0x2a0/0x2a0
[  949.975143][T23681]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  949.981390][T23681]  ? splice_from_pipe_next.part.0+0x262/0x300
[  949.987482][T23681]  __splice_from_pipe+0x397/0x7d0
[  949.992510][T23681]  ? do_splice_direct+0x2a0/0x2a0
[  949.997562][T23681]  ? do_splice_direct+0x2a0/0x2a0
[  950.002589][T23681]  splice_from_pipe+0x108/0x170
[  950.007446][T23681]  ? splice_shrink_spd+0xd0/0xd0
[  950.012396][T23681]  ? security_file_permission+0x8f/0x380
[  950.018040][T23681]  default_file_splice_write+0x3c/0x90
[  950.023498][T23681]  ? generic_splice_sendpage+0x50/0x50
[  950.028970][T23681]  direct_splice_actor+0x123/0x190
[  950.034087][T23681]  splice_direct_to_actor+0x366/0x970
[  950.039450][T23681]  ? generic_pipe_buf_nosteal+0x10/0x10
[  950.044985][T23681]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  950.051208][T23681]  ? do_splice_to+0x180/0x180
[  950.055883][T23681]  ? rw_verify_area+0x126/0x360
[  950.060730][T23681]  do_splice_direct+0x1da/0x2a0
[  950.065576][T23681]  ? splice_direct_to_actor+0x970/0x970
[  950.071123][T23681]  ? rcu_read_lock_any_held+0xcd/0xf0
[  950.076489][T23681]  ? __this_cpu_preempt_check+0x3a/0x210
[  950.082547][T23681]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  950.088785][T23681]  ? __sb_start_write+0x1e5/0x460
[  950.093810][T23681]  do_sendfile+0x597/0xd00
[  950.098232][T23681]  ? do_compat_pwritev64+0x1c0/0x1c0
[  950.103513][T23681]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  950.109793][T23681]  ? put_timespec64+0xda/0x140
[  950.114555][T23681]  __x64_sys_sendfile64+0x1dd/0x220
[  950.119739][T23681]  ? __ia32_sys_sendfile+0x230/0x230
[  950.125025][T23681]  ? do_syscall_64+0x26/0x760
[  950.129687][T23681]  ? lockdep_hardirqs_on+0x421/0x5e0
[  950.134970][T23681]  ? trace_hardirqs_on+0x67/0x240
[  950.139979][T23681]  do_syscall_64+0xfa/0x760
[  950.144548][T23681]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  950.150630][T23681] RIP: 0033:0x459f49
[  950.154561][T23681] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  950.174270][T23681] RSP: 002b:00007f6c70811c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  950.182672][T23681] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  950.190638][T23681] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  950.198603][T23681] RBP: 000000000075c268 R08: 0000000000000000 R09: 0000000000000000
[  950.206594][T23681] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f6c708126d4
[  950.214614][T23681] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
10:32:42 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f0000000180))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  950.249710][T23681] memory: usage 6364kB, limit 0kB, failcnt 240
[  950.262926][T23681] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  950.312281][T23681] Memory cgroup stats for /syz4:
[  950.312393][T23681] anon 4292608
[  950.312393][T23681] file 16384
[  950.312393][T23681] kernel_stack 131072
[  950.312393][T23681] slab 1503232
[  950.312393][T23681] sock 0
[  950.312393][T23681] shmem 0
[  950.312393][T23681] file_mapped 135168
[  950.312393][T23681] file_dirty 135168
[  950.312393][T23681] file_writeback 0
[  950.312393][T23681] anon_thp 4194304
[  950.312393][T23681] inactive_anon 135168
[  950.312393][T23681] active_anon 4292608
[  950.312393][T23681] inactive_file 102400
10:32:42 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x88470000}, 0x0)

[  950.312393][T23681] active_file 258048
[  950.312393][T23681] unevictable 0
[  950.312393][T23681] slab_reclaimable 1081344
[  950.312393][T23681] slab_unreclaimable 421888
[  950.312393][T23681] pgfault 49467
[  950.312393][T23681] pgmajfault 0
[  950.312393][T23681] workingset_refault 0
[  950.312393][T23681] workingset_activate 0
[  950.312393][T23681] workingset_nodereclaim 0
[  950.312393][T23681] pgrefill 13946
[  950.312393][T23681] pgscan 36577
[  950.312393][T23681] pgsteal 10501
10:32:42 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f0000000180))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  950.600713][T23681] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23670,uid=0
[  950.642460][T23681] Memory cgroup out of memory: Killed process 23681 (syz-executor.4) total-vm:73244kB, anon-rss:4280kB, file-rss:35904kB, shmem-rss:0kB, UID:0 pgtables:155648kB oom_score_adj:1000
[  950.694151][ T1070] oom_reaper: reaped process 23681 (syz-executor.4), now anon-rss:0kB, file-rss:34944kB, shmem-rss:0kB
[  950.762136][T23601] syz-executor.4 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=0
[  950.833736][T23601] CPU: 1 PID: 23601 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  950.841667][T23601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  950.851705][T23601] Call Trace:
[  950.854983][T23601]  dump_stack+0x172/0x1f0
[  950.859297][T23601]  dump_header+0x10b/0x82d
[  950.863708][T23601]  ? oom_kill_process+0x94/0x3f0
[  950.868641][T23601]  oom_kill_process.cold+0x10/0x15
[  950.873742][T23601]  out_of_memory+0x334/0x1340
[  950.878415][T23601]  ? lock_downgrade+0x920/0x920
[  950.883256][T23601]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  950.889053][T23601]  ? oom_killer_disable+0x280/0x280
[  950.894242][T23601]  mem_cgroup_out_of_memory+0x1d8/0x240
[  950.899775][T23601]  ? memcg_stat_show+0xc40/0xc40
[  950.904713][T23601]  ? do_raw_spin_unlock+0x57/0x270
[  950.909822][T23601]  ? _raw_spin_unlock+0x2d/0x50
[  950.914660][T23601]  try_charge+0xf4b/0x1440
[  950.919079][T23601]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  950.924609][T23601]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  950.930138][T23601]  ? cache_grow_begin+0x122/0xd20
[  950.935143][T23601]  ? find_held_lock+0x35/0x130
[  950.939887][T23601]  ? cache_grow_begin+0x122/0xd20
[  950.944896][T23601]  __memcg_kmem_charge_memcg+0x7c/0x130
[  950.950421][T23601]  ? lock_downgrade+0x920/0x920
[  950.955253][T23601]  ? memcg_kmem_put_cache+0x50/0x50
[  950.960430][T23601]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  950.966649][T23601]  ? __kasan_check_read+0x11/0x20
[  950.971652][T23601]  cache_grow_begin+0x629/0xd20
[  950.976482][T23601]  ? write_comp_data+0x11/0x70
[  950.981226][T23601]  ? mempolicy_slab_node+0x139/0x390
[  950.986491][T23601]  fallback_alloc+0x1fd/0x2d0
[  950.991161][T23601]  ____cache_alloc_node+0x1bc/0x1d0
[  950.996340][T23601]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  951.002564][T23601]  kmem_cache_alloc+0x1ef/0x710
[  951.007397][T23601]  ? stack_trace_save+0xac/0xe0
[  951.012228][T23601]  __alloc_file+0x27/0x340
[  951.016625][T23601]  alloc_empty_file+0x72/0x170
[  951.021370][T23601]  path_openat+0xef/0x46d0
[  951.025764][T23601]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  951.031548][T23601]  ? kasan_slab_alloc+0xf/0x20
[  951.036291][T23601]  ? kmem_cache_alloc+0x121/0x710
[  951.041311][T23601]  ? getname_flags+0xd6/0x5b0
[  951.045966][T23601]  ? getname+0x1a/0x20
[  951.050016][T23601]  ? do_sys_open+0x2c9/0x5d0
[  951.054595][T23601]  ? __x64_sys_open+0x7e/0xc0
[  951.059266][T23601]  ? __kasan_check_read+0x11/0x20
[  951.064272][T23601]  ? mark_lock+0xc2/0x1220
[  951.068685][T23601]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  951.074225][T23601]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  951.079584][T23601]  ? __alloc_fd+0x487/0x620
[  951.084073][T23601]  do_filp_open+0x1a1/0x280
[  951.088557][T23601]  ? may_open_dev+0x100/0x100
[  951.093238][T23601]  ? lock_downgrade+0x920/0x920
[  951.098094][T23601]  ? rwlock_bug.part.0+0x90/0x90
[  951.103024][T23601]  ? __kasan_check_read+0x11/0x20
[  951.108027][T23601]  ? do_raw_spin_unlock+0x57/0x270
[  951.113120][T23601]  ? _raw_spin_unlock+0x2d/0x50
[  951.117951][T23601]  ? __alloc_fd+0x487/0x620
[  951.122440][T23601]  do_sys_open+0x3fe/0x5d0
[  951.126837][T23601]  ? filp_open+0x80/0x80
[  951.131059][T23601]  ? __detach_mounts+0x2a0/0x2a0
[  951.135997][T23601]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  951.141443][T23601]  ? do_syscall_64+0x26/0x760
[  951.146102][T23601]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  951.152147][T23601]  ? do_syscall_64+0x26/0x760
[  951.156806][T23601]  __x64_sys_open+0x7e/0xc0
[  951.161301][T23601]  do_syscall_64+0xfa/0x760
[  951.165795][T23601]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  951.171666][T23601] RIP: 0033:0x457ec0
[  951.175541][T23601] Code: 31 c0 e9 45 ff ff ff 0f 1f 00 80 3f 00 0f 84 f7 00 00 00 55 53 b9 02 00 00 00 be 00 08 09 00 89 c8 48 81 ec 98 00 00 00 0f 05 <48> 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00
[  951.195137][T23601] RSP: 002b:00007ffd97869f90 EFLAGS: 00000206 ORIG_RAX: 0000000000000002
[  951.203532][T23601] RAX: ffffffffffffffda RBX: 00000000000e8010 RCX: 0000000000457ec0
[  951.211494][T23601] RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007ffd9786b170
[  951.219447][T23601] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000001199940
[  951.227400][T23601] R10: 0000000000000000 R11: 0000000000000206 R12: 00007ffd9786b170
[  951.235365][T23601] R13: 00007ffd9786b160 R14: 0000000000000000 R15: 00007ffd9786b170
[  951.244553][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  951.250396][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  951.256339][T23601] memory: usage 1752kB, limit 0kB, failcnt 255
[  951.263569][T23601] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  951.274952][T23601] Memory cgroup stats for /syz4:
[  951.275064][T23601] anon 49152
[  951.275064][T23601] file 16384
[  951.275064][T23601] kernel_stack 0
[  951.275064][T23601] slab 1503232
[  951.275064][T23601] sock 0
[  951.275064][T23601] shmem 0
[  951.275064][T23601] file_mapped 135168
[  951.275064][T23601] file_dirty 135168
[  951.275064][T23601] file_writeback 0
[  951.275064][T23601] anon_thp 0
[  951.275064][T23601] inactive_anon 135168
[  951.275064][T23601] active_anon 49152
[  951.275064][T23601] inactive_file 102400
[  951.275064][T23601] active_file 258048
[  951.275064][T23601] unevictable 0
[  951.275064][T23601] slab_reclaimable 1081344
[  951.275064][T23601] slab_unreclaimable 421888
[  951.275064][T23601] pgfault 49467
[  951.275064][T23601] pgmajfault 0
[  951.275064][T23601] workingset_refault 0
[  951.275064][T23601] workingset_activate 0
[  951.275064][T23601] workingset_nodereclaim 0
[  951.275064][T23601] pgrefill 13946
[  951.275064][T23601] pgscan 36577
[  951.275064][T23601] pgsteal 10501
[  951.377939][T23601] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23601,uid=0
[  951.394123][T23601] Memory cgroup out of memory: Killed process 23601 (syz-executor.4) total-vm:72452kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  951.413555][ T1070] oom_reaper: reaped process 23601 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  951.908482][T23669] chnl_net:caif_netlink_parms(): no params data found
[  951.923481][T23668] chnl_net:caif_netlink_parms(): no params data found
[  951.977163][T23697] IPVS: ftp: loaded support on port[0] = 21
[  952.053281][T23668] bridge0: port 1(bridge_slave_0) entered blocking state
[  952.077657][T23668] bridge0: port 1(bridge_slave_0) entered disabled state
[  952.088537][T23668] device bridge_slave_0 entered promiscuous mode
[  952.097235][T23669] bridge0: port 1(bridge_slave_0) entered blocking state
[  952.113190][T23669] bridge0: port 1(bridge_slave_0) entered disabled state
[  952.123530][T23669] device bridge_slave_0 entered promiscuous mode
[  952.156993][T23668] bridge0: port 2(bridge_slave_1) entered blocking state
[  952.164519][T23668] bridge0: port 2(bridge_slave_1) entered disabled state
[  952.181021][T23668] device bridge_slave_1 entered promiscuous mode
[  952.192325][T23669] bridge0: port 2(bridge_slave_1) entered blocking state
[  952.204432][T23669] bridge0: port 2(bridge_slave_1) entered disabled state
[  952.214469][T23669] device bridge_slave_1 entered promiscuous mode
[  952.241774][T23668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  952.256932][T23668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  952.291312][T23668] team0: Port device team_slave_0 added
[  952.308610][T23669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  952.319952][T23669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  952.344164][T23668] team0: Port device team_slave_1 added
[  952.404040][T23669] team0: Port device team_slave_0 added
[  952.421540][T23669] team0: Port device team_slave_1 added
[  952.427351][T23697] chnl_net:caif_netlink_parms(): no params data found
[  952.482909][T23668] device hsr_slave_0 entered promiscuous mode
[  952.538086][T23668] device hsr_slave_1 entered promiscuous mode
[  952.577696][T23668] debugfs: Directory 'hsr0' with parent '/' already present!
[  952.674495][T23669] device hsr_slave_0 entered promiscuous mode
[  952.728043][T23669] device hsr_slave_1 entered promiscuous mode
[  952.777710][T23669] debugfs: Directory 'hsr0' with parent '/' already present!
[  952.804324][T23697] bridge0: port 1(bridge_slave_0) entered blocking state
[  952.811709][T23697] bridge0: port 1(bridge_slave_0) entered disabled state
[  952.819964][T23697] device bridge_slave_0 entered promiscuous mode
[  952.827878][T23697] bridge0: port 2(bridge_slave_1) entered blocking state
[  952.834943][T23697] bridge0: port 2(bridge_slave_1) entered disabled state
[  952.843453][T23697] device bridge_slave_1 entered promiscuous mode
[  952.870432][T23697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  952.884170][T23697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  952.936635][T23668] 8021q: adding VLAN 0 to HW filter on device bond0
[  952.956773][T23697] team0: Port device team_slave_0 added
[  952.964238][T23697] team0: Port device team_slave_1 added
[  952.974282][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  952.983120][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  953.000895][T23668] 8021q: adding VLAN 0 to HW filter on device team0
[  953.030244][T23700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  953.039244][T23700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  953.048369][T23700] bridge0: port 1(bridge_slave_0) entered blocking state
[  953.055488][T23700] bridge0: port 1(bridge_slave_0) entered forwarding state
[  953.841894][T23697] device hsr_slave_0 entered promiscuous mode
[  953.898096][T23697] device hsr_slave_1 entered promiscuous mode
[  953.937784][T23697] debugfs: Directory 'hsr0' with parent '/' already present!
[  953.951374][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  953.959835][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  953.968820][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  953.977095][T20283] bridge0: port 2(bridge_slave_1) entered blocking state
[  953.984188][T20283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  954.367083][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  954.376278][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  954.386249][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  954.395632][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  954.415918][T23668] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  954.426786][T23668] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  954.808103][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  954.817150][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  954.826035][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  954.835498][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  954.844164][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  954.852878][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  954.861374][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  954.869956][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  954.891828][T23669] 8021q: adding VLAN 0 to HW filter on device bond0
[  955.264526][T23668] 8021q: adding VLAN 0 to HW filter on device batadv0
[  955.285498][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  955.293970][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  955.314545][T23669] 8021q: adding VLAN 0 to HW filter on device team0
[  955.337013][T23700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  955.345794][T23700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  955.355391][T23700] bridge0: port 1(bridge_slave_0) entered blocking state
[  955.362526][T23700] bridge0: port 1(bridge_slave_0) entered forwarding state
[  955.751321][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  955.762440][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  955.771733][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  955.803537][T20283] bridge0: port 2(bridge_slave_1) entered blocking state
[  955.810680][T20283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  955.825153][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  955.845566][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  955.854513][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  955.863096][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  955.874428][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  955.883579][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  955.893459][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  955.902031][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  955.911752][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  955.926389][T23669] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  955.938946][T23669] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  955.949127][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  955.959932][T23711] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  955.967043][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  955.970602][T23711] CPU: 0 PID: 23711 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  955.985835][T23711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  955.991141][T23697] 8021q: adding VLAN 0 to HW filter on device bond0
[  955.995890][T23711] Call Trace:
[  956.005746][T23711]  dump_stack+0x172/0x1f0
[  956.010092][T23711]  dump_header+0x10b/0x82d
[  956.012239][T23697] 8021q: adding VLAN 0 to HW filter on device team0
[  956.014515][T23711]  oom_kill_process.cold+0x10/0x15
[  956.026182][T23711]  out_of_memory+0x334/0x1340
[  956.030875][T23711]  ? __sched_text_start+0x8/0x8
[  956.035773][T23711]  ? oom_killer_disable+0x280/0x280
[  956.040994][T23711]  mem_cgroup_out_of_memory+0x1d8/0x240
[  956.046551][T23711]  ? memcg_stat_show+0xc40/0xc40
[  956.047902][T23697] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  956.051530][T23711]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  956.061875][T23697] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  956.067710][T23711]  ? cgroup_file_notify+0x140/0x1b0
[  956.067735][T23711]  memory_max_write+0x262/0x3a0
[  956.088054][T23711]  ? mem_cgroup_write+0x370/0x370
[  956.092814][T23697] 8021q: adding VLAN 0 to HW filter on device batadv0
[  956.093086][T23711]  ? lock_acquire+0x190/0x410
[  956.104485][T23711]  ? kernfs_fop_write+0x227/0x480
[  956.109521][T23711]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  956.115091][T23711]  cgroup_file_write+0x241/0x790
[  956.120058][T23711]  ? mem_cgroup_write+0x370/0x370
[  956.125100][T23711]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  956.130761][T23711]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  956.136420][T23711]  kernfs_fop_write+0x2b8/0x480
[  956.141288][T23711]  __vfs_write+0x8a/0x110
[  956.145619][T23711]  ? kernfs_fop_open+0xd80/0xd80
[  956.150555][T23711]  __kernel_write+0x11b/0x3b0
[  956.155236][T23711]  write_pipe_buf+0x15d/0x1f0
[  956.159926][T23711]  ? do_splice_direct+0x2a0/0x2a0
[  956.164952][T23711]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.171175][T23711]  ? splice_from_pipe_next.part.0+0x262/0x300
[  956.177241][T23711]  __splice_from_pipe+0x397/0x7d0
[  956.182250][T23711]  ? do_splice_direct+0x2a0/0x2a0
[  956.187254][T23711]  ? do_splice_direct+0x2a0/0x2a0
[  956.192265][T23711]  splice_from_pipe+0x108/0x170
[  956.197094][T23711]  ? splice_shrink_spd+0xd0/0xd0
[  956.202034][T23711]  ? security_file_permission+0x8f/0x380
[  956.207643][T23711]  default_file_splice_write+0x3c/0x90
[  956.213080][T23711]  ? generic_splice_sendpage+0x50/0x50
[  956.218526][T23711]  direct_splice_actor+0x123/0x190
[  956.223616][T23711]  splice_direct_to_actor+0x366/0x970
[  956.228968][T23711]  ? generic_pipe_buf_nosteal+0x10/0x10
[  956.234495][T23711]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.240730][T23711]  ? do_splice_to+0x180/0x180
[  956.245385][T23711]  ? rw_verify_area+0x126/0x360
[  956.250223][T23711]  do_splice_direct+0x1da/0x2a0
[  956.255053][T23711]  ? splice_direct_to_actor+0x970/0x970
[  956.260575][T23711]  ? rcu_read_lock_any_held+0xcd/0xf0
[  956.265938][T23711]  ? __this_cpu_preempt_check+0x3a/0x210
[  956.271549][T23711]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.277783][T23711]  ? __sb_start_write+0x1e5/0x460
[  956.282820][T23711]  do_sendfile+0x597/0xd00
[  956.287228][T23711]  ? do_compat_pwritev64+0x1c0/0x1c0
[  956.292493][T23711]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  956.298712][T23711]  ? put_timespec64+0xda/0x140
[  956.303455][T23711]  __x64_sys_sendfile64+0x1dd/0x220
[  956.308633][T23711]  ? __ia32_sys_sendfile+0x230/0x230
[  956.313896][T23711]  ? do_syscall_64+0x26/0x760
[  956.318563][T23711]  ? lockdep_hardirqs_on+0x421/0x5e0
[  956.323842][T23711]  ? trace_hardirqs_on+0x67/0x240
[  956.328968][T23711]  do_syscall_64+0xfa/0x760
[  956.333760][T23711]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  956.339635][T23711] RIP: 0033:0x459f49
[  956.343546][T23711] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  956.363128][T23711] RSP: 002b:00007f0f10ac4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  956.371517][T23711] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  956.379474][T23711] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  956.387422][T23711] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[  956.395379][T23711] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f0f10ac56d4
[  956.403335][T23711] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  956.419564][T23711] memory: usage 1768kB, limit 0kB, failcnt 269
[  956.436266][T23711] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  956.445797][T23711] Memory cgroup stats for /syz2:
[  956.445914][T23711] anon 122880
[  956.445914][T23711] file 167936
[  956.445914][T23711] kernel_stack 131072
[  956.445914][T23711] slab 1327104
[  956.445914][T23711] sock 4096
[  956.445914][T23711] shmem 20480
[  956.445914][T23711] file_mapped 135168
[  956.445914][T23711] file_dirty 135168
[  956.445914][T23711] file_writeback 0
[  956.445914][T23711] anon_thp 0
[  956.445914][T23711] inactive_anon 90112
[  956.445914][T23711] active_anon 122880
[  956.445914][T23711] inactive_file 110592
[  956.445914][T23711] active_file 110592
[  956.445914][T23711] unevictable 0
[  956.445914][T23711] slab_reclaimable 946176
[  956.445914][T23711] slab_unreclaimable 380928
[  956.445914][T23711] pgfault 66165
[  956.445914][T23711] pgmajfault 0
[  956.445914][T23711] workingset_refault 0
[  956.445914][T23711] workingset_activate 0
[  956.445914][T23711] workingset_nodereclaim 0
[  956.445914][T23711] pgrefill 20228
[  956.445914][T23711] pgscan 28208
[  956.445914][T23711] pgsteal 3058
[  956.584834][T23711] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23705,uid=0
[  956.601295][T23711] Memory cgroup out of memory: Killed process 23705 (syz-executor.2) total-vm:72852kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[  956.629932][ T1070] oom_reaper: reaped process 23705 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
[  956.659081][T23719] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  956.669402][T23719] CPU: 0 PID: 23719 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  956.677300][T23719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  956.687365][T23719] Call Trace:
[  956.690674][T23719]  dump_stack+0x172/0x1f0
[  956.695033][T23719]  dump_header+0x10b/0x82d
[  956.699474][T23719]  oom_kill_process.cold+0x10/0x15
[  956.704614][T23719]  out_of_memory+0x334/0x1340
[  956.709308][T23719]  ? __sched_text_start+0x8/0x8
[  956.714178][T23719]  ? oom_killer_disable+0x280/0x280
[  956.719399][T23719]  mem_cgroup_out_of_memory+0x1d8/0x240
[  956.724961][T23719]  ? memcg_stat_show+0xc40/0xc40
[  956.729917][T23719]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  956.735736][T23719]  ? cgroup_file_notify+0x140/0x1b0
[  956.740957][T23719]  memory_max_write+0x262/0x3a0
[  956.745838][T23719]  ? mem_cgroup_write+0x370/0x370
[  956.750873][T23719]  ? lock_acquire+0x190/0x410
[  956.755569][T23719]  ? kernfs_fop_write+0x227/0x480
[  956.760616][T23719]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  956.766184][T23719]  cgroup_file_write+0x241/0x790
[  956.771139][T23719]  ? mem_cgroup_write+0x370/0x370
[  956.776183][T23719]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  956.781842][T23719]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  956.787492][T23719]  kernfs_fop_write+0x2b8/0x480
[  956.792361][T23719]  __vfs_write+0x8a/0x110
[  956.796705][T23719]  ? kernfs_fop_open+0xd80/0xd80
[  956.801655][T23719]  __kernel_write+0x11b/0x3b0
[  956.806353][T23719]  write_pipe_buf+0x15d/0x1f0
[  956.811043][T23719]  ? do_splice_direct+0x2a0/0x2a0
[  956.816081][T23719]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.822334][T23719]  ? splice_from_pipe_next.part.0+0x262/0x300
[  956.828420][T23719]  __splice_from_pipe+0x397/0x7d0
[  956.833464][T23719]  ? do_splice_direct+0x2a0/0x2a0
[  956.838514][T23719]  ? do_splice_direct+0x2a0/0x2a0
[  956.843554][T23719]  splice_from_pipe+0x108/0x170
[  956.848421][T23719]  ? splice_shrink_spd+0xd0/0xd0
[  956.853395][T23719]  ? security_file_permission+0x8f/0x380
[  956.859042][T23719]  default_file_splice_write+0x3c/0x90
[  956.864510][T23719]  ? generic_splice_sendpage+0x50/0x50
[  956.869986][T23719]  direct_splice_actor+0x123/0x190
[  956.875127][T23719]  splice_direct_to_actor+0x366/0x970
[  956.880519][T23719]  ? generic_pipe_buf_nosteal+0x10/0x10
[  956.886086][T23719]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.892344][T23719]  ? do_splice_to+0x180/0x180
[  956.897039][T23719]  ? rw_verify_area+0x126/0x360
[  956.901919][T23719]  do_splice_direct+0x1da/0x2a0
[  956.906799][T23719]  ? splice_direct_to_actor+0x970/0x970
[  956.912363][T23719]  ? rcu_read_lock_any_held+0xcd/0xf0
[  956.917757][T23719]  ? __this_cpu_preempt_check+0x3a/0x210
[  956.923416][T23719]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.929662][T23719]  ? __sb_start_write+0x1e5/0x460
[  956.934714][T23719]  do_sendfile+0x597/0xd00
[  956.939155][T23719]  ? do_compat_pwritev64+0x1c0/0x1c0
[  956.944453][T23719]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  956.950711][T23719]  ? put_timespec64+0xda/0x140
[  956.955501][T23719]  __x64_sys_sendfile64+0x1dd/0x220
[  956.960714][T23719]  ? __ia32_sys_sendfile+0x230/0x230
[  956.966010][T23719]  ? do_syscall_64+0x26/0x760
[  956.970702][T23719]  ? lockdep_hardirqs_on+0x421/0x5e0
[  956.975997][T23719]  ? trace_hardirqs_on+0x67/0x240
[  956.981041][T23719]  do_syscall_64+0xfa/0x760
[  956.985565][T23719]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  956.991467][T23719] RIP: 0033:0x459f49
[  956.995371][T23719] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  957.014981][T23719] RSP: 002b:00007f13e936ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  957.023423][T23719] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
10:32:49 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:49 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  957.031413][T23719] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  957.039393][T23719] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  957.047394][T23719] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f13e936f6d4
[  957.055402][T23719] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  957.068660][T23719] memory: usage 5068kB, limit 0kB, failcnt 550
[  957.074880][T23719] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  957.082253][T23719] Memory cgroup stats for /syz3:
[  957.082360][T23719] anon 4354048
[  957.082360][T23719] file 118784
[  957.082360][T23719] kernel_stack 65536
[  957.082360][T23719] slab 692224
[  957.082360][T23719] sock 81920
[  957.082360][T23719] shmem 24576
[  957.082360][T23719] file_mapped 0
[  957.082360][T23719] file_dirty 135168
[  957.082360][T23719] file_writeback 0
[  957.082360][T23719] anon_thp 4194304
[  957.082360][T23719] inactive_anon 0
[  957.082360][T23719] active_anon 4354048
[  957.082360][T23719] inactive_file 98304
[  957.082360][T23719] active_file 0
[  957.082360][T23719] unevictable 135168
[  957.082360][T23719] slab_reclaimable 270336
[  957.082360][T23719] slab_unreclaimable 421888
[  957.082360][T23719] pgfault 59565
[  957.082360][T23719] pgmajfault 0
[  957.082360][T23719] workingset_refault 0
[  957.082360][T23719] workingset_activate 0
[  957.082360][T23719] workingset_nodereclaim 0
[  957.082360][T23719] pgrefill 8688
[  957.082360][T23719] pgscan 40193
[  957.082360][T23719] pgsteal 9652
[  957.177055][T23719] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23717,uid=0
[  957.203206][T23719] Memory cgroup out of memory: Killed process 23717 (syz-executor.3) total-vm:72720kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[  957.230794][T23668] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  957.232894][ T1070] oom_reaper: reaped process 23717 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  957.246942][T23668] CPU: 0 PID: 23668 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  957.260066][T23668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  957.270115][T23668] Call Trace:
[  957.273407][T23668]  dump_stack+0x172/0x1f0
[  957.277741][T23668]  dump_header+0x10b/0x82d
[  957.282147][T23668]  ? oom_kill_process+0x94/0x3f0
[  957.287095][T23668]  oom_kill_process.cold+0x10/0x15
[  957.292228][T23668]  out_of_memory+0x334/0x1340
[  957.296911][T23668]  ? lock_downgrade+0x920/0x920
[  957.301775][T23668]  ? oom_killer_disable+0x280/0x280
[  957.306995][T23668]  mem_cgroup_out_of_memory+0x1d8/0x240
[  957.312556][T23668]  ? memcg_stat_show+0xc40/0xc40
[  957.317528][T23668]  ? do_raw_spin_unlock+0x57/0x270
[  957.322638][T23668]  ? _raw_spin_unlock+0x2d/0x50
[  957.327488][T23668]  try_charge+0xf4b/0x1440
[  957.331905][T23668]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  957.337431][T23668]  ? percpu_ref_tryget_live+0x111/0x290
[  957.342973][T23668]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.349197][T23668]  ? __kasan_check_read+0x11/0x20
[  957.354219][T23668]  ? get_mem_cgroup_from_mm+0x156/0x320
[  957.359765][T23668]  mem_cgroup_try_charge+0x136/0x590
[  957.365033][T23668]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  957.370646][T23668]  wp_page_copy+0x407/0x1860
[  957.375246][T23668]  ? find_held_lock+0x35/0x130
[  957.379986][T23668]  ? do_wp_page+0x53b/0x15c0
[  957.384553][T23668]  ? pmd_devmap_trans_unstable+0x220/0x220
[  957.390338][T23668]  ? lock_downgrade+0x920/0x920
[  957.395168][T23668]  ? swp_swapcount+0x540/0x540
[  957.399908][T23668]  ? __kasan_check_read+0x11/0x20
[  957.404906][T23668]  ? do_raw_spin_unlock+0x57/0x270
[  957.409995][T23668]  do_wp_page+0x543/0x15c0
[  957.414389][T23668]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  957.419741][T23668]  __handle_mm_fault+0x23ec/0x4040
[  957.424832][T23668]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  957.430501][T23668]  ? handle_mm_fault+0x292/0xaa0
[  957.435457][T23668]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.441690][T23668]  ? __kasan_check_read+0x11/0x20
[  957.446696][T23668]  handle_mm_fault+0x3b7/0xaa0
[  957.451445][T23668]  __do_page_fault+0x536/0xdd0
[  957.456190][T23668]  do_page_fault+0x38/0x590
[  957.460684][T23668]  page_fault+0x39/0x40
[  957.464827][T23668] RIP: 0033:0x431026
[  957.468700][T23668] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  957.488287][T23668] RSP: 002b:00007ffe43c58100 EFLAGS: 00010206
[  957.494335][T23668] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  957.502282][T23668] RDX: 000000000295d930 RSI: 0000000002965970 RDI: 0000000000000003
[  957.510257][T23668] RBP: 0000000000008041 R08: 0000000000000001 R09: 000000000295c940
[  957.518212][T23668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  957.526163][T23668] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  957.535260][T23668] memory: usage 1404kB, limit 0kB, failcnt 277
[  957.541545][T23668] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  957.548456][T23668] Memory cgroup stats for /syz2:
[  957.548569][T23668] anon 122880
[  957.548569][T23668] file 167936
[  957.548569][T23668] kernel_stack 0
[  957.548569][T23668] slab 1327104
[  957.548569][T23668] sock 4096
[  957.548569][T23668] shmem 20480
[  957.548569][T23668] file_mapped 135168
[  957.548569][T23668] file_dirty 135168
[  957.548569][T23668] file_writeback 0
[  957.548569][T23668] anon_thp 0
[  957.548569][T23668] inactive_anon 90112
[  957.548569][T23668] active_anon 122880
[  957.548569][T23668] inactive_file 110592
[  957.548569][T23668] active_file 110592
[  957.548569][T23668] unevictable 0
[  957.548569][T23668] slab_reclaimable 946176
[  957.548569][T23668] slab_unreclaimable 380928
[  957.548569][T23668] pgfault 66165
[  957.548569][T23668] pgmajfault 0
[  957.548569][T23668] workingset_refault 0
[  957.548569][T23668] workingset_activate 0
[  957.548569][T23668] workingset_nodereclaim 0
[  957.548569][T23668] pgrefill 20228
[  957.548569][T23668] pgscan 28208
[  957.548569][T23668] pgsteal 3058
[  957.548586][T23668] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23668,uid=0
[  957.548686][T23668] Memory cgroup out of memory: Killed process 23668 (syz-executor.2) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  957.672794][T23697] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  957.695484][T23697] CPU: 0 PID: 23697 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  957.703422][T23697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  957.703428][T23697] Call Trace:
[  957.703449][T23697]  dump_stack+0x172/0x1f0
[  957.703468][T23697]  dump_header+0x10b/0x82d
[  957.703479][T23697]  ? oom_kill_process+0x94/0x3f0
[  957.703493][T23697]  oom_kill_process.cold+0x10/0x15
[  957.703510][T23697]  out_of_memory+0x334/0x1340
[  957.716834][T23697]  ? lock_downgrade+0x920/0x920
[  957.725540][T23697]  ? oom_killer_disable+0x280/0x280
[  957.735562][T23697]  mem_cgroup_out_of_memory+0x1d8/0x240
[  957.745035][T23697]  ? memcg_stat_show+0xc40/0xc40
[  957.755752][T23697]  ? do_raw_spin_unlock+0x57/0x270
[  957.765786][T23697]  ? _raw_spin_unlock+0x2d/0x50
[  957.770646][T23697]  try_charge+0xf4b/0x1440
[  957.770670][T23697]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  957.770681][T23697]  ? percpu_ref_tryget_live+0x111/0x290
[  957.770697][T23697]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.770715][T23697]  ? __kasan_check_read+0x11/0x20
[  957.780651][T23697]  ? get_mem_cgroup_from_mm+0x156/0x320
[  957.780668][T23697]  mem_cgroup_try_charge+0x136/0x590
[  957.780690][T23697]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  957.792460][T23697]  wp_page_copy+0x407/0x1860
[  957.792477][T23697]  ? find_held_lock+0x35/0x130
[  957.792490][T23697]  ? do_wp_page+0x53b/0x15c0
[  957.792513][T23697]  ? pmd_devmap_trans_unstable+0x220/0x220
[  957.803064][T23697]  ? lock_downgrade+0x920/0x920
[  957.813947][T23697]  ? swp_swapcount+0x540/0x540
[  957.823274][T23697]  ? __kasan_check_read+0x11/0x20
[  957.833624][T23697]  ? do_raw_spin_unlock+0x57/0x270
[  957.843212][T23697]  do_wp_page+0x543/0x15c0
[  957.853300][T23697]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  957.863042][T23697]  __handle_mm_fault+0x23ec/0x4040
[  957.868152][T23697]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  957.868166][T23697]  ? handle_mm_fault+0x292/0xaa0
[  957.868192][T23697]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.878640][T23697]  ? __kasan_check_read+0x11/0x20
[  957.878658][T23697]  handle_mm_fault+0x3b7/0xaa0
[  957.878679][T23697]  __do_page_fault+0x536/0xdd0
[  957.889905][T23697]  do_page_fault+0x38/0x590
[  957.889925][T23697]  page_fault+0x39/0x40
[  957.899394][T23697] RIP: 0033:0x431026
[  957.899410][T23697] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  957.899421][T23697] RSP: 002b:00007ffe8a510280 EFLAGS: 00010206
[  957.908024][T23697] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  957.908033][T23697] RDX: 0000000000fde930 RSI: 0000000000fe6970 RDI: 0000000000000003
[  957.908041][T23697] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000fdd940
[  957.908048][T23697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  957.908061][T23697] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  957.941775][T23697] memory: usage 640kB, limit 0kB, failcnt 562
[  957.966638][T23697] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  957.986556][T23697] Memory cgroup stats for /syz3:
[  957.986655][T23697] anon 81920
[  957.986655][T23697] file 118784
[  957.986655][T23697] kernel_stack 65536
[  957.986655][T23697] slab 692224
[  957.986655][T23697] sock 81920
[  957.986655][T23697] shmem 24576
[  957.986655][T23697] file_mapped 0
[  957.986655][T23697] file_dirty 135168
[  957.986655][T23697] file_writeback 0
[  957.986655][T23697] anon_thp 0
[  957.986655][T23697] inactive_anon 0
[  957.986655][T23697] active_anon 81920
[  957.986655][T23697] inactive_file 98304
[  957.986655][T23697] active_file 0
[  957.986655][T23697] unevictable 135168
[  957.986655][T23697] slab_reclaimable 270336
[  957.986655][T23697] slab_unreclaimable 421888
[  957.986655][T23697] pgfault 59565
[  957.986655][T23697] pgmajfault 0
[  957.986655][T23697] workingset_refault 0
[  957.986655][T23697] workingset_activate 0
[  957.986655][T23697] workingset_nodereclaim 0
[  957.986655][T23697] pgrefill 8688
[  957.986655][T23697] pgscan 40193
[  957.986655][T23697] pgsteal 9652
[  957.996571][T23697] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23697,uid=0
[  958.106515][T23697] Memory cgroup out of memory: Killed process 23697 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  958.126495][ T1070] oom_reaper: reaped process 23697 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  958.139026][T23669] 8021q: adding VLAN 0 to HW filter on device batadv0
[  958.158407][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  958.166318][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  958.182851][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  958.202466][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  958.216890][T20283] bridge0: port 1(bridge_slave_0) entered blocking state
[  958.224005][T20283] bridge0: port 1(bridge_slave_0) entered forwarding state
[  958.242510][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  958.255235][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  958.263968][T20283] bridge0: port 2(bridge_slave_1) entered blocking state
[  958.271069][T20283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  958.280023][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  958.288958][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  958.297605][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  958.306142][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  958.314914][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  958.324159][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  958.332869][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  958.341430][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  958.349973][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  958.358715][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  958.922103][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  958.930910][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  958.938940][T20283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  959.140927][T23723] IPVS: ftp: loaded support on port[0] = 21
[  959.552219][T23729] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  959.562767][T23729] CPU: 0 PID: 23729 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  959.570689][T23729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  959.580847][T23729] Call Trace:
[  959.584156][T23729]  dump_stack+0x172/0x1f0
[  959.588483][T23729]  dump_header+0x10b/0x82d
[  959.592886][T23729]  oom_kill_process.cold+0x10/0x15
[  959.597981][T23729]  out_of_memory+0x334/0x1340
[  959.602654][T23729]  ? __sched_text_start+0x8/0x8
[  959.607502][T23729]  ? oom_killer_disable+0x280/0x280
[  959.612689][T23729]  mem_cgroup_out_of_memory+0x1d8/0x240
[  959.618215][T23729]  ? memcg_stat_show+0xc40/0xc40
[  959.623152][T23729]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  959.628962][T23729]  ? cgroup_file_notify+0x140/0x1b0
[  959.634151][T23729]  memory_max_write+0x262/0x3a0
[  959.638988][T23729]  ? mem_cgroup_write+0x370/0x370
[  959.643994][T23729]  ? lock_acquire+0x190/0x410
[  959.648656][T23729]  ? kernfs_fop_write+0x227/0x480
[  959.653670][T23729]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  959.659222][T23729]  cgroup_file_write+0x241/0x790
[  959.664145][T23729]  ? mem_cgroup_write+0x370/0x370
[  959.669152][T23729]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  959.674775][T23729]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  959.680391][T23729]  kernfs_fop_write+0x2b8/0x480
[  959.685223][T23729]  __vfs_write+0x8a/0x110
[  959.689535][T23729]  ? kernfs_fop_open+0xd80/0xd80
[  959.694455][T23729]  __kernel_write+0x11b/0x3b0
[  959.699128][T23729]  write_pipe_buf+0x15d/0x1f0
[  959.703786][T23729]  ? do_splice_direct+0x2a0/0x2a0
[  959.708804][T23729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  959.715102][T23729]  ? splice_from_pipe_next.part.0+0x262/0x300
[  959.721186][T23729]  __splice_from_pipe+0x397/0x7d0
[  959.726205][T23729]  ? do_splice_direct+0x2a0/0x2a0
[  959.731220][T23729]  ? do_splice_direct+0x2a0/0x2a0
[  959.736253][T23729]  splice_from_pipe+0x108/0x170
[  959.741111][T23729]  ? splice_shrink_spd+0xd0/0xd0
[  959.746052][T23729]  ? security_file_permission+0x8f/0x380
[  959.751685][T23729]  default_file_splice_write+0x3c/0x90
[  959.757123][T23729]  ? generic_splice_sendpage+0x50/0x50
[  959.762592][T23729]  direct_splice_actor+0x123/0x190
[  959.767698][T23729]  splice_direct_to_actor+0x366/0x970
[  959.773055][T23729]  ? generic_pipe_buf_nosteal+0x10/0x10
[  959.778596][T23729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  959.784853][T23729]  ? do_splice_to+0x180/0x180
[  959.789542][T23729]  ? rw_verify_area+0x126/0x360
[  959.794407][T23729]  do_splice_direct+0x1da/0x2a0
[  959.799260][T23729]  ? splice_direct_to_actor+0x970/0x970
[  959.804798][T23729]  ? rcu_read_lock_any_held+0xcd/0xf0
[  959.810162][T23729]  ? __this_cpu_preempt_check+0x3a/0x210
[  959.815780][T23729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  959.822014][T23729]  ? __sb_start_write+0x1e5/0x460
[  959.827022][T23729]  do_sendfile+0x597/0xd00
[  959.831437][T23729]  ? do_compat_pwritev64+0x1c0/0x1c0
[  959.836706][T23729]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  959.842928][T23729]  ? put_timespec64+0xda/0x140
[  959.847770][T23729]  __x64_sys_sendfile64+0x1dd/0x220
[  959.852960][T23729]  ? __ia32_sys_sendfile+0x230/0x230
[  959.858237][T23729]  ? do_syscall_64+0x26/0x760
[  959.862896][T23729]  ? lockdep_hardirqs_on+0x421/0x5e0
[  959.868164][T23729]  ? trace_hardirqs_on+0x67/0x240
[  959.873175][T23729]  do_syscall_64+0xfa/0x760
[  959.877666][T23729]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  959.883547][T23729] RIP: 0033:0x459f49
[  959.887425][T23729] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  959.907011][T23729] RSP: 002b:00007fb14ac31c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  959.915418][T23729] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  959.923372][T23729] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  959.931331][T23729] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  959.939282][T23729] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fb14ac326d4
[  959.947235][T23729] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  959.957783][T23729] memory: usage 2280kB, limit 0kB, failcnt 61
[  959.984113][T23729] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  959.991609][T23729] Memory cgroup stats for /syz0:
[  959.991719][T23729] anon 69632
[  959.991719][T23729] file 0
[  959.991719][T23729] kernel_stack 131072
[  959.991719][T23729] slab 1916928
[  959.991719][T23729] sock 0
[  959.991719][T23729] shmem 122880
[  959.991719][T23729] file_mapped 135168
[  959.991719][T23729] file_dirty 0
[  959.991719][T23729] file_writeback 0
[  959.991719][T23729] anon_thp 0
[  959.991719][T23729] inactive_anon 0
[  959.991719][T23729] active_anon 69632
[  959.991719][T23729] inactive_file 28672
[  959.991719][T23729] active_file 147456
[  959.991719][T23729] unevictable 0
[  959.991719][T23729] slab_reclaimable 946176
[  959.991719][T23729] slab_unreclaimable 970752
[  959.991719][T23729] pgfault 82731
[  959.991719][T23729] pgmajfault 0
[  959.991719][T23729] workingset_refault 0
[  959.991719][T23729] workingset_activate 0
[  959.991719][T23729] workingset_nodereclaim 0
[  959.991719][T23729] pgrefill 168
[  959.991719][T23729] pgscan 5119
[  959.991719][T23729] pgsteal 4281
[  959.991719][T23729] pgactivate 198
[  960.103537][T23729] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=23669,uid=0
[  960.119224][T23729] Memory cgroup out of memory: Killed process 23669 (syz-executor.0) total-vm:72456kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  960.146421][ T1070] oom_reaper: reaped process 23669 (syz-executor.0), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
10:32:53 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:53 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:53 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f0000000180))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:53 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:32:53 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x88480000}, 0x0)

[  960.870938][T11615] device bridge_slave_1 left promiscuous mode
[  960.877182][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
10:32:53 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  960.928507][T11615] device bridge_slave_0 left promiscuous mode
[  960.937050][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.009648][T11615] device bridge_slave_1 left promiscuous mode
[  961.015896][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.068391][T11615] device bridge_slave_0 left promiscuous mode
[  961.084539][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.169288][T11615] device bridge_slave_1 left promiscuous mode
[  961.175537][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.187593][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  961.187610][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  961.193415][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  961.199121][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  961.204915][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  961.210618][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  961.216285][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  961.222009][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  961.233525][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  961.239321][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  961.288697][T11615] device bridge_slave_0 left promiscuous mode
[  961.295025][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.339200][T11615] device bridge_slave_1 left promiscuous mode
[  961.345378][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.388815][T11615] device bridge_slave_0 left promiscuous mode
[  961.395225][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.438960][T11615] device bridge_slave_1 left promiscuous mode
[  961.445180][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.488446][T11615] device bridge_slave_0 left promiscuous mode
[  961.494733][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  971.468221][T11615] device hsr_slave_0 left promiscuous mode
[  971.507828][T11615] device hsr_slave_1 left promiscuous mode
[  971.561941][T11615] team0 (unregistering): Port device team_slave_1 removed
[  971.575783][T11615] team0 (unregistering): Port device team_slave_0 removed
[  971.588621][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  971.636103][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  971.729632][T11615] bond0 (unregistering): Released all slaves
[  971.878490][T11615] device hsr_slave_0 left promiscuous mode
[  971.917745][T11615] device hsr_slave_1 left promiscuous mode
[  971.980145][T11615] team0 (unregistering): Port device team_slave_1 removed
[  971.993899][T11615] team0 (unregistering): Port device team_slave_0 removed
[  972.006107][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  972.072058][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  972.143856][T11615] bond0 (unregistering): Released all slaves
[  972.288339][T11615] device hsr_slave_0 left promiscuous mode
[  972.338034][T11615] device hsr_slave_1 left promiscuous mode
[  972.391534][T11615] team0 (unregistering): Port device team_slave_1 removed
[  972.405392][T11615] team0 (unregistering): Port device team_slave_0 removed
[  972.417135][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  972.452779][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  972.553629][T11615] bond0 (unregistering): Released all slaves
[  972.698566][T11615] device hsr_slave_0 left promiscuous mode
[  972.739063][T11615] device hsr_slave_1 left promiscuous mode
[  972.793199][T11615] team0 (unregistering): Port device team_slave_1 removed
[  972.806815][T11615] team0 (unregistering): Port device team_slave_0 removed
[  972.822547][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  972.871747][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  972.967086][T11615] bond0 (unregistering): Released all slaves
[  973.098452][T11615] device hsr_slave_0 left promiscuous mode
[  973.167828][T11615] device hsr_slave_1 left promiscuous mode
[  973.215606][T11615] team0 (unregistering): Port device team_slave_1 removed
[  973.229260][T11615] team0 (unregistering): Port device team_slave_0 removed
[  973.241345][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  973.284637][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  973.359454][T11615] bond0 (unregistering): Released all slaves
10:33:05 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x88640000}, 0x0)

[  973.523234][T23744] IPVS: ftp: loaded support on port[0] = 21
[  973.523259][T23746] IPVS: ftp: loaded support on port[0] = 21
[  973.541693][T23740] IPVS: ftp: loaded support on port[0] = 21
[  973.550985][T23745] IPVS: ftp: loaded support on port[0] = 21
[  973.597087][T23723] chnl_net:caif_netlink_parms(): no params data found
10:33:06 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x88a8ffff}, 0x0)

10:33:06 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x88caffff}, 0x0)

[  973.802330][T23723] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.817301][T23723] bridge0: port 1(bridge_slave_0) entered disabled state
[  973.841593][T23723] device bridge_slave_0 entered promiscuous mode
[  973.861849][T23723] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.869644][T23723] bridge0: port 2(bridge_slave_1) entered disabled state
[  973.878090][T23723] device bridge_slave_1 entered promiscuous mode
10:33:06 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0x89060000}, 0x0)

[  973.942777][T23723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  973.989298][T23746] chnl_net:caif_netlink_parms(): no params data found
[  974.028433][T23723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
10:33:06 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xe8030000}, 0x0)

[  974.156461][T23745] chnl_net:caif_netlink_parms(): no params data found
[  974.191995][T23740] chnl_net:caif_netlink_parms(): no params data found
[  974.219841][T23723] team0: Port device team_slave_0 added
[  974.283469][T23723] team0: Port device team_slave_1 added
[  974.341902][T23746] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.349796][T23746] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.358134][T23746] device bridge_slave_0 entered promiscuous mode
[  974.367283][T23746] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.376137][T23746] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.384511][T23746] device bridge_slave_1 entered promiscuous mode
[  974.450454][T23723] device hsr_slave_0 entered promiscuous mode
[  974.498035][T23723] device hsr_slave_1 entered promiscuous mode
[  974.568318][T23745] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.575394][T23745] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.593707][T23745] device bridge_slave_0 entered promiscuous mode
[  974.618590][T23745] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.625679][T23745] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.634446][T23745] device bridge_slave_1 entered promiscuous mode
[  974.642467][T23744] chnl_net:caif_netlink_parms(): no params data found
[  974.687704][T23746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  974.715315][T23745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  974.736773][T23746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  974.754689][T23745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  974.764578][T23740] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.771990][T23740] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.780333][T23740] device bridge_slave_0 entered promiscuous mode
[  974.788775][T23740] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.795981][T23740] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.804153][T23740] device bridge_slave_1 entered promiscuous mode
[  974.848138][T23745] team0: Port device team_slave_0 added
[  974.856144][T23744] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.863473][T23744] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.871506][T23744] device bridge_slave_0 entered promiscuous mode
[  974.896227][T23745] team0: Port device team_slave_1 added
[  974.910158][T23744] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.917403][T23744] bridge0: port 2(bridge_slave_1) entered disabled state
[  974.926779][T23744] device bridge_slave_1 entered promiscuous mode
[  974.934780][T23746] team0: Port device team_slave_0 added
[  974.950822][T23740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  974.970895][T23746] team0: Port device team_slave_1 added
[  974.991204][T23744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  975.002239][T23744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  975.013768][T23740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  975.070887][T23746] device hsr_slave_0 entered promiscuous mode
[  975.118184][T23746] device hsr_slave_1 entered promiscuous mode
[  975.157877][T23746] debugfs: Directory 'hsr0' with parent '/' already present!
[  975.200736][T23745] device hsr_slave_0 entered promiscuous mode
[  975.238193][T23745] device hsr_slave_1 entered promiscuous mode
[  975.277859][T23745] debugfs: Directory 'hsr0' with parent '/' already present!
[  975.313244][T23744] team0: Port device team_slave_0 added
[  975.336805][T23744] team0: Port device team_slave_1 added
[  975.355601][T23740] team0: Port device team_slave_0 added
[  975.380062][T23740] team0: Port device team_slave_1 added
[  975.500804][T23744] device hsr_slave_0 entered promiscuous mode
[  975.568007][T23744] device hsr_slave_1 entered promiscuous mode
[  975.607651][T23744] debugfs: Directory 'hsr0' with parent '/' already present!
[  975.619223][T23723] 8021q: adding VLAN 0 to HW filter on device bond0
[  975.860525][T23740] device hsr_slave_0 entered promiscuous mode
[  975.908264][T23740] device hsr_slave_1 entered promiscuous mode
[  975.967718][T23740] debugfs: Directory 'hsr0' with parent '/' already present!
[  975.983563][T23723] 8021q: adding VLAN 0 to HW filter on device team0
[  976.018625][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  976.026514][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  976.057434][T23745] 8021q: adding VLAN 0 to HW filter on device bond0
[  976.087700][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  976.096434][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  976.106311][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[  976.113438][T14992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  976.132787][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  976.146897][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  976.166276][T14992] bridge0: port 2(bridge_slave_1) entered blocking state
[  976.173401][T14992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  976.191271][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  976.200750][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  976.226636][T23745] 8021q: adding VLAN 0 to HW filter on device team0
[  976.267801][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  976.275544][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  976.284405][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  976.295978][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  976.305231][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  976.315210][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  976.333873][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  976.354681][T23723] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  976.366182][T23723] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  976.398702][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  976.406724][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  976.416079][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  976.425086][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  976.434848][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  976.444054][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  976.453308][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  976.462223][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[  976.469334][T14992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  976.477856][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  976.486652][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  976.504810][T14992] bridge0: port 2(bridge_slave_1) entered blocking state
[  976.511935][T14992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  976.520382][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  976.530031][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  976.538403][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  976.561501][T23746] 8021q: adding VLAN 0 to HW filter on device bond0
[  976.584748][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  976.608451][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  976.617276][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  976.696704][T23746] 8021q: adding VLAN 0 to HW filter on device team0
[  976.719089][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  976.737301][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  976.746342][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  976.765319][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  976.776515][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  976.799036][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  976.817576][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  976.826340][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  976.844555][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  976.857251][T23745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  976.896109][T23744] 8021q: adding VLAN 0 to HW filter on device bond0
[  976.911186][T23723] 8021q: adding VLAN 0 to HW filter on device batadv0
[  976.949719][T23745] 8021q: adding VLAN 0 to HW filter on device batadv0
[  976.961223][T23740] 8021q: adding VLAN 0 to HW filter on device bond0
[  976.985805][T23744] 8021q: adding VLAN 0 to HW filter on device team0
[  977.002550][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  977.011860][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  977.020817][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  977.027927][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  977.036258][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  977.045713][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  977.054483][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  977.061591][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  977.070632][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  977.079556][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  977.087442][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  977.122321][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  977.138270][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  977.147149][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  977.159674][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  977.168658][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  977.177413][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  977.186262][T22841] bridge0: port 1(bridge_slave_0) entered blocking state
[  977.193389][T22841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  977.201616][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  977.210138][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  977.219507][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  977.228852][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  977.237944][T22841] bridge0: port 2(bridge_slave_1) entered blocking state
[  977.245047][T22841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  977.253777][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  977.262246][T22841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  977.280022][T23740] 8021q: adding VLAN 0 to HW filter on device team0
[  977.310867][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  977.319894][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  977.329905][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  977.336964][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  977.345528][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  977.354512][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  977.363189][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  977.370286][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  977.386967][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  977.397432][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  977.425383][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  977.445799][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  977.457130][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  977.470264][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  977.479190][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  977.492844][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  977.503499][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  977.515716][T23746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  977.568126][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  977.599290][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  977.608489][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  977.623265][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  977.638706][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  977.687879][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  977.696549][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  977.724991][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  977.746937][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  977.779213][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  977.801974][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  977.842193][T23791] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  977.855403][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  977.883461][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  977.897588][T23791] CPU: 0 PID: 23791 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[  977.905509][T23791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  977.915576][T23791] Call Trace:
[  977.918888][T23791]  dump_stack+0x172/0x1f0
[  977.923264][T23791]  dump_header+0x10b/0x82d
[  977.927790][T23791]  oom_kill_process.cold+0x10/0x15
[  977.932910][T23791]  out_of_memory+0x334/0x1340
[  977.937577][T23791]  ? cgroup_file_notify+0x140/0x1b0
[  977.942811][T23791]  ? oom_killer_disable+0x280/0x280
[  977.948009][T23791]  mem_cgroup_out_of_memory+0x1d8/0x240
[  977.953537][T23791]  ? memcg_stat_show+0xc40/0xc40
[  977.958465][T23791]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  977.964265][T23791]  ? cgroup_file_notify+0x140/0x1b0
[  977.969448][T23791]  memory_max_write+0x262/0x3a0
[  977.974285][T23791]  ? mem_cgroup_write+0x370/0x370
[  977.979304][T23791]  ? lock_acquire+0x190/0x410
[  977.983976][T23791]  ? kernfs_fop_write+0x227/0x480
[  977.989495][T23791]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  977.995035][T23791]  cgroup_file_write+0x241/0x790
[  977.999972][T23791]  ? mem_cgroup_write+0x370/0x370
[  978.004985][T23791]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  978.010607][T23791]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  978.016231][T23791]  kernfs_fop_write+0x2b8/0x480
[  978.021065][T23791]  __vfs_write+0x8a/0x110
[  978.025385][T23791]  ? kernfs_fop_open+0xd80/0xd80
[  978.030318][T23791]  __kernel_write+0x11b/0x3b0
[  978.034979][T23791]  write_pipe_buf+0x15d/0x1f0
[  978.039639][T23791]  ? do_splice_direct+0x2a0/0x2a0
[  978.044660][T23791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.050884][T23791]  ? splice_from_pipe_next.part.0+0x262/0x300
[  978.056936][T23791]  __splice_from_pipe+0x397/0x7d0
[  978.061943][T23791]  ? do_splice_direct+0x2a0/0x2a0
[  978.066959][T23791]  ? do_splice_direct+0x2a0/0x2a0
[  978.071967][T23791]  splice_from_pipe+0x108/0x170
[  978.076812][T23791]  ? splice_shrink_spd+0xd0/0xd0
[  978.081750][T23791]  ? security_file_permission+0x8f/0x380
[  978.087859][T23791]  default_file_splice_write+0x3c/0x90
[  978.093300][T23791]  ? generic_splice_sendpage+0x50/0x50
[  978.098742][T23791]  direct_splice_actor+0x123/0x190
[  978.103837][T23791]  splice_direct_to_actor+0x366/0x970
[  978.109197][T23791]  ? generic_pipe_buf_nosteal+0x10/0x10
[  978.114728][T23791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.120958][T23791]  ? do_splice_to+0x180/0x180
[  978.125619][T23791]  ? rw_verify_area+0x126/0x360
[  978.130458][T23791]  do_splice_direct+0x1da/0x2a0
[  978.135991][T23791]  ? splice_direct_to_actor+0x970/0x970
[  978.141521][T23791]  ? rcu_read_lock_any_held+0xcd/0xf0
[  978.146878][T23791]  ? __this_cpu_preempt_check+0x3a/0x210
[  978.152504][T23791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.158725][T23791]  ? __sb_start_write+0x1e5/0x460
[  978.163734][T23791]  do_sendfile+0x597/0xd00
[  978.168142][T23791]  ? do_compat_pwritev64+0x1c0/0x1c0
[  978.173418][T23791]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  978.179640][T23791]  ? put_timespec64+0xda/0x140
[  978.184402][T23791]  __x64_sys_sendfile64+0x1dd/0x220
[  978.189948][T23791]  ? __ia32_sys_sendfile+0x230/0x230
[  978.195233][T23791]  ? do_syscall_64+0x26/0x760
[  978.199903][T23791]  ? lockdep_hardirqs_on+0x421/0x5e0
[  978.205180][T23791]  ? trace_hardirqs_on+0x67/0x240
[  978.210201][T23791]  do_syscall_64+0xfa/0x760
[  978.214723][T23791]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  978.220610][T23791] RIP: 0033:0x459f49
[  978.224497][T23791] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  978.244204][T23791] RSP: 002b:00007f4655b69c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  978.252603][T23791] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  978.260573][T23791] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  978.268534][T23791] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  978.276495][T23791] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f4655b6a6d4
[  978.284457][T23791] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  978.309014][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  978.323582][T23791] memory: usage 1776kB, limit 0kB, failcnt 258
[  978.327935][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  978.333550][T23791] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  978.350479][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  978.358950][T23791] Memory cgroup stats for /syz4:
[  978.359062][T23791] anon 143360
[  978.359062][T23791] file 0
[  978.359062][T23791] kernel_stack 131072
[  978.359062][T23791] slab 1232896
[  978.359062][T23791] sock 0
[  978.359062][T23791] shmem 0
[  978.359062][T23791] file_mapped 0
[  978.359062][T23791] file_dirty 135168
[  978.359062][T23791] file_writeback 0
[  978.359062][T23791] anon_thp 0
[  978.359062][T23791] inactive_anon 135168
[  978.359062][T23791] active_anon 143360
[  978.359062][T23791] inactive_file 102400
[  978.359062][T23791] active_file 122880
[  978.359062][T23791] unevictable 0
[  978.359062][T23791] slab_reclaimable 811008
[  978.359062][T23791] slab_unreclaimable 421888
[  978.359062][T23791] pgfault 49599
[  978.359062][T23791] pgmajfault 0
[  978.359062][T23791] workingset_refault 0
[  978.359062][T23791] workingset_activate 0
[  978.359062][T23791] workingset_nodereclaim 0
[  978.359062][T23791] pgrefill 13946
[  978.359062][T23791] pgscan 36577
[  978.359062][T23791] pgsteal 10501
[  978.359062][T23791] pgactivate 19008
[  978.471512][T23740] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  978.486008][T23791] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23723,uid=0
[  978.512476][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  978.517705][T23791] Memory cgroup out of memory: Killed process 23723 (syz-executor.4) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[  978.532283][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  978.558846][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  978.568152][T23745] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  978.576226][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  978.589252][T23744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  978.597634][T23745] CPU: 1 PID: 23745 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[  978.605564][T23745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  978.615633][T23745] Call Trace:
[  978.618943][T23745]  dump_stack+0x172/0x1f0
[  978.623282][T23745]  dump_header+0x10b/0x82d
[  978.627693][T23745]  ? oom_kill_process+0x94/0x3f0
[  978.632629][T23745]  oom_kill_process.cold+0x10/0x15
[  978.637738][T23745]  out_of_memory+0x334/0x1340
[  978.642421][T23745]  ? lock_downgrade+0x920/0x920
[  978.647272][T23745]  ? oom_killer_disable+0x280/0x280
[  978.652492][T23745]  mem_cgroup_out_of_memory+0x1d8/0x240
[  978.658053][T23745]  ? memcg_stat_show+0xc40/0xc40
[  978.663006][T23745]  ? do_raw_spin_unlock+0x57/0x270
[  978.668127][T23745]  ? _raw_spin_unlock+0x2d/0x50
[  978.672960][T23745]  try_charge+0xf4b/0x1440
[  978.677358][T23745]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  978.682880][T23745]  ? percpu_ref_tryget_live+0x111/0x290
[  978.688406][T23745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.694627][T23745]  ? __kasan_check_read+0x11/0x20
[  978.699656][T23745]  ? get_mem_cgroup_from_mm+0x156/0x320
[  978.705182][T23745]  mem_cgroup_try_charge+0x136/0x590
[  978.710481][T23745]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  978.716096][T23745]  wp_page_copy+0x407/0x1860
[  978.720664][T23745]  ? find_held_lock+0x35/0x130
[  978.725406][T23745]  ? do_wp_page+0x53b/0x15c0
[  978.729977][T23745]  ? pmd_devmap_trans_unstable+0x220/0x220
[  978.735844][T23745]  ? lock_downgrade+0x920/0x920
[  978.740682][T23745]  ? swp_swapcount+0x540/0x540
[  978.745426][T23745]  ? __kasan_check_read+0x11/0x20
[  978.750436][T23745]  ? do_raw_spin_unlock+0x57/0x270
[  978.755590][T23745]  do_wp_page+0x543/0x15c0
[  978.760012][T23745]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  978.765379][T23745]  __handle_mm_fault+0x23ec/0x4040
[  978.770474][T23745]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  978.776001][T23745]  ? handle_mm_fault+0x292/0xaa0
[  978.780924][T23745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.787141][T23745]  ? __kasan_check_read+0x11/0x20
[  978.792145][T23745]  handle_mm_fault+0x3b7/0xaa0
[  978.796890][T23745]  __do_page_fault+0x536/0xdd0
[  978.801636][T23745]  do_page_fault+0x38/0x590
[  978.806204][T23745]  page_fault+0x39/0x40
[  978.810336][T23745] RIP: 0033:0x431026
[  978.814209][T23745] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  978.833788][T23745] RSP: 002b:00007ffcc2545010 EFLAGS: 00010206
[  978.839854][T23745] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  978.847802][T23745] RDX: 000000000220e930 RSI: 0000000002216970 RDI: 0000000000000003
[  978.855754][T23745] RBP: 0000000000008041 R08: 0000000000000001 R09: 000000000220d940
[  978.863701][T23745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  978.871674][T23745] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  978.884142][T23745] memory: usage 1600kB, limit 0kB, failcnt 69
[  978.890431][T23745] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  978.897286][T23745] Memory cgroup stats for /syz0:
[  978.897389][T23745] anon 81920
[  978.897389][T23745] file 0
[  978.897389][T23745] kernel_stack 0
[  978.897389][T23745] slab 1781760
[  978.897389][T23745] sock 0
[  978.897389][T23745] shmem 122880
[  978.897389][T23745] file_mapped 0
[  978.897389][T23745] file_dirty 135168
[  978.897389][T23745] file_writeback 135168
[  978.897389][T23745] anon_thp 0
[  978.897389][T23745] inactive_anon 0
[  978.897389][T23745] active_anon 81920
[  978.897389][T23745] inactive_file 28672
[  978.897389][T23745] active_file 143360
[  978.897389][T23745] unevictable 0
[  978.897389][T23745] slab_reclaimable 811008
[  978.897389][T23745] slab_unreclaimable 970752
[  978.897389][T23745] pgfault 82896
[  978.897389][T23745] pgmajfault 0
[  978.897389][T23745] workingset_refault 0
[  978.897389][T23745] workingset_activate 0
[  978.897389][T23745] workingset_nodereclaim 0
[  978.897389][T23745] pgrefill 201
[  978.897389][T23745] pgscan 5219
[  978.897389][T23745] pgsteal 4281
[  978.897389][T23745] pgactivate 198
[  978.900670][T23746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  978.902517][T23745] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=23745,uid=0
[  979.027789][T23745] Memory cgroup out of memory: Killed process 23745 (syz-executor.0) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  979.052097][T23740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  979.106374][T23744] 8021q: adding VLAN 0 to HW filter on device batadv0
10:33:12 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:12 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xf4010000}, 0x0)

[  979.928960][T23823] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  979.947294][T23823] CPU: 0 PID: 23823 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  979.955239][T23823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.965306][T23823] Call Trace:
[  979.968615][T23823]  dump_stack+0x172/0x1f0
[  979.972962][T23823]  dump_header+0x10b/0x82d
[  979.977398][T23823]  oom_kill_process.cold+0x10/0x15
[  979.982524][T23823]  out_of_memory+0x334/0x1340
[  979.987224][T23823]  ? __sched_text_start+0x8/0x8
[  979.992088][T23823]  ? oom_killer_disable+0x280/0x280
[  979.997390][T23823]  mem_cgroup_out_of_memory+0x1d8/0x240
[  980.002939][T23823]  ? memcg_stat_show+0xc40/0xc40
[  980.007891][T23823]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  980.013707][T23823]  ? cgroup_file_notify+0x140/0x1b0
[  980.018913][T23823]  memory_max_write+0x262/0x3a0
[  980.023769][T23823]  ? mem_cgroup_write+0x370/0x370
[  980.028822][T23823]  ? lock_acquire+0x190/0x410
[  980.033507][T23823]  ? kernfs_fop_write+0x227/0x480
[  980.038546][T23823]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  980.044112][T23823]  cgroup_file_write+0x241/0x790
[  980.049064][T23823]  ? mem_cgroup_write+0x370/0x370
[  980.054102][T23823]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  980.059759][T23823]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  980.065406][T23823]  kernfs_fop_write+0x2b8/0x480
[  980.070274][T23823]  __vfs_write+0x8a/0x110
[  980.074628][T23823]  ? kernfs_fop_open+0xd80/0xd80
[  980.079573][T23823]  __kernel_write+0x11b/0x3b0
[  980.084273][T23823]  write_pipe_buf+0x15d/0x1f0
[  980.088963][T23823]  ? do_splice_direct+0x2a0/0x2a0
[  980.094000][T23823]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.100255][T23823]  ? splice_from_pipe_next.part.0+0x262/0x300
[  980.106346][T23823]  __splice_from_pipe+0x397/0x7d0
[  980.111378][T23823]  ? do_splice_direct+0x2a0/0x2a0
[  980.116455][T23823]  ? do_splice_direct+0x2a0/0x2a0
[  980.121489][T23823]  splice_from_pipe+0x108/0x170
[  980.126352][T23823]  ? splice_shrink_spd+0xd0/0xd0
[  980.131312][T23823]  ? security_file_permission+0x8f/0x380
[  980.136980][T23823]  default_file_splice_write+0x3c/0x90
[  980.142462][T23823]  ? generic_splice_sendpage+0x50/0x50
[  980.147942][T23823]  direct_splice_actor+0x123/0x190
[  980.153073][T23823]  splice_direct_to_actor+0x366/0x970
[  980.158471][T23823]  ? generic_pipe_buf_nosteal+0x10/0x10
[  980.164044][T23823]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.170297][T23823]  ? do_splice_to+0x180/0x180
[  980.174982][T23823]  ? rw_verify_area+0x126/0x360
[  980.179947][T23823]  do_splice_direct+0x1da/0x2a0
[  980.184804][T23823]  ? splice_direct_to_actor+0x970/0x970
[  980.190360][T23823]  ? rcu_read_lock_any_held+0xcd/0xf0
[  980.195746][T23823]  ? __this_cpu_preempt_check+0x3a/0x210
[  980.201409][T23823]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.207652][T23823]  ? __sb_start_write+0x1e5/0x460
[  980.212686][T23823]  do_sendfile+0x597/0xd00
[  980.217122][T23823]  ? do_compat_pwritev64+0x1c0/0x1c0
[  980.222408][T23823]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  980.228655][T23823]  ? put_timespec64+0xda/0x140
[  980.233437][T23823]  __x64_sys_sendfile64+0x1dd/0x220
[  980.238645][T23823]  ? __ia32_sys_sendfile+0x230/0x230
[  980.243937][T23823]  ? do_syscall_64+0x26/0x760
[  980.248615][T23823]  ? lockdep_hardirqs_on+0x421/0x5e0
[  980.253906][T23823]  ? trace_hardirqs_on+0x67/0x240
[  980.258946][T23823]  do_syscall_64+0xfa/0x760
[  980.263459][T23823]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  980.269351][T23823] RIP: 0033:0x459f49
[  980.273243][T23823] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  980.292847][T23823] RSP: 002b:00007ff1a64b1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  980.301266][T23823] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  980.309260][T23823] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  980.317358][T23823] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  980.325335][T23823] R10: 0000000020000022 R11: 0000000000000246 R12: 00007ff1a64b26d4
[  980.333402][T23823] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[  980.357707][T23823] memory: usage 5056kB, limit 0kB, failcnt 563
[  980.377039][T23823] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  980.395371][T23823] Memory cgroup stats for /syz3:
[  980.395478][T23823] anon 4395008
[  980.395478][T23823] file 118784
[  980.395478][T23823] kernel_stack 131072
[  980.395478][T23823] slab 692224
[  980.395478][T23823] sock 81920
[  980.395478][T23823] shmem 24576
[  980.395478][T23823] file_mapped 0
[  980.395478][T23823] file_dirty 135168
[  980.395478][T23823] file_writeback 0
[  980.395478][T23823] anon_thp 4194304
[  980.395478][T23823] inactive_anon 0
[  980.395478][T23823] active_anon 4395008
[  980.395478][T23823] inactive_file 98304
[  980.395478][T23823] active_file 0
[  980.395478][T23823] unevictable 135168
[  980.395478][T23823] slab_reclaimable 270336
[  980.395478][T23823] slab_unreclaimable 421888
[  980.395478][T23823] pgfault 59631
[  980.395478][T23823] pgmajfault 0
[  980.395478][T23823] workingset_refault 0
[  980.395478][T23823] workingset_activate 0
[  980.395478][T23823] workingset_nodereclaim 0
[  980.395478][T23823] pgrefill 8688
[  980.395478][T23823] pgscan 40193
[  980.395478][T23823] pgsteal 9652
[  980.492929][T23823] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23818,uid=0
[  980.524010][T23823] Memory cgroup out of memory: Killed process 23818 (syz-executor.3) total-vm:72720kB, anon-rss:4188kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[  980.555947][ T1070] oom_reaper: reaped process 23818 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[  980.567263][T23828] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  980.590203][T23828] CPU: 0 PID: 23828 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  980.598137][T23828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  980.608200][T23828] Call Trace:
[  980.611511][T23828]  dump_stack+0x172/0x1f0
[  980.615854][T23828]  dump_header+0x10b/0x82d
[  980.620280][T23828]  oom_kill_process.cold+0x10/0x15
[  980.625426][T23828]  out_of_memory+0x334/0x1340
[  980.625451][T23828]  ? oom_killer_disable+0x280/0x280
[  980.625477][T23828]  mem_cgroup_out_of_memory+0x1d8/0x240
[  980.640977][T23828]  ? memcg_stat_show+0xc40/0xc40
[  980.645937][T23828]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[  980.651746][T23828]  ? cgroup_file_notify+0x140/0x1b0
[  980.656961][T23828]  memory_max_write+0x262/0x3a0
[  980.661840][T23828]  ? mem_cgroup_write+0x370/0x370
[  980.666899][T23828]  ? lock_acquire+0x190/0x410
[  980.671590][T23828]  ? kernfs_fop_write+0x227/0x480
[  980.676631][T23828]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  980.682209][T23828]  cgroup_file_write+0x241/0x790
[  980.687166][T23828]  ? mem_cgroup_write+0x370/0x370
[  980.692324][T23828]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  980.697986][T23828]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[  980.703634][T23828]  kernfs_fop_write+0x2b8/0x480
[  980.708504][T23828]  __vfs_write+0x8a/0x110
[  980.712938][T23828]  ? kernfs_fop_open+0xd80/0xd80
[  980.717875][T23828]  __kernel_write+0x11b/0x3b0
[  980.722562][T23828]  write_pipe_buf+0x15d/0x1f0
[  980.727275][T23828]  ? do_splice_direct+0x2a0/0x2a0
[  980.732298][T23828]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.738538][T23828]  ? splice_from_pipe_next.part.0+0x262/0x300
[  980.744612][T23828]  __splice_from_pipe+0x397/0x7d0
[  980.749638][T23828]  ? do_splice_direct+0x2a0/0x2a0
[  980.754659][T23828]  ? do_splice_direct+0x2a0/0x2a0
[  980.759679][T23828]  splice_from_pipe+0x108/0x170
[  980.764551][T23828]  ? splice_shrink_spd+0xd0/0xd0
[  980.769496][T23828]  ? security_file_permission+0x8f/0x380
[  980.775127][T23828]  default_file_splice_write+0x3c/0x90
[  980.780577][T23828]  ? generic_splice_sendpage+0x50/0x50
[  980.786036][T23828]  direct_splice_actor+0x123/0x190
[  980.791155][T23828]  splice_direct_to_actor+0x366/0x970
[  980.796531][T23828]  ? generic_pipe_buf_nosteal+0x10/0x10
[  980.802085][T23828]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.808332][T23828]  ? do_splice_to+0x180/0x180
[  980.813010][T23828]  ? rw_verify_area+0x126/0x360
[  980.817861][T23828]  do_splice_direct+0x1da/0x2a0
[  980.822709][T23828]  ? splice_direct_to_actor+0x970/0x970
[  980.828251][T23828]  ? rcu_read_lock_any_held+0xcd/0xf0
[  980.833624][T23828]  ? __this_cpu_preempt_check+0x3a/0x210
[  980.839261][T23828]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.845526][T23828]  ? __sb_start_write+0x1e5/0x460
[  980.850550][T23828]  do_sendfile+0x597/0xd00
[  980.854968][T23828]  ? do_compat_pwritev64+0x1c0/0x1c0
[  980.860265][T23828]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  980.866502][T23828]  ? put_timespec64+0xda/0x140
[  980.871282][T23828]  __x64_sys_sendfile64+0x1dd/0x220
[  980.876480][T23828]  ? __ia32_sys_sendfile+0x230/0x230
[  980.881765][T23828]  ? do_syscall_64+0x26/0x760
[  980.886628][T23828]  ? lockdep_hardirqs_on+0x421/0x5e0
[  980.892023][T23828]  ? trace_hardirqs_on+0x67/0x240
[  980.897044][T23828]  do_syscall_64+0xfa/0x760
[  980.901563][T23828]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  980.907614][T23828] RIP: 0033:0x459f49
[  980.911551][T23828] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  980.931263][T23828] RSP: 002b:00007fd0ab5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  980.939775][T23828] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[  980.947751][T23828] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  980.955722][T23828] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  980.963738][T23828] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fd0ab5e46d4
[  980.971717][T23828] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
10:33:13 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:13 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  980.992295][T23828] memory: usage 1016kB, limit 0kB, failcnt 278
[  981.003590][T23828] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  981.016002][T23828] Memory cgroup stats for /syz2:
[  981.016128][T23828] anon 196608
[  981.016128][T23828] file 167936
[  981.016128][T23828] kernel_stack 65536
[  981.016128][T23828] slab 786432
[  981.016128][T23828] sock 4096
[  981.016128][T23828] shmem 20480
[  981.016128][T23828] file_mapped 135168
[  981.016128][T23828] file_dirty 135168
[  981.016128][T23828] file_writeback 0
[  981.016128][T23828] anon_thp 0
[  981.016128][T23828] inactive_anon 90112
[  981.016128][T23828] active_anon 196608
[  981.016128][T23828] inactive_file 110592
[  981.016128][T23828] active_file 110592
[  981.016128][T23828] unevictable 0
[  981.016128][T23828] slab_reclaimable 405504
[  981.016128][T23828] slab_unreclaimable 380928
[  981.016128][T23828] pgfault 66231
[  981.016128][T23828] pgmajfault 0
[  981.016128][T23828] workingset_refault 0
[  981.016128][T23828] workingset_activate 0
[  981.016128][T23828] workingset_nodereclaim 0
[  981.016128][T23828] pgrefill 20228
[  981.016128][T23828] pgscan 28208
[  981.016128][T23828] pgsteal 3058
[  981.112730][T23828] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23824,uid=0
[  981.128612][T23828] Memory cgroup out of memory: Killed process 23828 (syz-executor.2) total-vm:72984kB, anon-rss:160kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[  981.147255][ T1070] oom_reaper: reaped process 23828 (syz-executor.2), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB
[  981.158714][T23740] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  981.169715][T23740] CPU: 0 PID: 23740 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[  981.177613][T23740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  981.187656][T23740] Call Trace:
[  981.190935][T23740]  dump_stack+0x172/0x1f0
[  981.195251][T23740]  dump_header+0x10b/0x82d
[  981.199648][T23740]  ? oom_kill_process+0x94/0x3f0
[  981.204569][T23740]  oom_kill_process.cold+0x10/0x15
[  981.209674][T23740]  out_of_memory+0x334/0x1340
[  981.214333][T23740]  ? lock_downgrade+0x920/0x920
[  981.219281][T23740]  ? oom_killer_disable+0x280/0x280
[  981.224483][T23740]  mem_cgroup_out_of_memory+0x1d8/0x240
[  981.230013][T23740]  ? memcg_stat_show+0xc40/0xc40
[  981.234937][T23740]  ? do_raw_spin_unlock+0x57/0x270
[  981.240035][T23740]  ? _raw_spin_unlock+0x2d/0x50
[  981.244872][T23740]  try_charge+0xf4b/0x1440
[  981.249298][T23740]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  981.254823][T23740]  ? percpu_ref_tryget_live+0x111/0x290
[  981.260358][T23740]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.266584][T23740]  ? __kasan_check_read+0x11/0x20
[  981.272209][T23740]  ? get_mem_cgroup_from_mm+0x156/0x320
[  981.277755][T23740]  mem_cgroup_try_charge+0x136/0x590
[  981.283028][T23740]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  981.288652][T23740]  wp_page_copy+0x407/0x1860
[  981.293245][T23740]  ? find_held_lock+0x35/0x130
[  981.297992][T23740]  ? do_wp_page+0x53b/0x15c0
[  981.302580][T23740]  ? pmd_devmap_trans_unstable+0x220/0x220
[  981.308371][T23740]  ? lock_downgrade+0x920/0x920
[  981.313206][T23740]  ? swp_swapcount+0x540/0x540
[  981.317952][T23740]  ? __kasan_check_read+0x11/0x20
[  981.322959][T23740]  ? do_raw_spin_unlock+0x57/0x270
[  981.328055][T23740]  do_wp_page+0x543/0x15c0
[  981.332469][T23740]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  981.337848][T23740]  __handle_mm_fault+0x23ec/0x4040
[  981.342947][T23740]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  981.348482][T23740]  ? handle_mm_fault+0x292/0xaa0
[  981.353411][T23740]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.359635][T23740]  ? __kasan_check_read+0x11/0x20
[  981.364645][T23740]  handle_mm_fault+0x3b7/0xaa0
[  981.369411][T23740]  __do_page_fault+0x536/0xdd0
[  981.374163][T23740]  do_page_fault+0x38/0x590
[  981.378652][T23740]  page_fault+0x39/0x40
[  981.382790][T23740] RIP: 0033:0x431026
[  981.386669][T23740] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  981.406253][T23740] RSP: 002b:00007fff04642270 EFLAGS: 00010206
[  981.412301][T23740] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  981.420252][T23740] RDX: 0000000001a97930 RSI: 0000000001a9f970 RDI: 0000000000000003
[  981.428203][T23740] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001a96940
[  981.436153][T23740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  981.444108][T23740] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
10:33:13 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:13 executing program 0:

10:33:13 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xff000000}, 0x0)

10:33:13 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  981.611360][T23740] memory: usage 632kB, limit 0kB, failcnt 571
[  981.623698][T23740] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  981.633529][T23740] Memory cgroup stats for /syz3:
[  981.633648][T23740] anon 122880
[  981.633648][T23740] file 118784
[  981.633648][T23740] kernel_stack 0
[  981.633648][T23740] slab 692224
[  981.633648][T23740] sock 81920
[  981.633648][T23740] shmem 24576
[  981.633648][T23740] file_mapped 0
[  981.633648][T23740] file_dirty 135168
[  981.633648][T23740] file_writeback 0
[  981.633648][T23740] anon_thp 0
[  981.633648][T23740] inactive_anon 0
[  981.633648][T23740] active_anon 122880
[  981.633648][T23740] inactive_file 98304
[  981.633648][T23740] active_file 0
[  981.633648][T23740] unevictable 135168
[  981.633648][T23740] slab_reclaimable 270336
[  981.633648][T23740] slab_unreclaimable 421888
[  981.633648][T23740] pgfault 59631
[  981.633648][T23740] pgmajfault 0
[  981.633648][T23740] workingset_refault 0
[  981.633648][T23740] workingset_activate 0
[  981.633648][T23740] workingset_nodereclaim 0
[  981.633648][T23740] pgrefill 8688
[  981.633648][T23740] pgscan 40193
[  981.633648][T23740] pgsteal 9652
[  981.633648][T23740] pgactivate 11286
[  981.741204][T23740] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23740,uid=0
[  981.765923][T23740] Memory cgroup out of memory: Killed process 23740 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  981.792727][T23746] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  981.793174][ T1070] oom_reaper: reaped process 23740 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[  981.802881][T23746] CPU: 0 PID: 23746 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[  981.821620][T23746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  981.831705][T23746] Call Trace:
[  981.835553][T23746]  dump_stack+0x172/0x1f0
[  981.841489][T23746]  dump_header+0x10b/0x82d
[  981.846907][T23746]  ? oom_kill_process+0x94/0x3f0
[  981.852305][T23746]  oom_kill_process.cold+0x10/0x15
[  981.857422][T23746]  out_of_memory+0x334/0x1340
[  981.857437][T23746]  ? lock_downgrade+0x920/0x920
[  981.857454][T23746]  ? oom_killer_disable+0x280/0x280
[  981.857478][T23746]  mem_cgroup_out_of_memory+0x1d8/0x240
[  981.857491][T23746]  ? memcg_stat_show+0xc40/0xc40
[  981.857509][T23746]  ? do_raw_spin_unlock+0x57/0x270
[  981.857526][T23746]  ? _raw_spin_unlock+0x2d/0x50
[  981.857544][T23746]  try_charge+0xf4b/0x1440
[  981.897224][T23746]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  981.902800][T23746]  ? percpu_ref_tryget_live+0x111/0x290
[  981.908385][T23746]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.914662][T23746]  ? __kasan_check_read+0x11/0x20
[  981.919709][T23746]  ? get_mem_cgroup_from_mm+0x156/0x320
[  981.925275][T23746]  mem_cgroup_try_charge+0x136/0x590
[  981.930622][T23746]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  981.936330][T23746]  wp_page_copy+0x407/0x1860
[  981.940936][T23746]  ? find_held_lock+0x35/0x130
[  981.945717][T23746]  ? do_wp_page+0x53b/0x15c0
[  981.950325][T23746]  ? pmd_devmap_trans_unstable+0x220/0x220
[  981.956151][T23746]  ? lock_downgrade+0x920/0x920
[  981.961050][T23746]  ? swp_swapcount+0x540/0x540
10:33:14 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xffffa200}, 0x0)

[  981.965832][T23746]  ? __kasan_check_read+0x11/0x20
[  981.970869][T23746]  ? do_raw_spin_unlock+0x57/0x270
[  981.976001][T23746]  do_wp_page+0x543/0x15c0
[  981.980438][T23746]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  981.985835][T23746]  __handle_mm_fault+0x23ec/0x4040
[  981.990968][T23746]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  981.996567][T23746]  ? handle_mm_fault+0x292/0xaa0
[  982.001566][T23746]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.007828][T23746]  ? __kasan_check_read+0x11/0x20
[  982.012899][T23746]  handle_mm_fault+0x3b7/0xaa0
[  982.017681][T23746]  __do_page_fault+0x536/0xdd0
[  982.022473][T23746]  do_page_fault+0x38/0x590
[  982.026992][T23746]  page_fault+0x39/0x40
[  982.031161][T23746] RIP: 0033:0x431026
[  982.035073][T23746] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  982.054718][T23746] RSP: 002b:00007fff2be113f0 EFLAGS: 00010206
[  982.060770][T23746] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  982.068964][T23746] RDX: 0000000002374930 RSI: 000000000237c970 RDI: 0000000000000003
[  982.077032][T23746] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000002373940
[  982.085033][T23746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  982.093250][T23746] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  982.102957][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  982.108785][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  982.115832][T23746] memory: usage 636kB, limit 0kB, failcnt 245
[  982.122038][T23746] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  982.129185][T23746] Memory cgroup stats for /syz5:
[  982.130493][T23746] anon 151552
[  982.130493][T23746] file 106496
[  982.130493][T23746] kernel_stack 65536
[  982.130493][T23746] slab 688128
[  982.130493][T23746] sock 0
[  982.130493][T23746] shmem 143360
[  982.130493][T23746] file_mapped 135168
[  982.130493][T23746] file_dirty 0
[  982.130493][T23746] file_writeback 0
[  982.130493][T23746] anon_thp 0
[  982.130493][T23746] inactive_anon 0
[  982.130493][T23746] active_anon 151552
[  982.130493][T23746] inactive_file 53248
[  982.130493][T23746] active_file 45056
[  982.130493][T23746] unevictable 135168
[  982.130493][T23746] slab_reclaimable 270336
[  982.130493][T23746] slab_unreclaimable 417792
[  982.130493][T23746] pgfault 55506
[  982.130493][T23746] pgmajfault 0
[  982.130493][T23746] workingset_refault 0
[  982.130493][T23746] workingset_activate 0
[  982.130493][T23746] workingset_nodereclaim 0
[  982.130493][T23746] pgrefill 11872
[  982.130493][T23746] pgscan 29652
[  982.130493][T23746] pgsteal 8856
[  982.229930][T23746] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23746,uid=0
[  982.245479][T23746] Memory cgroup out of memory: Killed process 23746 (syz-executor.5) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  982.264967][ T1070] oom_reaper: reaped process 23746 (syz-executor.5), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[  982.265057][T23744] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  982.286063][T23744] CPU: 0 PID: 23744 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[  982.293991][T23744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  982.304067][T23744] Call Trace:
[  982.307368][T23744]  dump_stack+0x172/0x1f0
[  982.311714][T23744]  dump_header+0x10b/0x82d
[  982.316148][T23744]  ? oom_kill_process+0x94/0x3f0
[  982.321088][T23744]  oom_kill_process.cold+0x10/0x15
[  982.326198][T23744]  out_of_memory+0x334/0x1340
[  982.330861][T23744]  ? lock_downgrade+0x920/0x920
[  982.335703][T23744]  ? oom_killer_disable+0x280/0x280
[  982.341351][T23744]  mem_cgroup_out_of_memory+0x1d8/0x240
[  982.346890][T23744]  ? memcg_stat_show+0xc40/0xc40
[  982.351815][T23744]  ? do_raw_spin_unlock+0x57/0x270
[  982.356916][T23744]  ? _raw_spin_unlock+0x2d/0x50
[  982.361768][T23744]  try_charge+0xf4b/0x1440
[  982.366189][T23744]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  982.371716][T23744]  ? percpu_ref_tryget_live+0x111/0x290
[  982.377256][T23744]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.383493][T23744]  ? __kasan_check_read+0x11/0x20
[  982.388526][T23744]  ? get_mem_cgroup_from_mm+0x156/0x320
[  982.394069][T23744]  mem_cgroup_try_charge+0x136/0x590
[  982.399353][T23744]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  982.404983][T23744]  wp_page_copy+0x407/0x1860
[  982.409569][T23744]  ? find_held_lock+0x35/0x130
[  982.414316][T23744]  ? do_wp_page+0x53b/0x15c0
[  982.418900][T23744]  ? pmd_devmap_trans_unstable+0x220/0x220
[  982.424709][T23744]  ? lock_downgrade+0x920/0x920
[  982.429556][T23744]  ? swp_swapcount+0x540/0x540
[  982.434302][T23744]  ? __kasan_check_read+0x11/0x20
[  982.439331][T23744]  ? do_raw_spin_unlock+0x57/0x270
[  982.444435][T23744]  do_wp_page+0x543/0x15c0
[  982.448852][T23744]  ? finish_mkwrite_fault+0x6a0/0x6a0
[  982.454234][T23744]  __handle_mm_fault+0x23ec/0x4040
[  982.459354][T23744]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  982.464903][T23744]  ? handle_mm_fault+0x292/0xaa0
[  982.469840][T23744]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.476073][T23744]  ? __kasan_check_read+0x11/0x20
[  982.481096][T23744]  handle_mm_fault+0x3b7/0xaa0
[  982.485858][T23744]  __do_page_fault+0x536/0xdd0
[  982.490611][T23744]  do_page_fault+0x38/0x590
[  982.495164][T23744]  page_fault+0x39/0x40
[  982.499367][T23744] RIP: 0033:0x431026
[  982.503275][T23744] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[  982.522897][T23744] RSP: 002b:00007ffe242062c0 EFLAGS: 00010206
[  982.528977][T23744] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[  982.536941][T23744] RDX: 0000000002252930 RSI: 000000000225a970 RDI: 0000000000000003
[  982.544912][T23744] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000002251940
[  982.552871][T23744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[  982.560840][T23744] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[  982.570330][T23744] memory: usage 732kB, limit 0kB, failcnt 286
[  982.576429][T23744] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  982.583376][T23744] Memory cgroup stats for /syz2:
[  982.583474][T23744] anon 61440
[  982.583474][T23744] file 167936
[  982.583474][T23744] kernel_stack 65536
[  982.583474][T23744] slab 786432
[  982.583474][T23744] sock 4096
[  982.583474][T23744] shmem 20480
[  982.583474][T23744] file_mapped 135168
[  982.583474][T23744] file_dirty 135168
[  982.583474][T23744] file_writeback 0
[  982.583474][T23744] anon_thp 0
[  982.583474][T23744] inactive_anon 90112
[  982.583474][T23744] active_anon 61440
[  982.583474][T23744] inactive_file 110592
[  982.583474][T23744] active_file 110592
[  982.583474][T23744] unevictable 0
[  982.583474][T23744] slab_reclaimable 405504
[  982.583474][T23744] slab_unreclaimable 380928
[  982.583474][T23744] pgfault 66231
[  982.583474][T23744] pgmajfault 0
[  982.583474][T23744] workingset_refault 0
[  982.583474][T23744] workingset_activate 0
[  982.583474][T23744] workingset_nodereclaim 0
[  982.583474][T23744] pgrefill 20228
[  982.583474][T23744] pgscan 28208
[  982.583474][T23744] pgsteal 3058
[  982.687694][T23744] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23744,uid=0
[  982.727562][T23744] Memory cgroup out of memory: Killed process 23744 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[  982.768168][ T1070] oom_reaper: reaped process 23744 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
10:33:15 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xffffa888}, 0x0)

[  983.027565][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  983.033379][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  983.039263][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  983.045043][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  983.202622][T23845] IPVS: ftp: loaded support on port[0] = 21
10:33:15 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:15 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:15 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  983.470283][T23851] IPVS: ftp: loaded support on port[0] = 21
[  983.507565][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  983.513402][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:33:15 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={0x0, 0x76, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f30212f71ce09efa136f9dbc953f7976c21ce538fa2c3fef75245899782f45d2ab688ef6914d328de4efe51665dfda8741ba21aa850120b54600bf32"}, &(0x7f0000000180)=0x7e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[  983.519286][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  983.525058][    C0] protocol 88fb is buggy, dev hsr_slave_1
10:33:16 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xffffca88}, 0x0)

[  983.921237][T23851] chnl_net:caif_netlink_parms(): no params data found
[  983.956029][T23845] chnl_net:caif_netlink_parms(): no params data found
[  983.980557][T23851] bridge0: port 1(bridge_slave_0) entered blocking state
[  983.990055][T23851] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.998206][T23851] device bridge_slave_0 entered promiscuous mode
[  984.021372][T23851] bridge0: port 2(bridge_slave_1) entered blocking state
[  984.028694][T23851] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.036655][T23851] device bridge_slave_1 entered promiscuous mode
[  984.065928][T23845] bridge0: port 1(bridge_slave_0) entered blocking state
[  984.074551][T23845] bridge0: port 1(bridge_slave_0) entered disabled state
[  984.082919][T23845] device bridge_slave_0 entered promiscuous mode
[  984.092935][T23851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  985.390510][T23845] bridge0: port 2(bridge_slave_1) entered blocking state
[  985.400461][T23845] bridge0: port 2(bridge_slave_1) entered disabled state
[  985.408559][T23845] device bridge_slave_1 entered promiscuous mode
[  985.417222][T23851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  985.435046][T23860] IPVS: ftp: loaded support on port[0] = 21
[  985.457160][T23851] team0: Port device team_slave_0 added
[  985.488164][T23851] team0: Port device team_slave_1 added
[  985.495578][T23845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  986.139216][T23845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  986.181507][T23851] device hsr_slave_0 entered promiscuous mode
[  986.238039][T23851] device hsr_slave_1 entered promiscuous mode
[  986.307664][T23851] debugfs: Directory 'hsr0' with parent '/' already present!
[  986.966080][T23845] team0: Port device team_slave_0 added
[  986.977002][T23845] team0: Port device team_slave_1 added
[  987.720859][T23845] device hsr_slave_0 entered promiscuous mode
[  987.767918][T23845] device hsr_slave_1 entered promiscuous mode
[  987.817678][T23845] debugfs: Directory 'hsr0' with parent '/' already present!
[  988.462455][T23860] chnl_net:caif_netlink_parms(): no params data found
[  989.144109][T23851] 8021q: adding VLAN 0 to HW filter on device bond0
[  989.823591][T23860] bridge0: port 1(bridge_slave_0) entered blocking state
[  989.831398][T23860] bridge0: port 1(bridge_slave_0) entered disabled state
[  989.839973][T23860] device bridge_slave_0 entered promiscuous mode
[  989.847406][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  989.856970][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  989.867447][T23851] 8021q: adding VLAN 0 to HW filter on device team0
[  989.875569][T23860] bridge0: port 2(bridge_slave_1) entered blocking state
[  989.882978][T23860] bridge0: port 2(bridge_slave_1) entered disabled state
[  989.891171][T23860] device bridge_slave_1 entered promiscuous mode
[  990.557068][T23860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  990.570462][T23860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  990.581301][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  990.590356][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  990.598880][T20281] bridge0: port 1(bridge_slave_0) entered blocking state
[  990.605924][T20281] bridge0: port 1(bridge_slave_0) entered forwarding state
[  991.258983][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  991.267044][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  991.277368][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  991.287337][T20281] bridge0: port 2(bridge_slave_1) entered blocking state
[  991.294462][T20281] bridge0: port 2(bridge_slave_1) entered forwarding state
[  991.321338][T23860] team0: Port device team_slave_0 added
[  991.328548][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  991.339733][T11615] device bridge_slave_1 left promiscuous mode
[  991.345910][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.368330][T11615] device bridge_slave_0 left promiscuous mode
[  991.374496][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.419073][T11615] device bridge_slave_1 left promiscuous mode
[  991.425431][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.489574][T11615] device bridge_slave_0 left promiscuous mode
[  991.495759][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.559913][T11615] device bridge_slave_1 left promiscuous mode
[  991.566146][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.608452][T11615] device bridge_slave_0 left promiscuous mode
[  991.614661][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.659721][T11615] device bridge_slave_1 left promiscuous mode
[  991.665957][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.708919][T11615] device bridge_slave_0 left promiscuous mode
[  991.715114][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.750917][T11615] device bridge_slave_1 left promiscuous mode
[  991.757127][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.818916][T11615] device bridge_slave_0 left promiscuous mode
[  991.825145][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.879892][T11615] device bridge_slave_1 left promiscuous mode
[  991.886121][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.938749][T11615] device bridge_slave_0 left promiscuous mode
[  991.944989][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.979677][T11615] device bridge_slave_1 left promiscuous mode
[  991.985908][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  992.028846][T11615] device bridge_slave_0 left promiscuous mode
[  992.035028][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[  992.089583][T11615] device bridge_slave_1 left promiscuous mode
[  992.095760][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[  992.148718][T11615] device bridge_slave_0 left promiscuous mode
[  992.154966][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1009.428348][T11615] device hsr_slave_0 left promiscuous mode
[ 1009.487798][T11615] device hsr_slave_1 left promiscuous mode
[ 1009.542457][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1009.559753][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1009.572639][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1009.614550][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1009.713278][T11615] bond0 (unregistering): Released all slaves
[ 1009.848283][T11615] device hsr_slave_0 left promiscuous mode
[ 1009.887748][T11615] device hsr_slave_1 left promiscuous mode
[ 1009.935919][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1009.952366][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1009.969727][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1010.004336][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1010.107365][T11615] bond0 (unregistering): Released all slaves
[ 1010.248510][T11615] device hsr_slave_0 left promiscuous mode
[ 1010.287816][T11615] device hsr_slave_1 left promiscuous mode
[ 1010.342165][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1010.355805][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1010.369109][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1010.415515][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1010.520833][T11615] bond0 (unregistering): Released all slaves
[ 1010.658576][T11615] device hsr_slave_0 left promiscuous mode
[ 1010.703951][T11615] device hsr_slave_1 left promiscuous mode
[ 1010.745534][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1010.761343][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1010.775257][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1010.824468][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1010.905736][T11615] bond0 (unregistering): Released all slaves
[ 1011.068536][T11615] device hsr_slave_0 left promiscuous mode
[ 1011.107759][T11615] device hsr_slave_1 left promiscuous mode
[ 1011.162051][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1011.175477][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1011.188035][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1011.214842][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1011.313242][T11615] bond0 (unregistering): Released all slaves
[ 1011.448227][T11615] device hsr_slave_0 left promiscuous mode
[ 1011.497795][T11615] device hsr_slave_1 left promiscuous mode
[ 1011.553255][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1011.566710][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1011.579060][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1011.633587][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1011.730201][T11615] bond0 (unregistering): Released all slaves
[ 1011.868547][T11615] device hsr_slave_0 left promiscuous mode
[ 1011.907888][T11615] device hsr_slave_1 left promiscuous mode
[ 1011.992947][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1012.006932][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1012.019866][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1012.053711][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1012.145008][T11615] bond0 (unregistering): Released all slaves
[ 1012.358477][T11615] device hsr_slave_0 left promiscuous mode
[ 1012.417780][T11615] device hsr_slave_1 left promiscuous mode
[ 1012.471950][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1012.485657][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1012.499012][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1012.544481][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1012.643728][T11615] bond0 (unregistering): Released all slaves
[ 1012.744388][T23845] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1012.754236][T23860] team0: Port device team_slave_1 added
[ 1012.774076][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1012.829455][T23860] device hsr_slave_0 entered promiscuous mode
[ 1012.898017][T23860] device hsr_slave_1 entered promiscuous mode
[ 1012.938106][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1012.946895][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1012.955959][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1012.964762][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1012.974065][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1012.993769][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1013.002425][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1013.011466][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1013.020345][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1013.037436][T23845] 8021q: adding VLAN 0 to HW filter on device team0
[ 1013.046120][T23851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1013.055708][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1013.064035][T14293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1013.091163][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1013.103939][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1013.113249][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1013.120372][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1013.129299][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1013.154606][T23851] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1013.164023][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1013.175428][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1013.196931][T20281] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1013.204039][T20281] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1013.213222][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1013.221936][T20281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.250707][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.260176][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.269768][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1013.280998][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1013.290308][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1013.299305][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1013.313796][T23845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1013.326204][T23845] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1013.336887][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.344769][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1013.353720][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1013.383243][T23860] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1013.431043][T23845] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1013.453670][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1013.473068][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1013.491491][T23860] 8021q: adding VLAN 0 to HW filter on device team0
[ 1013.507011][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1013.518070][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1013.526539][T14991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1013.533648][T14991] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1013.542520][T14991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1013.557977][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1013.566628][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1013.575785][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1013.582984][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1013.590891][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1013.600278][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1013.626607][T23860] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1013.637453][T23860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1013.651090][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1013.672544][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1013.681739][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1013.692054][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1013.702281][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1013.711496][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1013.721196][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1013.729147][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1013.754074][T23860] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1013.946595][T23876] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1013.956986][T23876] CPU: 0 PID: 23876 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[ 1013.964881][T23876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1013.974923][T23876] Call Trace:
[ 1013.978204][T23876]  dump_stack+0x172/0x1f0
[ 1013.982520][T23876]  dump_header+0x10b/0x82d
[ 1013.986921][T23876]  oom_kill_process.cold+0x10/0x15
[ 1013.992036][T23876]  out_of_memory+0x334/0x1340
[ 1013.996720][T23876]  ? __sched_text_start+0x8/0x8
[ 1014.001561][T23876]  ? oom_killer_disable+0x280/0x280
[ 1014.006749][T23876]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1014.012285][T23876]  ? memcg_stat_show+0xc40/0xc40
[ 1014.017208][T23876]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1014.023174][T23876]  ? cgroup_file_notify+0x140/0x1b0
[ 1014.028368][T23876]  memory_max_write+0x262/0x3a0
[ 1014.033220][T23876]  ? mem_cgroup_write+0x370/0x370
[ 1014.038237][T23876]  ? lock_acquire+0x190/0x410
[ 1014.042899][T23876]  ? kernfs_fop_write+0x227/0x480
[ 1014.047915][T23876]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1014.053455][T23876]  cgroup_file_write+0x241/0x790
[ 1014.058377][T23876]  ? mem_cgroup_write+0x370/0x370
[ 1014.063394][T23876]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1014.069011][T23876]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1014.074625][T23876]  kernfs_fop_write+0x2b8/0x480
[ 1014.079461][T23876]  __vfs_write+0x8a/0x110
[ 1014.083782][T23876]  ? kernfs_fop_open+0xd80/0xd80
[ 1014.088711][T23876]  __kernel_write+0x11b/0x3b0
[ 1014.093399][T23876]  write_pipe_buf+0x15d/0x1f0
[ 1014.098056][T23876]  ? do_splice_direct+0x2a0/0x2a0
[ 1014.103062][T23876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.109281][T23876]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1014.115350][T23876]  __splice_from_pipe+0x397/0x7d0
[ 1014.120370][T23876]  ? do_splice_direct+0x2a0/0x2a0
[ 1014.125463][T23876]  ? do_splice_direct+0x2a0/0x2a0
[ 1014.130547][T23876]  splice_from_pipe+0x108/0x170
[ 1014.135393][T23876]  ? splice_shrink_spd+0xd0/0xd0
[ 1014.140323][T23876]  ? security_file_permission+0x8f/0x380
[ 1014.145963][T23876]  default_file_splice_write+0x3c/0x90
[ 1014.151406][T23876]  ? generic_splice_sendpage+0x50/0x50
[ 1014.156859][T23876]  direct_splice_actor+0x123/0x190
[ 1014.161966][T23876]  splice_direct_to_actor+0x366/0x970
[ 1014.167325][T23876]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1014.172857][T23876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.179080][T23876]  ? do_splice_to+0x180/0x180
[ 1014.183748][T23876]  ? rw_verify_area+0x126/0x360
[ 1014.188603][T23876]  do_splice_direct+0x1da/0x2a0
[ 1014.193436][T23876]  ? splice_direct_to_actor+0x970/0x970
[ 1014.198964][T23876]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1014.204320][T23876]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1014.209970][T23876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.216218][T23876]  ? __sb_start_write+0x1e5/0x460
[ 1014.221240][T23876]  do_sendfile+0x597/0xd00
[ 1014.225739][T23876]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1014.231012][T23876]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1014.237239][T23876]  ? put_timespec64+0xda/0x140
[ 1014.242293][T23876]  __x64_sys_sendfile64+0x1dd/0x220
[ 1014.247512][T23876]  ? __ia32_sys_sendfile+0x230/0x230
[ 1014.252803][T23876]  ? do_syscall_64+0x26/0x760
[ 1014.257487][T23876]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1014.262768][T23876]  ? trace_hardirqs_on+0x67/0x240
[ 1014.267788][T23876]  do_syscall_64+0xfa/0x760
[ 1014.272291][T23876]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1014.278176][T23876] RIP: 0033:0x459f49
[ 1014.282053][T23876] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1014.301637][T23876] RSP: 002b:00007fd07013ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1014.310041][T23876] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1014.318015][T23876] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1014.325969][T23876] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1014.333921][T23876] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fd07013b6d4
[ 1014.341883][T23876] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1014.351405][T23876] memory: usage 1300kB, limit 0kB, failcnt 258
[ 1014.358734][T23876] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1014.365692][T23876] Memory cgroup stats for /syz4:
[ 1014.365830][T23876] anon 122880
[ 1014.365830][T23876] file 61440
[ 1014.365830][T23876] kernel_stack 65536
[ 1014.365830][T23876] slab 962560
[ 1014.365830][T23876] sock 0
[ 1014.365830][T23876] shmem 0
[ 1014.365830][T23876] file_mapped 0
[ 1014.365830][T23876] file_dirty 135168
[ 1014.365830][T23876] file_writeback 0
[ 1014.365830][T23876] anon_thp 0
[ 1014.365830][T23876] inactive_anon 135168
[ 1014.365830][T23876] active_anon 122880
[ 1014.365830][T23876] inactive_file 237568
[ 1014.365830][T23876] active_file 122880
[ 1014.365830][T23876] unevictable 0
[ 1014.365830][T23876] slab_reclaimable 540672
[ 1014.365830][T23876] slab_unreclaimable 421888
[ 1014.365830][T23876] pgfault 49731
[ 1014.365830][T23876] pgmajfault 0
[ 1014.365830][T23876] workingset_refault 0
[ 1014.365830][T23876] workingset_activate 0
[ 1014.365830][T23876] workingset_nodereclaim 0
[ 1014.365830][T23876] pgrefill 13946
[ 1014.365830][T23876] pgscan 36577
[ 1014.365830][T23876] pgsteal 10501
[ 1014.458943][T23876] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23845,uid=0
[ 1014.474515][T23876] Memory cgroup out of memory: Killed process 23845 (syz-executor.4) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[ 1014.495239][T23876] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1014.495762][ T1070] oom_reaper: reaped process 23845 (syz-executor.4), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[ 1014.505536][T23876] CPU: 0 PID: 23876 Comm: syz-executor.4 Not tainted 5.4.0-rc3+ #0
[ 1014.505545][T23876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1014.505550][T23876] Call Trace:
[ 1014.505571][T23876]  dump_stack+0x172/0x1f0
[ 1014.505592][T23876]  dump_header+0x10b/0x82d
[ 1014.546537][T23876]  oom_kill_process.cold+0x10/0x15
[ 1014.551672][T23876]  out_of_memory+0x334/0x1340
[ 1014.556341][T23876]  ? __sched_text_start+0x8/0x8
[ 1014.561196][T23876]  ? oom_killer_disable+0x280/0x280
[ 1014.566415][T23876]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1014.571969][T23876]  ? memcg_stat_show+0xc40/0xc40
[ 1014.576915][T23876]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1014.582727][T23876]  ? cgroup_file_notify+0x140/0x1b0
[ 1014.587971][T23876]  memory_max_write+0x262/0x3a0
[ 1014.592830][T23876]  ? mem_cgroup_write+0x370/0x370
[ 1014.597862][T23876]  ? lock_acquire+0x190/0x410
[ 1014.602546][T23876]  ? kernfs_fop_write+0x227/0x480
[ 1014.607563][T23876]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1014.613105][T23876]  cgroup_file_write+0x241/0x790
[ 1014.618034][T23876]  ? mem_cgroup_write+0x370/0x370
[ 1014.623052][T23876]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1014.628678][T23876]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1014.634309][T23876]  kernfs_fop_write+0x2b8/0x480
[ 1014.639152][T23876]  __vfs_write+0x8a/0x110
[ 1014.643467][T23876]  ? kernfs_fop_open+0xd80/0xd80
[ 1014.648434][T23876]  __kernel_write+0x11b/0x3b0
[ 1014.653101][T23876]  write_pipe_buf+0x15d/0x1f0
[ 1014.657767][T23876]  ? do_splice_direct+0x2a0/0x2a0
[ 1014.662780][T23876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.669028][T23876]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1014.675085][T23876]  __splice_from_pipe+0x397/0x7d0
[ 1014.680095][T23876]  ? do_splice_direct+0x2a0/0x2a0
[ 1014.685113][T23876]  ? do_splice_direct+0x2a0/0x2a0
[ 1014.690124][T23876]  splice_from_pipe+0x108/0x170
[ 1014.694975][T23876]  ? splice_shrink_spd+0xd0/0xd0
[ 1014.699907][T23876]  ? security_file_permission+0x8f/0x380
[ 1014.705530][T23876]  default_file_splice_write+0x3c/0x90
[ 1014.710984][T23876]  ? generic_splice_sendpage+0x50/0x50
[ 1014.716435][T23876]  direct_splice_actor+0x123/0x190
[ 1014.721538][T23876]  splice_direct_to_actor+0x366/0x970
[ 1014.726918][T23876]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1014.732488][T23876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.738740][T23876]  ? do_splice_to+0x180/0x180
[ 1014.743437][T23876]  ? rw_verify_area+0x126/0x360
[ 1014.748298][T23876]  do_splice_direct+0x1da/0x2a0
[ 1014.753164][T23876]  ? splice_direct_to_actor+0x970/0x970
[ 1014.758719][T23876]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1014.764097][T23876]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1014.769723][T23876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.775973][T23876]  ? __sb_start_write+0x1e5/0x460
[ 1014.780982][T23876]  do_sendfile+0x597/0xd00
[ 1014.785391][T23876]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1014.790684][T23876]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1014.796942][T23876]  ? put_timespec64+0xda/0x140
[ 1014.801708][T23876]  __x64_sys_sendfile64+0x1dd/0x220
[ 1014.806896][T23876]  ? __ia32_sys_sendfile+0x230/0x230
[ 1014.812173][T23876]  ? do_syscall_64+0x26/0x760
[ 1014.816836][T23876]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1014.822108][T23876]  ? trace_hardirqs_on+0x67/0x240
[ 1014.827120][T23876]  do_syscall_64+0xfa/0x760
[ 1014.831613][T23876]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1014.837487][T23876] RIP: 0033:0x459f49
[ 1014.841371][T23876] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1014.860963][T23876] RSP: 002b:00007fd07013ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1014.869366][T23876] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1014.877323][T23876] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1014.885274][T23876] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1014.893226][T23876] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fd07013b6d4
[ 1014.901179][T23876] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1014.913154][T23876] memory: usage 1176kB, limit 0kB, failcnt 258
[ 1014.919519][T23876] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1014.926366][T23876] Memory cgroup stats for /syz4:
[ 1014.926500][T23876] anon 122880
[ 1014.926500][T23876] file 61440
[ 1014.926500][T23876] kernel_stack 0
[ 1014.926500][T23876] slab 962560
[ 1014.926500][T23876] sock 0
[ 1014.926500][T23876] shmem 0
[ 1014.926500][T23876] file_mapped 0
[ 1014.926500][T23876] file_dirty 135168
[ 1014.926500][T23876] file_writeback 0
[ 1014.926500][T23876] anon_thp 0
[ 1014.926500][T23876] inactive_anon 135168
[ 1014.926500][T23876] active_anon 122880
[ 1014.926500][T23876] inactive_file 237568
[ 1014.926500][T23876] active_file 122880
[ 1014.926500][T23876] unevictable 0
[ 1014.926500][T23876] slab_reclaimable 540672
[ 1014.926500][T23876] slab_unreclaimable 421888
[ 1014.926500][T23876] pgfault 49731
[ 1014.926500][T23876] pgmajfault 0
[ 1014.926500][T23876] workingset_refault 0
[ 1014.926500][T23876] workingset_activate 0
[ 1014.926500][T23876] workingset_nodereclaim 0
[ 1014.926500][T23876] pgrefill 13946
[ 1014.926500][T23876] pgscan 36577
[ 1014.926500][T23876] pgsteal 10501
[ 1014.926500][T23876] pgactivate 19008
[ 1015.023006][T23876] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=23873,uid=0
[ 1015.038552][T23876] Memory cgroup out of memory: Killed process 23876 (syz-executor.4) total-vm:72852kB, anon-rss:156kB, file-rss:35940kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000
[ 1015.057187][ T1070] oom_reaper: reaped process 23876 (syz-executor.4), now anon-rss:0kB, file-rss:34980kB, shmem-rss:0kB
[ 1015.057277][T23860] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1015.082802][T23860] CPU: 0 PID: 23860 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[ 1015.090725][T23860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1015.100783][T23860] Call Trace:
[ 1015.104059][T23860]  dump_stack+0x172/0x1f0
[ 1015.108369][T23860]  dump_header+0x10b/0x82d
[ 1015.112761][T23860]  ? oom_kill_process+0x94/0x3f0
[ 1015.117676][T23860]  oom_kill_process.cold+0x10/0x15
[ 1015.122765][T23860]  out_of_memory+0x334/0x1340
[ 1015.127427][T23860]  ? lock_downgrade+0x920/0x920
[ 1015.132261][T23860]  ? oom_killer_disable+0x280/0x280
[ 1015.137479][T23860]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1015.143008][T23860]  ? memcg_stat_show+0xc40/0xc40
[ 1015.147926][T23860]  ? do_raw_spin_unlock+0x57/0x270
[ 1015.153015][T23860]  ? _raw_spin_unlock+0x2d/0x50
[ 1015.157847][T23860]  try_charge+0xf4b/0x1440
[ 1015.162245][T23860]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1015.167783][T23860]  ? percpu_ref_tryget_live+0x111/0x290
[ 1015.173328][T23860]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1015.179596][T23860]  ? __kasan_check_read+0x11/0x20
[ 1015.184603][T23860]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1015.190168][T23860]  mem_cgroup_try_charge+0x136/0x590
[ 1015.195441][T23860]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1015.201068][T23860]  wp_page_copy+0x407/0x1860
[ 1015.205640][T23860]  ? find_held_lock+0x35/0x130
[ 1015.210508][T23860]  ? do_wp_page+0x53b/0x15c0
[ 1015.215377][T23860]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1015.221165][T23860]  ? lock_downgrade+0x920/0x920
[ 1015.225995][T23860]  ? swp_swapcount+0x540/0x540
[ 1015.230750][T23860]  ? __kasan_check_read+0x11/0x20
[ 1015.235749][T23860]  ? do_raw_spin_unlock+0x57/0x270
[ 1015.240839][T23860]  do_wp_page+0x543/0x15c0
[ 1015.245234][T23860]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1015.250590][T23860]  __handle_mm_fault+0x23ec/0x4040
[ 1015.255682][T23860]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1015.261204][T23860]  ? handle_mm_fault+0x292/0xaa0
[ 1015.266149][T23860]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1015.272368][T23860]  ? __kasan_check_read+0x11/0x20
[ 1015.277373][T23860]  handle_mm_fault+0x3b7/0xaa0
[ 1015.282117][T23860]  __do_page_fault+0x536/0xdd0
[ 1015.286860][T23860]  do_page_fault+0x38/0x590
[ 1015.291430][T23860]  page_fault+0x39/0x40
[ 1015.295571][T23860] RIP: 0033:0x431026
[ 1015.299454][T23860] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[ 1015.319033][T23860] RSP: 002b:00007ffca68702d0 EFLAGS: 00010206
[ 1015.325073][T23860] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[ 1015.333020][T23860] RDX: 0000000000e7a930 RSI: 0000000000e82970 RDI: 0000000000000003
[ 1015.340980][T23860] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000e79940
[ 1015.348928][T23860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[ 1015.356880][T23860] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[ 1015.365657][T23860] memory: usage 568kB, limit 0kB, failcnt 580
[ 1015.371831][T23860] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1015.378718][T23860] Memory cgroup stats for /syz3:
[ 1015.378818][T23860] anon 122880
[ 1015.378818][T23860] file 118784
[ 1015.378818][T23860] kernel_stack 0
[ 1015.378818][T23860] slab 692224
[ 1015.378818][T23860] sock 81920
[ 1015.378818][T23860] shmem 24576
[ 1015.378818][T23860] file_mapped 0
[ 1015.378818][T23860] file_dirty 135168
[ 1015.378818][T23860] file_writeback 0
[ 1015.378818][T23860] anon_thp 0
[ 1015.378818][T23860] inactive_anon 0
[ 1015.378818][T23860] active_anon 40960
[ 1015.378818][T23860] inactive_file 98304
[ 1015.378818][T23860] active_file 0
[ 1015.378818][T23860] unevictable 135168
[ 1015.378818][T23860] slab_reclaimable 270336
[ 1015.378818][T23860] slab_unreclaimable 421888
[ 1015.378818][T23860] pgfault 59697
[ 1015.378818][T23860] pgmajfault 0
[ 1015.378818][T23860] workingset_refault 0
[ 1015.378818][T23860] workingset_activate 0
[ 1015.378818][T23860] workingset_nodereclaim 0
[ 1015.378818][T23860] pgrefill 8688
[ 1015.378818][T23860] pgscan 40193
[ 1015.378818][T23860] pgsteal 9652
[ 1015.378818][T23860] pgactivate 11286
[ 1015.475603][T23860] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23860,uid=0
[ 1015.491139][T23860] Memory cgroup out of memory: Killed process 23860 (syz-executor.3) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[ 1015.509335][ T1070] oom_reaper: reaped process 23860 (syz-executor.3), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
10:33:48 executing program 4:

10:33:48 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:48 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:48 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xffffdd86}, 0x0)

10:33:48 executing program 0:

10:33:48 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3}, &(0x7f0000000180)=0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:48 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3}, &(0x7f0000000180)=0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:48 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0800b5055e0bcfe87b2071")
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x38, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[@dstopts={0x0, 0x2}], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

10:33:48 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1, 0x0, 0x0, 0xffffff7f}, 0x0)

10:33:48 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3}, &(0x7f0000000180)=0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:33:48 executing program 4:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$inet_buf(r0, 0x0, 0x20, &(0x7f0000000000)="7b0e5fdda6df71b793073182", 0xc)

10:33:48 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0800b5055e0bcfe87b2071")
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x38, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[@dstopts={0x0, 0x2}], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

[ 1016.547640][    C1] protocol 88fb is buggy, dev hsr_slave_0
[ 1016.553508][    C1] protocol 88fb is buggy, dev hsr_slave_1
10:33:49 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0800b5055e0bcfe87b2071")
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x38, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[@dstopts={0x0, 0x2}], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

[ 1017.676662][T23909] IPVS: ftp: loaded support on port[0] = 21
[ 1017.815848][T23909] chnl_net:caif_netlink_parms(): no params data found
[ 1017.855533][T23909] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1017.862841][T23909] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1017.870914][T23909] device bridge_slave_0 entered promiscuous mode
[ 1017.879237][T23909] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1017.886341][T23909] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1017.894450][T23909] device bridge_slave_1 entered promiscuous mode
[ 1017.929741][T23909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1017.942045][T23909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1018.023022][T23909] team0: Port device team_slave_0 added
[ 1018.049602][T23909] team0: Port device team_slave_1 added
[ 1018.165860][T23909] device hsr_slave_0 entered promiscuous mode
[ 1018.202389][T23909] device hsr_slave_1 entered promiscuous mode
[ 1018.247598][T23909] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1018.264265][T23915] IPVS: ftp: loaded support on port[0] = 21
[ 1018.277028][T23916] IPVS: ftp: loaded support on port[0] = 21
[ 1018.294192][T23914] IPVS: ftp: loaded support on port[0] = 21
[ 1018.523400][T23914] chnl_net:caif_netlink_parms(): no params data found
[ 1018.559545][T23909] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1018.636041][T23909] 8021q: adding VLAN 0 to HW filter on device team0
[ 1018.698561][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1018.710231][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1018.718212][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1018.748486][T23914] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1018.755570][T23914] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1018.764191][T23914] device bridge_slave_0 entered promiscuous mode
[ 1018.774654][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1018.784270][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1018.792982][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1018.800096][ T8841] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1018.808692][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1018.817420][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1018.825899][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1018.833004][ T8841] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1018.840782][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1018.867287][T23914] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1018.875525][T23914] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1018.891028][T23914] device bridge_slave_1 entered promiscuous mode
[ 1018.914459][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1018.926681][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1018.945897][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1018.965921][T23916] chnl_net:caif_netlink_parms(): no params data found
[ 1018.997011][T23915] chnl_net:caif_netlink_parms(): no params data found
[ 1019.014958][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1019.023679][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1019.040337][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1019.049371][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1019.058048][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1019.068976][T23914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1019.085539][T23914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1019.112094][T23909] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1019.156740][T23914] team0: Port device team_slave_0 added
[ 1019.172956][T23915] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1019.180358][T23915] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1019.189318][T23915] device bridge_slave_0 entered promiscuous mode
[ 1019.197858][T23914] team0: Port device team_slave_1 added
[ 1019.203642][T23915] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1019.211252][T23915] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1019.219300][T23915] device bridge_slave_1 entered promiscuous mode
[ 1019.232593][T23916] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1019.239983][T23916] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1019.252877][T23916] device bridge_slave_0 entered promiscuous mode
[ 1019.261935][T23916] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1019.269877][T23916] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1019.277738][T23916] device bridge_slave_1 entered promiscuous mode
[ 1019.316356][T23909] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1019.339622][T23916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1019.351759][T23915] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1019.364693][T23915] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1019.390800][T23916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1019.439488][T23914] device hsr_slave_0 entered promiscuous mode
[ 1019.493642][T23914] device hsr_slave_1 entered promiscuous mode
[ 1019.528077][T23914] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1019.544125][T23915] team0: Port device team_slave_0 added
[ 1019.552120][T23915] team0: Port device team_slave_1 added
[ 1019.559983][T23916] team0: Port device team_slave_0 added
[ 1019.574214][T23916] team0: Port device team_slave_1 added
[ 1019.690529][T23915] device hsr_slave_0 entered promiscuous mode
[ 1019.727860][T23915] device hsr_slave_1 entered promiscuous mode
[ 1019.748426][T23915] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1019.764221][T23930] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1019.782981][T23930] CPU: 0 PID: 23930 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[ 1019.790909][T23930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1019.800967][T23930] Call Trace:
[ 1019.804253][T23930]  dump_stack+0x172/0x1f0
[ 1019.808573][T23930]  dump_header+0x10b/0x82d
[ 1019.812987][T23930]  oom_kill_process.cold+0x10/0x15
[ 1019.818083][T23930]  out_of_memory+0x334/0x1340
[ 1019.822748][T23930]  ? __sched_text_start+0x8/0x8
[ 1019.827588][T23930]  ? oom_killer_disable+0x280/0x280
[ 1019.832785][T23930]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1019.838312][T23930]  ? memcg_stat_show+0xc40/0xc40
[ 1019.843258][T23930]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1019.849058][T23930]  ? cgroup_file_notify+0x140/0x1b0
[ 1019.854241][T23930]  memory_max_write+0x262/0x3a0
[ 1019.859078][T23930]  ? mem_cgroup_write+0x370/0x370
[ 1019.864089][T23930]  ? lock_acquire+0x190/0x410
[ 1019.868748][T23930]  ? kernfs_fop_write+0x227/0x480
[ 1019.873752][T23930]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1019.879284][T23930]  cgroup_file_write+0x241/0x790
[ 1019.884214][T23930]  ? mem_cgroup_write+0x370/0x370
[ 1019.889223][T23930]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1019.894843][T23930]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1019.900455][T23930]  kernfs_fop_write+0x2b8/0x480
[ 1019.905290][T23930]  __vfs_write+0x8a/0x110
[ 1019.909602][T23930]  ? kernfs_fop_open+0xd80/0xd80
[ 1019.914522][T23930]  __kernel_write+0x11b/0x3b0
[ 1019.919187][T23930]  write_pipe_buf+0x15d/0x1f0
[ 1019.923860][T23930]  ? do_splice_direct+0x2a0/0x2a0
[ 1019.928873][T23930]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1019.935092][T23930]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1019.941144][T23930]  __splice_from_pipe+0x397/0x7d0
[ 1019.946152][T23930]  ? do_splice_direct+0x2a0/0x2a0
[ 1019.951168][T23930]  ? do_splice_direct+0x2a0/0x2a0
[ 1019.956176][T23930]  splice_from_pipe+0x108/0x170
[ 1019.961011][T23930]  ? splice_shrink_spd+0xd0/0xd0
[ 1019.965937][T23930]  ? security_file_permission+0x8f/0x380
[ 1019.971554][T23930]  default_file_splice_write+0x3c/0x90
[ 1019.976992][T23930]  ? generic_splice_sendpage+0x50/0x50
[ 1019.982442][T23930]  direct_splice_actor+0x123/0x190
[ 1019.987644][T23930]  splice_direct_to_actor+0x366/0x970
[ 1019.993002][T23930]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1019.998550][T23930]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1020.004779][T23930]  ? do_splice_to+0x180/0x180
[ 1020.009438][T23930]  ? rw_verify_area+0x126/0x360
[ 1020.014274][T23930]  do_splice_direct+0x1da/0x2a0
[ 1020.019124][T23930]  ? splice_direct_to_actor+0x970/0x970
[ 1020.024647][T23930]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1020.030015][T23930]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1020.035634][T23930]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1020.041856][T23930]  ? __sb_start_write+0x1e5/0x460
[ 1020.046863][T23930]  do_sendfile+0x597/0xd00
[ 1020.051294][T23930]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1020.056563][T23930]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1020.062784][T23930]  ? put_timespec64+0xda/0x140
[ 1020.067538][T23930]  __x64_sys_sendfile64+0x1dd/0x220
[ 1020.072721][T23930]  ? __ia32_sys_sendfile+0x230/0x230
[ 1020.077988][T23930]  ? do_syscall_64+0x26/0x760
[ 1020.082664][T23930]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1020.087932][T23930]  ? trace_hardirqs_on+0x67/0x240
[ 1020.092943][T23930]  do_syscall_64+0xfa/0x760
[ 1020.097432][T23930]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1020.103316][T23930] RIP: 0033:0x459f49
[ 1020.107195][T23930] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1020.126787][T23930] RSP: 002b:00007f8b5ab0ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1020.135200][T23930] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1020.143153][T23930] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1020.151107][T23930] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1020.159064][T23930] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f8b5ab0f6d4
[ 1020.167541][T23930] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1020.180723][T23930] memory: usage 920kB, limit 0kB, failcnt 246
[ 1020.186848][T23930] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1020.196632][T23916] device hsr_slave_0 entered promiscuous mode
[ 1020.203754][T23930] Memory cgroup stats for /syz5:
[ 1020.203874][T23930] anon 139264
[ 1020.203874][T23930] file 106496
[ 1020.203874][T23930] kernel_stack 131072
[ 1020.203874][T23930] slab 688128
[ 1020.203874][T23930] sock 0
[ 1020.203874][T23930] shmem 143360
[ 1020.203874][T23930] file_mapped 135168
[ 1020.203874][T23930] file_dirty 0
[ 1020.203874][T23930] file_writeback 0
[ 1020.203874][T23930] anon_thp 0
[ 1020.203874][T23930] inactive_anon 0
[ 1020.203874][T23930] active_anon 139264
[ 1020.203874][T23930] inactive_file 53248
[ 1020.203874][T23930] active_file 45056
[ 1020.203874][T23930] unevictable 135168
[ 1020.203874][T23930] slab_reclaimable 270336
[ 1020.203874][T23930] slab_unreclaimable 417792
[ 1020.203874][T23930] pgfault 55605
[ 1020.203874][T23930] pgmajfault 0
[ 1020.203874][T23930] workingset_refault 0
[ 1020.203874][T23930] workingset_activate 0
[ 1020.203874][T23930] workingset_nodereclaim 0
[ 1020.203874][T23930] pgrefill 11872
[ 1020.203874][T23930] pgscan 29652
[ 1020.203874][T23930] pgsteal 8856
10:33:52 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[ 1020.203894][T23930] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23925,uid=0
[ 1020.314307][T23930] Memory cgroup out of memory: Killed process 23925 (syz-executor.5) total-vm:72852kB, anon-rss:92kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000
[ 1020.332957][ T1070] oom_reaper: reaped process 23925 (syz-executor.5), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB
[ 1020.344535][T23916] device hsr_slave_1 entered promiscuous mode
[ 1020.366537][T23909] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1020.376705][T23909] CPU: 0 PID: 23909 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[ 1020.384617][T23909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1020.394862][T23909] Call Trace:
[ 1020.398160][T23909]  dump_stack+0x172/0x1f0
[ 1020.402758][T23909]  dump_header+0x10b/0x82d
[ 1020.407371][T23909]  ? oom_kill_process+0x94/0x3f0
[ 1020.412350][T23909]  oom_kill_process.cold+0x10/0x15
[ 1020.417670][T23909]  out_of_memory+0x334/0x1340
[ 1020.422357][T23909]  ? lock_downgrade+0x920/0x920
[ 1020.427317][T23909]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1020.433200][T23909]  ? oom_killer_disable+0x280/0x280
[ 1020.438505][T23909]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1020.444163][T23909]  ? memcg_stat_show+0xc40/0xc40
[ 1020.449771][T23909]  ? do_raw_spin_unlock+0x57/0x270
[ 1020.455539][T23909]  ? _raw_spin_unlock+0x2d/0x50
[ 1020.460736][T23909]  try_charge+0xf4b/0x1440
[ 1020.465180][T23909]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1020.470731][T23909]  ? percpu_ref_tryget_live+0x111/0x290
[ 1020.476438][T23909]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1020.482673][T23909]  ? __kasan_check_read+0x11/0x20
[ 1020.487805][T23909]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1020.493344][T23909]  mem_cgroup_try_charge+0x136/0x590
[ 1020.498628][T23909]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1020.504265][T23909]  wp_page_copy+0x407/0x1860
[ 1020.508845][T23909]  ? find_held_lock+0x35/0x130
[ 1020.513607][T23909]  ? do_wp_page+0x53b/0x15c0
[ 1020.518298][T23909]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1020.524117][T23909]  ? lock_downgrade+0x920/0x920
[ 1020.528977][T23909]  ? swp_swapcount+0x540/0x540
[ 1020.533739][T23909]  ? __kasan_check_read+0x11/0x20
[ 1020.538754][T23909]  ? do_raw_spin_unlock+0x57/0x270
[ 1020.543875][T23909]  do_wp_page+0x543/0x15c0
[ 1020.548292][T23909]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1020.553693][T23909]  __handle_mm_fault+0x23ec/0x4040
[ 1020.558803][T23909]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1020.564339][T23909]  ? handle_mm_fault+0x292/0xaa0
[ 1020.569379][T23909]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1020.575611][T23909]  ? __kasan_check_read+0x11/0x20
[ 1020.580632][T23909]  handle_mm_fault+0x3b7/0xaa0
[ 1020.585389][T23909]  __do_page_fault+0x536/0xdd0
[ 1020.590145][T23909]  do_page_fault+0x38/0x590
[ 1020.594803][T23909]  page_fault+0x39/0x40
[ 1020.598942][T23909] RIP: 0033:0x431026
[ 1020.602849][T23909] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[ 1020.622469][T23909] RSP: 002b:00007fff2fb7a660 EFLAGS: 00010206
[ 1020.628544][T23909] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[ 1020.636522][T23909] RDX: 0000000000f81930 RSI: 0000000000f89970 RDI: 0000000000000003
[ 1020.644480][T23909] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000000f80940
[ 1020.652447][T23909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[ 1020.660424][T23909] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[ 1020.669369][T23909] memory: usage 560kB, limit 0kB, failcnt 254
[ 1020.675454][T23909] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1020.682428][T23909] Memory cgroup stats for /syz5:
[ 1020.682527][T23909] anon 139264
[ 1020.682527][T23909] file 106496
[ 1020.682527][T23909] kernel_stack 0
[ 1020.682527][T23909] slab 688128
[ 1020.682527][T23909] sock 0
[ 1020.682527][T23909] shmem 143360
[ 1020.682527][T23909] file_mapped 135168
[ 1020.682527][T23909] file_dirty 0
[ 1020.682527][T23909] file_writeback 0
[ 1020.682527][T23909] anon_thp 0
[ 1020.682527][T23909] inactive_anon 0
[ 1020.682527][T23909] active_anon 139264
[ 1020.682527][T23909] inactive_file 53248
[ 1020.682527][T23909] active_file 45056
[ 1020.682527][T23909] unevictable 135168
[ 1020.682527][T23909] slab_reclaimable 270336
[ 1020.682527][T23909] slab_unreclaimable 417792
[ 1020.682527][T23909] pgfault 55605
[ 1020.682527][T23909] pgmajfault 0
[ 1020.682527][T23909] workingset_refault 0
[ 1020.682527][T23909] workingset_activate 0
[ 1020.682527][T23909] workingset_nodereclaim 0
[ 1020.682527][T23909] pgrefill 11872
[ 1020.682527][T23909] pgscan 29652
[ 1020.682527][T23909] pgsteal 8856
[ 1020.687643][T23916] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1020.697410][T23916] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1020.782348][T23909] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=23909,uid=0
[ 1020.785290][T23916] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1020.792541][T23909] Memory cgroup out of memory: Killed process 23909 (syz-executor.5) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0
[ 1020.808005][T23916] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1020.840212][T23916] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1020.866844][T23699] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1020.877270][T23699] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1021.425535][T23916] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1021.620736][T23914] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1021.631050][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1021.642748][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1021.656642][T23915] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1021.666659][T23916] 8021q: adding VLAN 0 to HW filter on device team0
[ 1021.819531][T23914] 8021q: adding VLAN 0 to HW filter on device team0
[ 1021.839064][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1021.846817][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1021.854929][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1021.864311][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1021.872860][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1021.879989][ T8848] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1021.887859][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1021.896416][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1021.905119][ T8848] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1021.912218][ T8848] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1021.920437][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1021.929120][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1021.946340][T23915] 8021q: adding VLAN 0 to HW filter on device team0
[ 1021.964619][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1021.974110][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1021.984301][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1021.993952][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1022.002447][ T8848] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.009546][ T8848] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.017085][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1022.025807][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1022.034154][ T8848] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.041253][ T8848] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.049013][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1022.057697][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1022.066102][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1022.075261][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1022.083271][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1022.251801][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1022.261332][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1022.270633][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1022.283791][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1022.292347][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1022.301391][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1022.311166][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1022.320262][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1022.329339][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1022.337811][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.344863][T14992] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.353441][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1022.362379][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1022.525748][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1022.535854][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1022.544502][ T9931] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.551611][ T9931] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.561212][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1022.571719][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1022.580562][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1022.589729][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1022.598435][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1022.606688][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1022.615248][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1022.631268][T23916] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1022.642078][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1022.812243][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1022.821699][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1022.833839][T23914] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1022.846455][T23914] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1022.860119][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1022.868468][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1022.877015][ T9931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1022.896240][T23915] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1022.907639][T23915] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1023.065481][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1023.074473][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1023.083633][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1023.093326][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1023.102321][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1023.111161][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1023.121982][T23916] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1023.135742][ T8848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1023.160500][T23914] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1023.340660][T23915] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1023.569435][T11615] device bridge_slave_1 left promiscuous mode
[ 1023.575704][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1023.638725][T11615] device bridge_slave_0 left promiscuous mode
[ 1023.644995][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1023.719465][T11615] device bridge_slave_1 left promiscuous mode
[ 1023.725775][T11615] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1023.733143][T23949] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1023.744264][T23949] CPU: 1 PID: 23949 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[ 1023.752206][T23949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1023.762272][T23949] Call Trace:
[ 1023.765560][T23949]  dump_stack+0x172/0x1f0
[ 1023.769903][T23949]  dump_header+0x10b/0x82d
[ 1023.774330][T23949]  oom_kill_process.cold+0x10/0x15
[ 1023.779468][T23949]  out_of_memory+0x334/0x1340
[ 1023.784155][T23949]  ? __sched_text_start+0x8/0x8
[ 1023.789012][T23949]  ? oom_killer_disable+0x280/0x280
[ 1023.794223][T23949]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1023.799781][T23949]  ? memcg_stat_show+0xc40/0xc40
[ 1023.804732][T23949]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1023.810549][T23949]  ? cgroup_file_notify+0x140/0x1b0
[ 1023.815745][T23949]  memory_max_write+0x262/0x3a0
[ 1023.820600][T23949]  ? mem_cgroup_write+0x370/0x370
[ 1023.825621][T23949]  ? lock_acquire+0x190/0x410
[ 1023.830366][T23949]  ? kernfs_fop_write+0x227/0x480
[ 1023.835679][T23949]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1023.841240][T23949]  cgroup_file_write+0x241/0x790
[ 1023.846179][T23949]  ? mem_cgroup_write+0x370/0x370
[ 1023.851190][T23949]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1023.856827][T23949]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1023.862448][T23949]  kernfs_fop_write+0x2b8/0x480
[ 1023.867296][T23949]  __vfs_write+0x8a/0x110
[ 1023.871611][T23949]  ? kernfs_fop_open+0xd80/0xd80
[ 1023.876620][T23949]  __kernel_write+0x11b/0x3b0
[ 1023.881287][T23949]  write_pipe_buf+0x15d/0x1f0
[ 1023.885963][T23949]  ? do_splice_direct+0x2a0/0x2a0
[ 1023.891004][T23949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1023.897240][T23949]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1023.903312][T23949]  __splice_from_pipe+0x397/0x7d0
[ 1023.908443][T23949]  ? do_splice_direct+0x2a0/0x2a0
[ 1023.913461][T23949]  ? do_splice_direct+0x2a0/0x2a0
[ 1023.918471][T23949]  splice_from_pipe+0x108/0x170
[ 1023.923312][T23949]  ? splice_shrink_spd+0xd0/0xd0
[ 1023.928245][T23949]  ? security_file_permission+0x8f/0x380
[ 1023.933878][T23949]  default_file_splice_write+0x3c/0x90
[ 1023.939319][T23949]  ? generic_splice_sendpage+0x50/0x50
[ 1023.944769][T23949]  direct_splice_actor+0x123/0x190
[ 1023.949898][T23949]  splice_direct_to_actor+0x366/0x970
[ 1023.955259][T23949]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1023.960892][T23949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1023.967117][T23949]  ? do_splice_to+0x180/0x180
[ 1023.971781][T23949]  ? rw_verify_area+0x126/0x360
[ 1023.976617][T23949]  do_splice_direct+0x1da/0x2a0
[ 1023.981453][T23949]  ? splice_direct_to_actor+0x970/0x970
[ 1023.986992][T23949]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1023.992357][T23949]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1023.997987][T23949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1024.004211][T23949]  ? __sb_start_write+0x1e5/0x460
[ 1024.009221][T23949]  do_sendfile+0x597/0xd00
[ 1024.013629][T23949]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1024.018897][T23949]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1024.025120][T23949]  ? put_timespec64+0xda/0x140
[ 1024.029883][T23949]  __x64_sys_sendfile64+0x1dd/0x220
[ 1024.035066][T23949]  ? __ia32_sys_sendfile+0x230/0x230
[ 1024.040340][T23949]  ? do_syscall_64+0x26/0x760
[ 1024.045003][T23949]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1024.050274][T23949]  ? trace_hardirqs_on+0x67/0x240
[ 1024.055298][T23949]  do_syscall_64+0xfa/0x760
[ 1024.059803][T23949]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1024.065679][T23949] RIP: 0033:0x459f49
[ 1024.069560][T23949] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1024.089156][T23949] RSP: 002b:00007f71ebec0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1024.097549][T23949] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1024.105514][T23949] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1024.113471][T23949] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1024.121437][T23949] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f71ebec16d4
[ 1024.129406][T23949] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1024.141108][T23949] memory: usage 5080kB, limit 0kB, failcnt 581
[ 1024.147320][T23949] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1024.154689][T23949] Memory cgroup stats for /syz3:
[ 1024.154822][T23949] anon 4313088
[ 1024.154822][T23949] file 118784
[ 1024.154822][T23949] kernel_stack 65536
[ 1024.154822][T23949] slab 692224
[ 1024.154822][T23949] sock 81920
[ 1024.154822][T23949] shmem 24576
[ 1024.154822][T23949] file_mapped 0
[ 1024.154822][T23949] file_dirty 135168
[ 1024.154822][T23949] file_writeback 0
[ 1024.154822][T23949] anon_thp 4194304
[ 1024.154822][T23949] inactive_anon 0
[ 1024.154822][T23949] active_anon 4313088
[ 1024.154822][T23949] inactive_file 98304
[ 1024.154822][T23949] active_file 0
[ 1024.154822][T23949] unevictable 135168
[ 1024.154822][T23949] slab_reclaimable 270336
[ 1024.154822][T23949] slab_unreclaimable 421888
[ 1024.154822][T23949] pgfault 59763
[ 1024.154822][T23949] pgmajfault 0
[ 1024.154822][T23949] workingset_refault 0
[ 1024.154822][T23949] workingset_activate 0
[ 1024.154822][T23949] workingset_nodereclaim 0
[ 1024.154822][T23949] pgrefill 8688
[ 1024.154822][T23949] pgscan 40193
[ 1024.154822][T23949] pgsteal 9652
[ 1024.249680][T23949] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23947,uid=0
[ 1024.266629][T23949] Memory cgroup out of memory: Killed process 23947 (syz-executor.3) total-vm:72720kB, anon-rss:4192kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[ 1024.286826][ T1070] oom_reaper: reaped process 23947 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[ 1024.303842][T11615] device bridge_slave_0 left promiscuous mode
[ 1024.313066][T11615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1024.319947][T23914] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1024.330372][T23914] CPU: 1 PID: 23914 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[ 1024.338271][T23914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1024.348499][T23914] Call Trace:
[ 1024.351800][T23914]  dump_stack+0x172/0x1f0
[ 1024.356127][T23914]  dump_header+0x10b/0x82d
[ 1024.361397][T23914]  ? oom_kill_process+0x94/0x3f0
[ 1024.366313][T23914]  oom_kill_process.cold+0x10/0x15
[ 1024.371418][T23914]  out_of_memory+0x334/0x1340
[ 1024.376082][T23914]  ? lock_downgrade+0x920/0x920
[ 1024.380919][T23914]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1024.386792][T23914]  ? oom_killer_disable+0x280/0x280
[ 1024.391989][T23914]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1024.397540][T23914]  ? memcg_stat_show+0xc40/0xc40
[ 1024.402482][T23914]  ? do_raw_spin_unlock+0x57/0x270
[ 1024.407585][T23914]  ? _raw_spin_unlock+0x2d/0x50
[ 1024.412433][T23914]  try_charge+0xf4b/0x1440
[ 1024.416842][T23914]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1024.422373][T23914]  ? percpu_ref_tryget_live+0x111/0x290
[ 1024.427909][T23914]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1024.434148][T23914]  ? __kasan_check_read+0x11/0x20
[ 1024.439182][T23914]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1024.444720][T23914]  mem_cgroup_try_charge+0x136/0x590
[ 1024.450282][T23914]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1024.455916][T23914]  wp_page_copy+0x407/0x1860
[ 1024.460510][T23914]  ? find_held_lock+0x35/0x130
[ 1024.465268][T23914]  ? do_wp_page+0x53b/0x15c0
[ 1024.469852][T23914]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1024.475649][T23914]  ? lock_downgrade+0x920/0x920
[ 1024.480478][T23914]  ? swp_swapcount+0x540/0x540
[ 1024.485220][T23914]  ? __kasan_check_read+0x11/0x20
[ 1024.490229][T23914]  ? do_raw_spin_unlock+0x57/0x270
[ 1024.495332][T23914]  do_wp_page+0x543/0x15c0
[ 1024.499742][T23914]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1024.505097][T23914]  __handle_mm_fault+0x23ec/0x4040
[ 1024.510206][T23914]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1024.515754][T23914]  ? handle_mm_fault+0x292/0xaa0
[ 1024.520686][T23914]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1024.526921][T23914]  ? __kasan_check_read+0x11/0x20
[ 1024.531939][T23914]  handle_mm_fault+0x3b7/0xaa0
[ 1024.536712][T23914]  __do_page_fault+0x536/0xdd0
[ 1024.541459][T23914]  do_page_fault+0x38/0x590
[ 1024.545938][T23914]  page_fault+0x39/0x40
[ 1024.550076][T23914] RIP: 0033:0x431026
[ 1024.553970][T23914] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[ 1024.573568][T23914] RSP: 002b:00007ffef9630780 EFLAGS: 00010206
[ 1024.579625][T23914] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[ 1024.587581][T23914] RDX: 00000000017cd930 RSI: 00000000017d5970 RDI: 0000000000000003
[ 1024.595540][T23914] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000017cc940
[ 1024.603500][T23914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[ 1024.611474][T23914] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[ 1024.621262][T23914] memory: usage 656kB, limit 0kB, failcnt 593
[ 1024.627438][T23914] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1024.634750][T23914] Memory cgroup stats for /syz3:
[ 1024.634851][T23914] anon 61440
[ 1024.634851][T23914] file 118784
[ 1024.634851][T23914] kernel_stack 65536
[ 1024.634851][T23914] slab 692224
[ 1024.634851][T23914] sock 81920
[ 1024.634851][T23914] shmem 24576
[ 1024.634851][T23914] file_mapped 0
[ 1024.634851][T23914] file_dirty 135168
[ 1024.634851][T23914] file_writeback 0
[ 1024.634851][T23914] anon_thp 0
[ 1024.634851][T23914] inactive_anon 0
[ 1024.634851][T23914] active_anon 61440
[ 1024.634851][T23914] inactive_file 98304
[ 1024.634851][T23914] active_file 0
[ 1024.634851][T23914] unevictable 135168
[ 1024.634851][T23914] slab_reclaimable 270336
[ 1024.634851][T23914] slab_unreclaimable 421888
[ 1024.634851][T23914] pgfault 59763
[ 1024.634851][T23914] pgmajfault 0
[ 1024.634851][T23914] workingset_refault 0
[ 1024.634851][T23914] workingset_activate 0
[ 1024.634851][T23914] workingset_nodereclaim 0
[ 1024.634851][T23914] pgrefill 8688
[ 1024.634851][T23914] pgscan 40193
[ 1024.634851][T23914] pgsteal 9652
[ 1024.639944][T23914] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23914,uid=0
[ 1024.752332][T23914] Memory cgroup out of memory: Killed process 23914 (syz-executor.3) total-vm:72456kB, anon-rss:72kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[ 1024.778777][ T1070] oom_reaper: reaped process 23914 (syz-executor.3), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB
[ 1028.538315][T11615] device hsr_slave_0 left promiscuous mode
[ 1028.577865][T11615] device hsr_slave_1 left promiscuous mode
[ 1028.630854][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1028.644942][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1028.656647][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1028.704770][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1028.777190][T11615] bond0 (unregistering): Released all slaves
[ 1028.910413][T11615] device hsr_slave_0 left promiscuous mode
[ 1028.947764][T11615] device hsr_slave_1 left promiscuous mode
[ 1029.019867][T11615] team0 (unregistering): Port device team_slave_1 removed
[ 1029.033790][T11615] team0 (unregistering): Port device team_slave_0 removed
[ 1029.045735][T11615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1029.113373][T11615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1029.229545][T11615] bond0 (unregistering): Released all slaves
[ 1029.618229][T23953] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1029.628606][T23953] CPU: 1 PID: 23953 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[ 1029.636495][T23953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1029.646558][T23953] Call Trace:
[ 1029.649862][T23953]  dump_stack+0x172/0x1f0
[ 1029.654194][T23953]  dump_header+0x10b/0x82d
[ 1029.658597][T23953]  oom_kill_process.cold+0x10/0x15
[ 1029.663708][T23953]  out_of_memory+0x334/0x1340
[ 1029.668389][T23953]  ? __sched_text_start+0x8/0x8
[ 1029.673260][T23953]  ? oom_killer_disable+0x280/0x280
[ 1029.678476][T23953]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1029.684152][T23953]  ? memcg_stat_show+0xc40/0xc40
[ 1029.689116][T23953]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1029.694926][T23953]  ? cgroup_file_notify+0x140/0x1b0
[ 1029.700127][T23953]  memory_max_write+0x262/0x3a0
[ 1029.704969][T23953]  ? mem_cgroup_write+0x370/0x370
[ 1029.709985][T23953]  ? lock_acquire+0x190/0x410
[ 1029.714670][T23953]  ? kernfs_fop_write+0x227/0x480
[ 1029.719689][T23953]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1029.725292][T23953]  cgroup_file_write+0x241/0x790
[ 1029.730245][T23953]  ? mem_cgroup_write+0x370/0x370
[ 1029.735275][T23953]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1029.740906][T23953]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1029.746521][T23953]  kernfs_fop_write+0x2b8/0x480
[ 1029.751378][T23953]  __vfs_write+0x8a/0x110
[ 1029.755699][T23953]  ? kernfs_fop_open+0xd80/0xd80
[ 1029.760630][T23953]  __kernel_write+0x11b/0x3b0
[ 1029.765289][T23953]  write_pipe_buf+0x15d/0x1f0
[ 1029.769962][T23953]  ? do_splice_direct+0x2a0/0x2a0
[ 1029.774992][T23953]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1029.781225][T23953]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1029.787284][T23953]  __splice_from_pipe+0x397/0x7d0
[ 1029.792298][T23953]  ? do_splice_direct+0x2a0/0x2a0
[ 1029.797311][T23953]  ? do_splice_direct+0x2a0/0x2a0
[ 1029.802317][T23953]  splice_from_pipe+0x108/0x170
[ 1029.807148][T23953]  ? splice_shrink_spd+0xd0/0xd0
[ 1029.812074][T23953]  ? security_file_permission+0x8f/0x380
[ 1029.817696][T23953]  default_file_splice_write+0x3c/0x90
[ 1029.823160][T23953]  ? generic_splice_sendpage+0x50/0x50
[ 1029.828614][T23953]  direct_splice_actor+0x123/0x190
[ 1029.833719][T23953]  splice_direct_to_actor+0x366/0x970
[ 1029.839089][T23953]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1029.844627][T23953]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1029.850883][T23953]  ? do_splice_to+0x180/0x180
[ 1029.855551][T23953]  ? rw_verify_area+0x126/0x360
[ 1029.860393][T23953]  do_splice_direct+0x1da/0x2a0
[ 1029.865223][T23953]  ? splice_direct_to_actor+0x970/0x970
[ 1029.870758][T23953]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1029.876140][T23953]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1029.881753][T23953]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1029.887989][T23953]  ? __sb_start_write+0x1e5/0x460
[ 1029.893001][T23953]  do_sendfile+0x597/0xd00
[ 1029.897398][T23953]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1029.902664][T23953]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1029.908925][T23953]  ? put_timespec64+0xda/0x140
[ 1029.913690][T23953]  __x64_sys_sendfile64+0x1dd/0x220
[ 1029.918887][T23953]  ? __ia32_sys_sendfile+0x230/0x230
[ 1029.924173][T23953]  ? do_syscall_64+0x26/0x760
[ 1029.928842][T23953]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1029.934117][T23953]  ? trace_hardirqs_on+0x67/0x240
[ 1029.939138][T23953]  do_syscall_64+0xfa/0x760
[ 1029.943650][T23953]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1029.949526][T23953] RIP: 0033:0x459f49
[ 1029.953411][T23953] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1029.973018][T23953] RSP: 002b:00007f2917f4cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1029.981423][T23953] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1029.989388][T23953] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1029.997350][T23953] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1030.005312][T23953] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f2917f4d6d4
[ 1030.013265][T23953] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1030.024475][T23953] memory: usage 908kB, limit 0kB, failcnt 287
[ 1030.030819][T23953] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1030.037859][T23953] Memory cgroup stats for /syz2:
[ 1030.037968][T23953] anon 65536
[ 1030.037968][T23953] file 167936
[ 1030.037968][T23953] kernel_stack 131072
[ 1030.037968][T23953] slab 516096
[ 1030.037968][T23953] sock 4096
[ 1030.037968][T23953] shmem 20480
[ 1030.037968][T23953] file_mapped 135168
[ 1030.037968][T23953] file_dirty 135168
[ 1030.037968][T23953] file_writeback 0
[ 1030.037968][T23953] anon_thp 0
[ 1030.037968][T23953] inactive_anon 90112
[ 1030.037968][T23953] active_anon 65536
[ 1030.037968][T23953] inactive_file 110592
[ 1030.037968][T23953] active_file 110592
[ 1030.037968][T23953] unevictable 0
[ 1030.037968][T23953] slab_reclaimable 135168
[ 1030.037968][T23953] slab_unreclaimable 380928
[ 1030.037968][T23953] pgfault 66330
[ 1030.037968][T23953] pgmajfault 0
[ 1030.037968][T23953] workingset_refault 0
[ 1030.037968][T23953] workingset_activate 0
10:34:02 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:34:02 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1}, 0x2)

10:34:02 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0800b5055e0bcfe87b2071")
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x38, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[@dstopts={0x0, 0x2}], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

10:34:02 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x20, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:34:02 executing program 4:
r0 = socket(0x40000000002, 0x3, 0x2)
recvmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x40000000000017c, 0x0, 0x0)
shutdown(r0, 0x0)

10:34:02 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x3b, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f3"}, &(0x7f0000000180)=0x43)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

[ 1030.037968][T23953] workingset_nodereclaim 0
[ 1030.037968][T23953] pgrefill 20228
[ 1030.037968][T23953] pgscan 28208
[ 1030.037968][T23953] pgsteal 3058
[ 1030.131848][T23953] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23951,uid=0
[ 1030.148338][T23953] Memory cgroup out of memory: Killed process 23951 (syz-executor.2) total-vm:72852kB, anon-rss:92kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000
[ 1030.223278][T23915] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1030.242397][T23915] CPU: 1 PID: 23915 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[ 1030.250324][T23915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1030.260380][T23915] Call Trace:
[ 1030.263690][T23915]  dump_stack+0x172/0x1f0
[ 1030.268030][T23915]  dump_header+0x10b/0x82d
[ 1030.272452][T23915]  ? oom_kill_process+0x94/0x3f0
[ 1030.277405][T23915]  oom_kill_process.cold+0x10/0x15
[ 1030.282538][T23915]  out_of_memory+0x334/0x1340
[ 1030.287241][T23915]  ? lock_downgrade+0x920/0x920
[ 1030.292104][T23915]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1030.297923][T23915]  ? oom_killer_disable+0x280/0x280
[ 1030.303143][T23915]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1030.308697][T23915]  ? memcg_stat_show+0xc40/0xc40
[ 1030.313650][T23915]  ? do_raw_spin_unlock+0x57/0x270
[ 1030.318784][T23915]  ? _raw_spin_unlock+0x2d/0x50
[ 1030.323655][T23915]  try_charge+0xf4b/0x1440
[ 1030.328093][T23915]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1030.333645][T23915]  ? percpu_ref_tryget_live+0x111/0x290
[ 1030.339210][T23915]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1030.345468][T23915]  ? __kasan_check_read+0x11/0x20
[ 1030.350513][T23915]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1030.356076][T23915]  mem_cgroup_try_charge+0x136/0x590
[ 1030.361380][T23915]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1030.367025][T23915]  wp_page_copy+0x407/0x1860
[ 1030.371625][T23915]  ? find_held_lock+0x35/0x130
[ 1030.376401][T23915]  ? do_wp_page+0x53b/0x15c0
[ 1030.381003][T23915]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1030.386827][T23915]  ? lock_downgrade+0x920/0x920
[ 1030.391695][T23915]  ? swp_swapcount+0x540/0x540
[ 1030.396473][T23915]  ? __kasan_check_read+0x11/0x20
[ 1030.401533][T23915]  ? do_raw_spin_unlock+0x57/0x270
[ 1030.406658][T23915]  do_wp_page+0x543/0x15c0
[ 1030.411088][T23915]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1030.416476][T23915]  __handle_mm_fault+0x23ec/0x4040
[ 1030.421688][T23915]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1030.427268][T23915]  ? handle_mm_fault+0x292/0xaa0
[ 1030.432225][T23915]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1030.438479][T23915]  ? __kasan_check_read+0x11/0x20
[ 1030.443529][T23915]  handle_mm_fault+0x3b7/0xaa0
[ 1030.448314][T23915]  __do_page_fault+0x536/0xdd0
[ 1030.453119][T23915]  do_page_fault+0x38/0x590
[ 1030.457657][T23915]  page_fault+0x39/0x40
[ 1030.461830][T23915] RIP: 0033:0x431026
[ 1030.465735][T23915] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[ 1030.485357][T23915] RSP: 002b:00007ffeda6f05e0 EFLAGS: 00010206
[ 1030.491436][T23915] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[ 1030.499422][T23915] RDX: 00000000028b4930 RSI: 00000000028bc970 RDI: 0000000000000003
[ 1030.507398][T23915] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000028b3940
[ 1030.515376][T23915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
10:34:02 executing program 4:
pipe(&(0x7f0000000600)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfffffef3)
read(r0, &(0x7f0000000200)=""/250, 0x9000)

10:34:02 executing program 0:
socket$inet6(0xa, 0x80003, 0xff)
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x38, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[@dstopts={0x0, 0x2}], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

[ 1030.523380][T23915] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
10:34:03 executing program 0:
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x38, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[@dstopts={0x0, 0x2}], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

[ 1030.772044][T23915] memory: usage 544kB, limit 0kB, failcnt 295
[ 1030.778309][T23915] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1030.785247][T23915] Memory cgroup stats for /syz2:
[ 1030.785366][T23915] anon 65536
[ 1030.785366][T23915] file 167936
[ 1030.785366][T23915] kernel_stack 0
[ 1030.785366][T23915] slab 516096
[ 1030.785366][T23915] sock 4096
[ 1030.785366][T23915] shmem 20480
[ 1030.785366][T23915] file_mapped 135168
[ 1030.785366][T23915] file_dirty 135168
[ 1030.785366][T23915] file_writeback 0
[ 1030.785366][T23915] anon_thp 0
[ 1030.785366][T23915] inactive_anon 90112
[ 1030.785366][T23915] active_anon 65536
[ 1030.785366][T23915] inactive_file 110592
[ 1030.785366][T23915] active_file 110592
[ 1030.785366][T23915] unevictable 0
[ 1030.785366][T23915] slab_reclaimable 135168
[ 1030.785366][T23915] slab_unreclaimable 380928
[ 1030.785366][T23915] pgfault 66330
[ 1030.785366][T23915] pgmajfault 0
[ 1030.785366][T23915] workingset_refault 0
[ 1030.785366][T23915] workingset_activate 0
[ 1030.785366][T23915] workingset_nodereclaim 0
[ 1030.785366][T23915] pgrefill 20228
10:34:03 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1}, 0x3)

10:34:03 executing program 0:
syz_emit_ethernet(0x0, 0x0, 0x0)

[ 1030.785366][T23915] pgscan 28208
[ 1030.785366][T23915] pgsteal 3058
10:34:03 executing program 0:
syz_emit_ethernet(0x0, 0x0, 0x0)

[ 1030.927974][T23915] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23915,uid=0
[ 1030.952452][T23915] Memory cgroup out of memory: Killed process 23915 (syz-executor.2) total-vm:72456kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
10:34:03 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:34:03 executing program 0:
syz_emit_ethernet(0x0, 0x0, 0x0)

10:34:03 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1}, 0x4)

[ 1031.704659][T23994] IPVS: ftp: loaded support on port[0] = 21
[ 1031.888401][T23994] chnl_net:caif_netlink_parms(): no params data found
[ 1031.904595][T23998] IPVS: ftp: loaded support on port[0] = 21
[ 1031.981154][T23994] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1031.988785][T23994] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1031.996804][T23994] device bridge_slave_0 entered promiscuous mode
[ 1032.005576][T23994] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.013284][T23994] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.021752][T23994] device bridge_slave_1 entered promiscuous mode
[ 1032.046990][T23994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1032.067283][T23994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1032.118574][T23994] team0: Port device team_slave_0 added
[ 1032.141296][T23994] team0: Port device team_slave_1 added
[ 1032.170213][T23998] chnl_net:caif_netlink_parms(): no params data found
[ 1032.219888][T23994] device hsr_slave_0 entered promiscuous mode
[ 1032.257932][T23994] device hsr_slave_1 entered promiscuous mode
[ 1032.341477][T23994] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.348631][T23994] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1032.355996][T23994] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.363108][T23994] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1032.386929][T23998] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.394108][T23998] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1032.409296][T23998] device bridge_slave_0 entered promiscuous mode
[ 1032.421329][T23998] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.428854][T23998] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.436537][T23998] device bridge_slave_1 entered promiscuous mode
[ 1032.460312][T23998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1032.472608][T23998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1032.515411][T23998] team0: Port device team_slave_0 added
[ 1032.532867][T23998] team0: Port device team_slave_1 added
[ 1032.572663][T23994] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1032.650513][T23998] device hsr_slave_0 entered promiscuous mode
[ 1032.687973][T23998] device hsr_slave_1 entered promiscuous mode
[ 1032.727610][T23998] debugfs: Directory 'hsr0' with parent '/' already present!
[ 1032.736815][T14992] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1032.745955][T14992] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1032.789157][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1032.797028][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1032.807886][T23994] 8021q: adding VLAN 0 to HW filter on device team0
[ 1032.838749][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1032.848514][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1032.857002][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.864143][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1032.873115][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1032.881818][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1032.890423][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.897543][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1032.905232][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1032.932762][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1032.942141][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1032.951053][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1032.962176][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1032.970426][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1032.979111][T14992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1033.002032][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1033.010758][T20146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1033.022896][T23994] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1033.036346][T23994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1033.046198][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1033.054892][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1033.071493][T23998] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1033.089314][T23998] 8021q: adding VLAN 0 to HW filter on device team0
[ 1033.098468][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1033.106350][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1033.124684][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1033.149118][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1033.158030][T23699] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1033.165100][T23699] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1033.183687][T23994] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1033.202669][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1033.217038][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1033.226877][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1033.235804][T23699] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1033.242912][T23699] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1033.251286][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1033.260288][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1033.291989][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1033.301045][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1033.311155][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1033.322521][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1033.331522][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1033.340054][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1033.349925][ T8841] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1033.361097][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1033.370031][T23699] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1033.405198][T23998] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1033.435295][T23998] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1033.480990][T24010] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1033.492145][T24010] CPU: 0 PID: 24010 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[ 1033.500408][T24010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1033.510464][T24010] Call Trace:
[ 1033.513760][T24010]  dump_stack+0x172/0x1f0
[ 1033.518076][T24010]  dump_header+0x10b/0x82d
[ 1033.522476][T24010]  oom_kill_process.cold+0x10/0x15
[ 1033.527580][T24010]  out_of_memory+0x334/0x1340
[ 1033.532247][T24010]  ? __sched_text_start+0x8/0x8
[ 1033.537094][T24010]  ? oom_killer_disable+0x280/0x280
[ 1033.542277][T24010]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1033.547805][T24010]  ? memcg_stat_show+0xc40/0xc40
[ 1033.552738][T24010]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1033.558569][T24010]  ? cgroup_file_notify+0x140/0x1b0
[ 1033.563754][T24010]  memory_max_write+0x262/0x3a0
[ 1033.568590][T24010]  ? mem_cgroup_write+0x370/0x370
[ 1033.573611][T24010]  ? lock_acquire+0x190/0x410
[ 1033.578280][T24010]  ? kernfs_fop_write+0x227/0x480
[ 1033.583290][T24010]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1033.588818][T24010]  cgroup_file_write+0x241/0x790
[ 1033.593783][T24010]  ? mem_cgroup_write+0x370/0x370
[ 1033.598815][T24010]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1033.604434][T24010]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1033.610051][T24010]  kernfs_fop_write+0x2b8/0x480
[ 1033.614884][T24010]  __vfs_write+0x8a/0x110
[ 1033.619193][T24010]  ? kernfs_fop_open+0xd80/0xd80
[ 1033.624128][T24010]  __kernel_write+0x11b/0x3b0
[ 1033.628801][T24010]  write_pipe_buf+0x15d/0x1f0
[ 1033.633470][T24010]  ? do_splice_direct+0x2a0/0x2a0
[ 1033.638475][T24010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1033.644698][T24010]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1033.650757][T24010]  __splice_from_pipe+0x397/0x7d0
[ 1033.655765][T24010]  ? do_splice_direct+0x2a0/0x2a0
[ 1033.660793][T24010]  ? do_splice_direct+0x2a0/0x2a0
[ 1033.665814][T24010]  splice_from_pipe+0x108/0x170
[ 1033.670678][T24010]  ? splice_shrink_spd+0xd0/0xd0
[ 1033.675610][T24010]  ? security_file_permission+0x8f/0x380
[ 1033.681361][T24010]  default_file_splice_write+0x3c/0x90
[ 1033.686804][T24010]  ? generic_splice_sendpage+0x50/0x50
[ 1033.692271][T24010]  direct_splice_actor+0x123/0x190
[ 1033.697385][T24010]  splice_direct_to_actor+0x366/0x970
[ 1033.702756][T24010]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1033.708293][T24010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1033.714518][T24010]  ? do_splice_to+0x180/0x180
[ 1033.719217][T24010]  ? rw_verify_area+0x126/0x360
[ 1033.724051][T24010]  do_splice_direct+0x1da/0x2a0
[ 1033.728895][T24010]  ? splice_direct_to_actor+0x970/0x970
[ 1033.734431][T24010]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1033.739797][T24010]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1033.745448][T24010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1033.751688][T24010]  ? __sb_start_write+0x1e5/0x460
[ 1033.756698][T24010]  do_sendfile+0x597/0xd00
[ 1033.761113][T24010]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1033.766422][T24010]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1033.772670][T24010]  ? put_timespec64+0xda/0x140
[ 1033.777454][T24010]  __x64_sys_sendfile64+0x1dd/0x220
[ 1033.782644][T24010]  ? __ia32_sys_sendfile+0x230/0x230
[ 1033.787912][T24010]  ? do_syscall_64+0x26/0x760
[ 1033.792575][T24010]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1033.797852][T24010]  ? trace_hardirqs_on+0x67/0x240
[ 1033.802858][T24010]  do_syscall_64+0xfa/0x760
[ 1033.807367][T24010]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1033.813240][T24010] RIP: 0033:0x459f49
[ 1033.817118][T24010] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1033.836714][T24010] RSP: 002b:00007f651fa8fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1033.845118][T24010] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1033.853069][T24010] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1033.861020][T24010] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1033.868985][T24010] R10: 0000000020000022 R11: 0000000000000246 R12: 00007f651fa906d4
[ 1033.876948][T24010] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1033.897542][T24010] memory: usage 5156kB, limit 0kB, failcnt 594
[ 1033.903750][T24010] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1033.911163][T24010] Memory cgroup stats for /syz3:
[ 1033.911277][T24010] anon 4329472
[ 1033.911277][T24010] file 118784
[ 1033.911277][T24010] kernel_stack 65536
[ 1033.911277][T24010] slab 692224
[ 1033.911277][T24010] sock 81920
[ 1033.911277][T24010] shmem 24576
[ 1033.911277][T24010] file_mapped 0
[ 1033.911277][T24010] file_dirty 135168
[ 1033.911277][T24010] file_writeback 0
[ 1033.911277][T24010] anon_thp 4194304
[ 1033.911277][T24010] inactive_anon 0
[ 1033.911277][T24010] active_anon 4329472
[ 1033.911277][T24010] inactive_file 98304
[ 1033.911277][T24010] active_file 0
[ 1033.911277][T24010] unevictable 135168
[ 1033.911277][T24010] slab_reclaimable 270336
[ 1033.911277][T24010] slab_unreclaimable 421888
[ 1033.911277][T24010] pgfault 59829
[ 1033.911277][T24010] pgmajfault 0
[ 1033.911277][T24010] workingset_refault 0
[ 1033.911277][T24010] workingset_activate 0
[ 1033.911277][T24010] workingset_nodereclaim 0
[ 1033.911277][T24010] pgrefill 8688
[ 1033.911277][T24010] pgscan 40193
[ 1033.911277][T24010] pgsteal 9652
[ 1034.006500][T24010] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24004,uid=0
[ 1034.026643][T24010] Memory cgroup out of memory: Killed process 24004 (syz-executor.3) total-vm:72720kB, anon-rss:4196kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
[ 1034.047124][ T1070] oom_reaper: reaped process 24004 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB
[ 1034.092618][T23994] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1034.102838][T23994] CPU: 0 PID: 23994 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
[ 1034.110729][T23994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1034.120806][T23994] Call Trace:
[ 1034.124079][T23994]  dump_stack+0x172/0x1f0
[ 1034.128393][T23994]  dump_header+0x10b/0x82d
[ 1034.132786][T23994]  ? oom_kill_process+0x94/0x3f0
[ 1034.137704][T23994]  oom_kill_process.cold+0x10/0x15
[ 1034.142795][T23994]  out_of_memory+0x334/0x1340
[ 1034.147469][T23994]  ? lock_downgrade+0x920/0x920
[ 1034.152307][T23994]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1034.158110][T23994]  ? oom_killer_disable+0x280/0x280
[ 1034.163307][T23994]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1034.168841][T23994]  ? memcg_stat_show+0xc40/0xc40
[ 1034.173770][T23994]  ? do_raw_spin_unlock+0x57/0x270
[ 1034.178862][T23994]  ? _raw_spin_unlock+0x2d/0x50
[ 1034.183702][T23994]  try_charge+0xf4b/0x1440
[ 1034.188103][T23994]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1034.193624][T23994]  ? percpu_ref_tryget_live+0x111/0x290
[ 1034.199148][T23994]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1034.205367][T23994]  ? __kasan_check_read+0x11/0x20
[ 1034.210386][T23994]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1034.215924][T23994]  mem_cgroup_try_charge+0x136/0x590
[ 1034.221203][T23994]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1034.226827][T23994]  wp_page_copy+0x407/0x1860
[ 1034.231415][T23994]  ? find_held_lock+0x35/0x130
[ 1034.236180][T23994]  ? do_wp_page+0x53b/0x15c0
[ 1034.240756][T23994]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1034.246542][T23994]  ? lock_downgrade+0x920/0x920
[ 1034.251374][T23994]  ? swp_swapcount+0x540/0x540
[ 1034.256176][T23994]  ? __kasan_check_read+0x11/0x20
[ 1034.261184][T23994]  ? do_raw_spin_unlock+0x57/0x270
[ 1034.266289][T23994]  do_wp_page+0x543/0x15c0
[ 1034.270691][T23994]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1034.276043][T23994]  __handle_mm_fault+0x23ec/0x4040
[ 1034.281160][T23994]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1034.286686][T23994]  ? handle_mm_fault+0x292/0xaa0
[ 1034.291627][T23994]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1034.297918][T23994]  ? __kasan_check_read+0x11/0x20
[ 1034.302972][T23994]  handle_mm_fault+0x3b7/0xaa0
[ 1034.307723][T23994]  __do_page_fault+0x536/0xdd0
[ 1034.312482][T23994]  do_page_fault+0x38/0x590
[ 1034.317032][T23994]  page_fault+0x39/0x40
[ 1034.321166][T23994] RIP: 0033:0x403a42
[ 1034.325041][T23994] Code: 55 41 54 49 89 fc 55 53 48 81 ec b8 10 00 00 64 48 8b 04 25 28 00 00 00 48 89 84 24 a8 10 00 00 31 c0 be 02 00 00 00 4c 89 e7 <e8> 29 8f 05 00 85 c0 0f 84 00 03 00 00 4c 89 e7 e8 49 44 05 00 48
[ 1034.344627][T23994] RSP: 002b:00007ffce42a5d30 EFLAGS: 00010246
[ 1034.350671][T23994] RAX: 0000000000000000 RBX: 00000000000fc4e4 RCX: 0000000000413a00
[ 1034.358650][T23994] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffce42a6e60
[ 1034.366607][T23994] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000011f6940
[ 1034.374562][T23994] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffce42a6e60
[ 1034.382519][T23994] R13: 00007ffce42a6e50 R14: 0000000000000000 R15: 00007ffce42a6e60
[ 1034.398578][T23994] memory: usage 732kB, limit 0kB, failcnt 602
[ 1034.404959][T23994] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1034.412069][T23994] Memory cgroup stats for /syz3:
[ 1034.412165][T23994] anon 57344
[ 1034.412165][T23994] file 118784
[ 1034.412165][T23994] kernel_stack 0
[ 1034.412165][T23994] slab 692224
[ 1034.412165][T23994] sock 81920
[ 1034.412165][T23994] shmem 24576
[ 1034.412165][T23994] file_mapped 0
[ 1034.412165][T23994] file_dirty 135168
[ 1034.412165][T23994] file_writeback 0
[ 1034.412165][T23994] anon_thp 0
[ 1034.412165][T23994] inactive_anon 0
[ 1034.412165][T23994] active_anon 57344
[ 1034.412165][T23994] inactive_file 98304
[ 1034.412165][T23994] active_file 0
[ 1034.412165][T23994] unevictable 135168
[ 1034.412165][T23994] slab_reclaimable 270336
[ 1034.412165][T23994] slab_unreclaimable 421888
[ 1034.412165][T23994] pgfault 59829
[ 1034.412165][T23994] pgmajfault 0
[ 1034.412165][T23994] workingset_refault 0
[ 1034.412165][T23994] workingset_activate 0
[ 1034.412165][T23994] workingset_nodereclaim 0
[ 1034.412165][T23994] pgrefill 8688
[ 1034.412165][T23994] pgscan 40193
[ 1034.412165][T23994] pgsteal 9652
[ 1034.412165][T23994] pgactivate 11286
[ 1034.509955][T23994] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23994,uid=0
[ 1034.529351][T23994] Memory cgroup out of memory: Killed process 23994 (syz-executor.3) total-vm:72456kB, anon-rss:76kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0
[ 1034.546934][T24014] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1034.547989][ T1070] oom_reaper: reaped process 23994 (syz-executor.3), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB
[ 1034.558099][T24014] CPU: 1 PID: 24014 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[ 1034.576015][T24014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1034.586076][T24014] Call Trace:
[ 1034.589377][T24014]  dump_stack+0x172/0x1f0
[ 1034.593830][T24014]  dump_header+0x10b/0x82d
[ 1034.598263][T24014]  oom_kill_process.cold+0x10/0x15
[ 1034.603374][T24014]  out_of_memory+0x334/0x1340
[ 1034.608055][T24014]  ? oom_killer_disable+0x280/0x280
[ 1034.613272][T24014]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1034.618866][T24014]  ? memcg_stat_show+0xc40/0xc40
[ 1034.623811][T24014]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[ 1034.629620][T24014]  ? cgroup_file_notify+0x140/0x1b0
[ 1034.634826][T24014]  memory_max_write+0x262/0x3a0
[ 1034.639673][T24014]  ? mem_cgroup_write+0x370/0x370
[ 1034.644731][T24014]  ? lock_acquire+0x190/0x410
[ 1034.649400][T24014]  ? kernfs_fop_write+0x227/0x480
[ 1034.654425][T24014]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1034.660019][T24014]  cgroup_file_write+0x241/0x790
[ 1034.664941][T24014]  ? mem_cgroup_write+0x370/0x370
[ 1034.669958][T24014]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1034.675594][T24014]  ? cgroup_migrate_add_task+0x8a0/0x8a0
[ 1034.681208][T24014]  kernfs_fop_write+0x2b8/0x480
[ 1034.686043][T24014]  __vfs_write+0x8a/0x110
[ 1034.690378][T24014]  ? kernfs_fop_open+0xd80/0xd80
[ 1034.695315][T24014]  __kernel_write+0x11b/0x3b0
[ 1034.699989][T24014]  write_pipe_buf+0x15d/0x1f0
[ 1034.704656][T24014]  ? do_splice_direct+0x2a0/0x2a0
[ 1034.709675][T24014]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1034.715915][T24014]  ? splice_from_pipe_next.part.0+0x262/0x300
[ 1034.721978][T24014]  __splice_from_pipe+0x397/0x7d0
[ 1034.726984][T24014]  ? do_splice_direct+0x2a0/0x2a0
[ 1034.732012][T24014]  ? do_splice_direct+0x2a0/0x2a0
[ 1034.737412][T24014]  splice_from_pipe+0x108/0x170
[ 1034.742276][T24014]  ? splice_shrink_spd+0xd0/0xd0
[ 1034.747202][T24014]  ? security_file_permission+0x8f/0x380
[ 1034.752833][T24014]  default_file_splice_write+0x3c/0x90
[ 1034.758291][T24014]  ? generic_splice_sendpage+0x50/0x50
[ 1034.763744][T24014]  direct_splice_actor+0x123/0x190
[ 1034.768853][T24014]  splice_direct_to_actor+0x366/0x970
[ 1034.774246][T24014]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1034.779799][T24014]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1034.786030][T24014]  ? do_splice_to+0x180/0x180
[ 1034.790713][T24014]  ? rw_verify_area+0x126/0x360
[ 1034.795613][T24014]  do_splice_direct+0x1da/0x2a0
[ 1034.800449][T24014]  ? splice_direct_to_actor+0x970/0x970
[ 1034.805974][T24014]  ? rcu_read_lock_any_held+0xcd/0xf0
[ 1034.811349][T24014]  ? __this_cpu_preempt_check+0x3a/0x210
[ 1034.816975][T24014]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1034.823209][T24014]  ? __sb_start_write+0x1e5/0x460
[ 1034.828248][T24014]  do_sendfile+0x597/0xd00
[ 1034.832675][T24014]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1034.837967][T24014]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1034.844237][T24014]  ? put_timespec64+0xda/0x140
[ 1034.849007][T24014]  __x64_sys_sendfile64+0x1dd/0x220
[ 1034.854207][T24014]  ? __ia32_sys_sendfile+0x230/0x230
[ 1034.859491][T24014]  ? do_syscall_64+0x26/0x760
[ 1034.864160][T24014]  ? lockdep_hardirqs_on+0x421/0x5e0
[ 1034.869446][T24014]  ? trace_hardirqs_on+0x67/0x240
[ 1034.874466][T24014]  do_syscall_64+0xfa/0x760
[ 1034.878957][T24014]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1034.884825][T24014] RIP: 0033:0x459f49
[ 1034.888710][T24014] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1034.908330][T24014] RSP: 002b:00007fe813d34c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1034.916739][T24014] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459f49
[ 1034.924704][T24014] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1034.932758][T24014] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[ 1034.940723][T24014] R10: 0000000020000022 R11: 0000000000000246 R12: 00007fe813d356d4
[ 1034.948688][T24014] R13: 00000000004c7b7f R14: 00000000004ddc78 R15: 00000000ffffffff
[ 1034.965955][T24014] memory: usage 816kB, limit 0kB, failcnt 255
[ 1034.972376][T24014] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1034.979313][T24014] Memory cgroup stats for /syz5:
[ 1034.979638][T24014] anon 147456
[ 1034.979638][T24014] file 106496
[ 1034.979638][T24014] kernel_stack 0
[ 1034.979638][T24014] slab 688128
[ 1034.979638][T24014] sock 0
[ 1034.979638][T24014] shmem 143360
[ 1034.979638][T24014] file_mapped 135168
[ 1034.979638][T24014] file_dirty 0
[ 1034.979638][T24014] file_writeback 0
[ 1034.979638][T24014] anon_thp 0
[ 1034.979638][T24014] inactive_anon 0
[ 1034.979638][T24014] active_anon 147456
[ 1034.979638][T24014] inactive_file 53248
[ 1034.979638][T24014] active_file 45056
[ 1034.979638][T24014] unevictable 135168
[ 1034.979638][T24014] slab_reclaimable 270336
[ 1034.979638][T24014] slab_unreclaimable 417792
[ 1034.979638][T24014] pgfault 55671
[ 1034.979638][T24014] pgmajfault 0
[ 1034.979638][T24014] workingset_refault 0
[ 1034.979638][T24014] workingset_activate 0
[ 1034.979638][T24014] workingset_nodereclaim 0
[ 1034.979638][T24014] pgrefill 11872
[ 1034.979638][T24014] pgscan 29652
[ 1034.979638][T24014] pgsteal 8856
[ 1035.073743][T24014] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor.5,pid=24012,uid=0
10:34:07 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
socket$inet(0x2, 0x800, 0x1)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:34:07 executing program 4:
r0 = socket(0x40000000002, 0x3, 0x2)
recvmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
r1 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00\x00\x00\x00\x00\b\x00', 0x10)
sendto$unix(r1, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)

10:34:07 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$inet(0x2, 0x800, 0x0)
setsockopt$inet_mreq(r4, 0x0, 0x0, &(0x7f0000000300)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8)
write$binfmt_script(r3, &(0x7f0000000040)=ANY=[], 0x2343a726)
r5 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:34:07 executing program 1:
r0 = socket$kcm(0x11, 0x100000000003, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071")
socket$packet(0x11, 0x3, 0x300)
getpeername(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="9e43010000c0000020111fe4ac14140ceb", 0x18}], 0x1}, 0x7)

10:34:07 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='memory.max\x00', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000140))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000040)=0x9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0), 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x2343a726)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000280)={r3, 0x3b, "13ee664c7a7442542ee09cd26d7ac76d6bdf9511645a3d3aee2a6a3c939efc4330dcb5364bc40dc04b29c68a8c472c3ff9f0f208a84706bdcef5f3"}, &(0x7f0000000180)=0x43)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendfile(r1, r2, 0x0, 0x20000022)

10:34:07 executing program 0:
syz_emit_ethernet(0x66, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "b4091d", 0x30, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x2d]}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff80, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

[ 1035.089271][T24014] Memory cgroup out of memory: Killed process 24014 (syz-executor.5) total-vm:72852kB, anon-rss:156kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000
[ 1035.108448][ T1070] oom_reaper: reaped process 24014 (syz-executor.5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB
[ 1035.175256][T23998] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1035.191011][T24024] kasan: CONFIG_KASAN_INLINE enabled
[ 1035.196688][T24024] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 1035.204905][T24024] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 1035.206212][T23998] CPU: 1 PID: 23998 Comm: syz-executor.5 Not tainted 5.4.0-rc3+ #0
[ 1035.211845][T24024] CPU: 0 PID: 24024 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
[ 1035.219718][T23998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1035.227585][T24024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1035.237722][T23998] Call Trace:
[ 1035.247766][T24024] RIP: 0010:ip6_sublist_rcv+0x5c9/0x930
[ 1035.251019][T23998]  dump_stack+0x172/0x1f0
[ 1035.256538][T24024] Code: 0f 85 78 01 00 00 e8 a6 eb 28 fb 48 8b 85 00 ff ff ff 48 8d b8 10 0f 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 49 03 00 00 48 8b 85 00 ff ff ff 4c 8b a0 10 0f
[ 1035.260840][T23998]  dump_header+0x10b/0x82d
[ 1035.286227][T24024] RSP: 0018:ffff8880774473c0 EFLAGS: 00010206
[ 1035.290621][T23998]  ? oom_kill_process+0x94/0x3f0
[ 1035.296662][T24024] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc900133cf000
[ 1035.301588][T23998]  oom_kill_process.cold+0x10/0x15
[ 1035.309527][T24024] RDX: 00000000000001e2 RSI: ffffffff864a2ffa RDI: 0000000000000f10
[ 1035.314618][T23998]  out_of_memory+0x334/0x1340
[ 1035.322562][T24024] RBP: ffff8880774474f0 R08: ffff88806e66c640 R09: ffffed1015d06b75
[ 1035.327225][T23998]  ? lock_downgrade+0x920/0x920
[ 1035.335184][T24024] R10: ffffed1015d06b74 R11: ffff8880ae835ba3 R12: 0000000000000001
[ 1035.340020][T23998]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1035.347961][T24024] R13: ffff8880774474c8 R14: ffff888077447558 R15: ffff888077447680
[ 1035.353739][T23998]  ? oom_killer_disable+0x280/0x280
[ 1035.361683][T24024] FS:  00007f4cb7548700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[ 1035.366857][T23998]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1035.375767][T24024] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1035.381660][T23998]  ? memcg_stat_show+0xc40/0xc40
[ 1035.388217][T24024] CR2: 000000c428435010 CR3: 0000000070dc5000 CR4: 00000000001406f0
[ 1035.393135][T23998]  ? do_raw_spin_unlock+0x57/0x270
[ 1035.401082][T24024] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1035.406168][T23998]  ? _raw_spin_unlock+0x2d/0x50
[ 1035.414110][T24024] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1035.418934][T23998]  try_charge+0xf4b/0x1440
[ 1035.426963][T24024] Call Trace:
[ 1035.431361][T23998]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1035.434621][T24024]  ? lock_downgrade+0x920/0x920
[ 1035.440143][T23998]  ? percpu_ref_tryget_live+0x111/0x290
[ 1035.444987][T24024]  ? ip6_rcv_finish+0x310/0x310
[ 1035.450517][T23998]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1035.455345][T24024]  ? __kasan_check_read+0x11/0x20
[ 1035.461558][T23998]  ? __kasan_check_read+0x11/0x20
[ 1035.466549][T24024]  ? ip6_rcv_core.isra.0+0x1051/0x1c30
[ 1035.471554][T23998]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1035.476976][T24024]  ipv6_list_rcv+0x373/0x4b0
[ 1035.482497][T23998]  mem_cgroup_try_charge+0x136/0x590
[ 1035.487060][T24024]  ? ipv6_rcv+0x420/0x420
[ 1035.492317][T23998]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1035.496614][T24024]  ? ipv6_rcv+0x420/0x420
[ 1035.502219][T23998]  wp_page_copy+0x407/0x1860
[ 1035.506545][T24024]  __netif_receive_skb_list_core+0x5fc/0x9d0
[ 1035.511116][T23998]  ? find_held_lock+0x35/0x130
[ 1035.517068][T24024]  ? ktime_get_with_offset+0x13a/0x360
[ 1035.521800][T23998]  ? do_wp_page+0x53b/0x15c0
[ 1035.527229][T24024]  ? ktime_get_with_offset+0x13a/0x360
[ 1035.531812][T23998]  ? pmd_devmap_trans_unstable+0x220/0x220
[ 1035.537239][T24024]  ? process_backlog+0x750/0x750
[ 1035.543024][T23998]  ? lock_downgrade+0x920/0x920
[ 1035.547930][T24024]  ? lock_acquire+0x190/0x410
[ 1035.552772][T23998]  ? swp_swapcount+0x540/0x540
[ 1035.557425][T24024]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1035.562159][T23998]  ? __kasan_check_read+0x11/0x20
[ 1035.568388][T24024]  ? __kasan_check_read+0x11/0x20
[ 1035.573395][T23998]  ? do_raw_spin_unlock+0x57/0x270
[ 1035.578396][T24024]  netif_receive_skb_list_internal+0x7eb/0xe60
[ 1035.583480][T23998]  do_wp_page+0x543/0x15c0
[ 1035.589604][T24024]  ? __netif_receive_skb_list_core+0x9d0/0x9d0
[ 1035.593991][T23998]  ? finish_mkwrite_fault+0x6a0/0x6a0
[ 1035.600136][T24024]  ? ipv6_gro_receive+0x974/0x14f0
[ 1035.605496][T23998]  __handle_mm_fault+0x23ec/0x4040
[ 1035.610580][T24024]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1035.615669][T23998]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1035.621894][T24024]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1035.627418][T23998]  ? handle_mm_fault+0x292/0xaa0
[ 1035.633628][T24024]  ? eth_type_trans+0x3a5/0x760
[ 1035.638537][T23998]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1035.643360][T24024]  gro_normal_list.part.0+0x1e/0xb0
[ 1035.649567][T23998]  ? __kasan_check_read+0x11/0x20
[ 1035.655108][T24024]  gro_normal_one+0x184/0x1d0
[ 1035.660104][T23998]  handle_mm_fault+0x3b7/0xaa0
[ 1035.664753][T24024]  napi_gro_frags+0x915/0xd00
[ 1035.669489][T23998]  __do_page_fault+0x536/0xdd0
[ 1035.674136][T24024]  tun_get_user+0x2e98/0x3fa0
[ 1035.678868][T23998]  do_page_fault+0x38/0x590
[ 1035.683518][T24024]  ? __kasan_check_read+0x11/0x20
[ 1035.688001][T23998]  page_fault+0x39/0x40
[ 1035.692999][T24024]  ? tun_build_skb.isra.0+0x1390/0x1390
[ 1035.697119][T23998] RIP: 0033:0x431026
[ 1035.702644][T24024]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1035.706543][T23998] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 bc 5c 64 00 85 c0 0f 84
[ 1035.712749][T24024]  ? __kasan_check_read+0x11/0x20
[ 1035.732316][T23998] RSP: 002b:00007ffe6be6f060 EFLAGS: 00010206
[ 1035.737328][T24024]  tun_chr_write_iter+0xbd/0x156
[ 1035.743361][T23998] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041
[ 1035.748280][T24024]  do_iter_readv_writev+0x5f8/0x8f0
[ 1035.756220][T23998] RDX: 000000000167a930 RSI: 0000000001682970 RDI: 0000000000000003
[ 1035.761427][T24024]  ? no_seek_end_llseek_size+0x70/0x70
[ 1035.769393][T23998] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001679940
[ 1035.774840][T24024]  ? apparmor_file_permission+0x25/0x30
[ 1035.782776][T23998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698
[ 1035.788300][T24024]  ? rw_verify_area+0x126/0x360
[ 1035.796249][T23998] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710
[ 1035.801074][T24024]  do_iter_write+0x184/0x610
[ 1035.813604][T24024]  ? dup_iter+0x260/0x260
[ 1035.817952][T24024]  vfs_writev+0x1b3/0x2f0
[ 1035.822291][T24024]  ? vfs_iter_write+0xb0/0xb0
[ 1035.826982][T24024]  ? __kasan_check_read+0x11/0x20
[ 1035.832036][T24024]  ? ksys_dup3+0x3e0/0x3e0
[ 1035.836457][T24024]  ? __kasan_check_read+0x11/0x20
[ 1035.841492][T24024]  ? __fget_light+0x1a9/0x230
[ 1035.846180][T24024]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1035.852424][T24024]  do_writev+0x15b/0x330
[ 1035.856675][T24024]  ? vfs_writev+0x2f0/0x2f0
[ 1035.861187][T24024]  ? do_syscall_64+0x26/0x760
[ 1035.865864][T24024]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1035.871933][T24024]  ? do_syscall_64+0x26/0x760
[ 1035.876620][T24024]  __x64_sys_writev+0x75/0xb0
[ 1035.881306][T24024]  do_syscall_64+0xfa/0x760
[ 1035.885819][T24024]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1035.891710][T24024] RIP: 0033:0x459e01
[ 1035.895612][T24024] Code: 75 14 b8 14 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 b7 fb ff c3 48 83 ec 08 e8 fa 2c 00 00 48 89 04 24 b8 14 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 43 2d 00 00 48 89 d0 48 83 c4 08 48 3d 01
[ 1035.915220][T24024] RSP: 002b:00007f4cb7547ba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014
[ 1035.923633][T24024] RAX: ffffffffffffffda RBX: 0000000000000066 RCX: 0000000000459e01
[ 1035.931609][T24024] RDX: 0000000000000001 RSI: 00007f4cb7547c00 RDI: 00000000000000f0
[ 1035.939590][T24024] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1035.947566][T24024] R10: 00007f4cb75489d0 R11: 0000000000000293 R12: 00007f4cb75486d4
[ 1035.955544][T24024] R13: 00000000004c936a R14: 00000000004e0c48 R15: 00000000ffffffff
[ 1035.963528][T24024] Modules linked in:
[ 1035.966494][T23998] memory: usage 552kB, limit 0kB, failcnt 263
[ 1035.967497][T24024] ---[ end trace 277443e413cc2528 ]---
[ 1035.967520][T24024] RIP: 0010:ip6_sublist_rcv+0x5c9/0x930
[ 1035.967537][T24024] Code: 0f 85 78 01 00 00 e8 a6 eb 28 fb 48 8b 85 00 ff ff ff 48 8d b8 10 0f 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 49 03 00 00 48 8b 85 00 ff ff ff 4c 8b a0 10 0f
[ 1035.967543][T24024] RSP: 0018:ffff8880774473c0 EFLAGS: 00010206
[ 1035.967554][T24024] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc900133cf000
[ 1035.967562][T24024] RDX: 00000000000001e2 RSI: ffffffff864a2ffa RDI: 0000000000000f10
[ 1035.967571][T24024] RBP: ffff8880774474f0 R08: ffff88806e66c640 R09: ffffed1015d06b75
[ 1035.967578][T24024] R10: ffffed1015d06b74 R11: ffff8880ae835ba3 R12: 0000000000000001
[ 1035.967586][T24024] R13: ffff8880774474c8 R14: ffff888077447558 R15: ffff888077447680
[ 1035.967596][T24024] FS:  00007f4cb7548700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[ 1035.967604][T24024] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1035.967612][T24024] CR2: 000000c428435010 CR3: 0000000070dc5000 CR4: 00000000001406f0
[ 1035.967622][T24024] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1035.967628][T24024] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1035.967635][T24024] Kernel panic - not syncing: Fatal exception in interrupt
[ 1035.968923][T24024] Kernel Offset: disabled
[ 1036.102323][T24024] Rebooting in 86400 seconds..