_open_pts(0xffffffffffffffff, 0x4c4102)
ioctl$GIO_UNIMAP(r9, 0x4b66, &(0x7f0000000e80)={0x9, &(0x7f0000000e40)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
openat$cuse(0xffffffffffffff9c, &(0x7f0000000ec0)='/dev/cuse\x00', 0x2, 0x0)
r10 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000f00)='/dev/autofs\x00', 0x4a515af8953294af, 0x0)
sendmsg$can_bcm(r10, &(0x7f0000001040)={&(0x7f0000000f40), 0x10, &(0x7f0000001000)={&(0x7f0000000f80)={0x0, 0x400, 0x7, {0x77359400}, {}, {0x4, 0x2, 0x3, 0x1}, 0x1, @canfd={{0x4, 0x0, 0x3, 0x6}, 0x23, 0x1, 0x0, 0x0, "01effb48a49a03aef75bd9e7b3db5fa5cf531a7848896a2e746621ac98032e3f51d66c995b124fa32d403f694e70bc0cbfaa91ce55a36ccc4abaa64ba1891791"}}, 0x80}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
r11 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000001080)='/dev/snapshot\x00', 0x400000, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r11, 0xc0905664, &(0x7f00000010c0)={0x0, 0x0, [], @raw_data=[0xff, 0x3f, 0x81, 0x1, 0x8, 0x5, 0x6e1f, 0xffffffffffff8000, 0x3, 0x30, 0x7fffffff, 0x4, 0x5, 0x426e, 0x3, 0x7, 0x4, 0x0, 0xfffffffffffffffa, 0x8, 0x0, 0xb9c8, 0x6, 0x3, 0xeb, 0x2, 0x100000000, 0x100, 0x8, 0x1ff, 0x5, 0x6]})
arch_prctl$ARCH_SET_GS(0x1001, 0x25)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001180)='/proc/self/attr/current\x00', 0x2, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000011c0)={{{@in=@multicast1, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f00000012c0)=0xe8)
setfsuid(r12)
r13 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000001300)='/proc/capi/capi20\x00', 0x206a23, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r13, 0x40046207, 0x0)

21:49:53 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3d, 0x6)
pwritev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="c465777b35d8e847c56dca8137c6d06f8ac514cdd7a0a98fc160f047bdf501be6492758d7ecad5e37fd433b365ad85db8b43a9be86dfea8e5a1babd01aad210b70246ae10c3175c52a86d2049e3ce199b3c61c3540745ed5cc691a32ebfe83ae5a939faf02afb02f7ff9756312f050ae9e08e517845386b6494413023431231423b6afb690437cf756c8c5ea71dabc4cddda07596469", 0xffffffffffffff15}, {&(0x7f0000000000)="1297b0323497acc4bee79776a5aa98215b6b5dde000000000000000000", 0xc}, {&(0x7f00000000c0)="cec53fbd3e1ed3a0928a5898795220197fbf6e8292b47d5b1be6d2d43813dfb127f479e6a6ae59e4740f2c087ca6f0f557e6bc8039d76cf91451b5f6fefaad9e314a9672d74ccd0ef0d81af1f5ac3e52e0b3f8373457853b9390ff0e33ddfc0f", 0x60}, {&(0x7f0000000440)="520e56198dc56090d83fbc5a6ed07c06df6ed7d54bd662d88185974cd8ab73795072f54c67090000000000400100000000000000ef485f6b8fbe820000000000000000000000003194ff", 0x47}, {&(0x7f0000000300)="90", 0x1}], 0x5, 0x0)

21:49:53 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:49:53 executing program 1:
r0 = socket(0xa, 0x2, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r9, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r6, 0x6, 0x1, &(0x7f0000000480), &(0x7f00000004c0)=0xc)
fsetxattr$security_selinux(r2, &(0x7f0000000100)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:ssh_keysign_exec_t:s0\x00', 0x28, 0x2)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r12, r15, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r1, 0x78, 0x3, r12})
r16 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r16, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x14a, 0xfa00, {0x4, &(0x7f0000000000)={<r17=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000080)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x2, @mcast1, 0x1}, r17}}, 0x30)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000000000000000007465616d300000000000000000000000766c616e30000000000000004000000076657468305f746f5f7465616d0000132e1d02aaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e00000000000009000000000000000000000000000000000000000000080000000000000200040000892f0700636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000247bd83294aa3280465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e6430000000000000000000000076657468315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b000000000082790000000000000000000000000000080000000000000000000000000000002e11cb83d9dad3b3d03a9d30b8dce0ed6348811368e4b6cd6f1bb791f181"]}, 0x2b7)

21:49:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:49:54 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x3c)
socket$rxrpc(0x21, 0x2, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000140), 0x1c)
rt_sigaction(0x20, &(0x7f0000000100)={&(0x7f0000000080)="c441d8148a39000000c4a17dd58b56a43e208fc978e233c4e11dfc2ac4029d9af565f20f01dac421ad7520f3440faef6f70e00000000f3360f0fe71d", {0x9}, 0x40000000, &(0x7f00000000c0)="c4026d0cee65660f154200410f380ac1c401bded799f400f0f2c57bb832e35c4c13514d22e660f38de19c46171fe4bdf460f4abe04000000"}, 0x0, 0x8, &(0x7f0000000180))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5}, 0xfffffffffffffdcb)
bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x10020000000, 0x0}, 0x2c)
bpf$MAP_CREATE(0x3, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x3f000000]}, 0x2c)

21:49:54 executing program 4:
syz_mount_image$jfs(&(0x7f0000001500)='jfs\x00', &(0x7f0000001540)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="677270717578a342cf005d8ca2def22637e2b6ccadd3583262bac1aa09018d17109bdfe98081c7afd9965865f8049e3a61b8ffaaa472c2f57a22cd5bdc882b323d5276dd88b3a2d0853708ca8f51bd187c5c904c0177030d906bdceaa01f89aeec9efe603dd43faf9e855eeba73e2894d4467089522f1724d05e1c371743fffd1101883876b2eef19fc280051ff3c070f322be029a420cefae32a2f42696128262ecc206fb4287030f748440a659fcf78985c1f4c10379eb05f647705ff3b760a697d5ce5853b66ea12f2f8e85322c9f54e86c946883841ef6dcc28df996787872338b6a"])
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fcntl$setpipe(r0, 0x407, 0x52)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
write$apparmor_current(r1, &(0x7f0000000100)=@hat={'permhat ', 0x1, 0x5e, ['/dev/kvm\x00', '\x00', '&em0keyring)\\)-GPLeth0\x00', '-:-.ppp0self.eth1)em1\xb5bdev!\a%\x00', 'jfs\x00', '\x00', 'jfs\x00', 'jfs\x00']}, 0x67)

21:49:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  556.827701][T12158] jfs: Unrecognized mount option "grpqux£BÏ" or missing value
21:49:54 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000004c0)={<r7=>0x0, <r8=>0x0})
utimensat(r3, &(0x7f0000000480)='./file0\x00', &(0x7f0000000500)={{0x0, 0x2710}, {r7, r8/1000+10000}}, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0x24004)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000280)={0x40000000000002, {{0x2, 0x0, @multicast1}}}, 0x2e8)
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000100)={0xfffffffffffffff8, {{0x2, 0x4e24, @empty}}, {{0x2, 0x4e22, @multicast2}}}, 0xfffffffffffffe25)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r9, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x9c, r10, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3f}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x699}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x74617e75f67212ff}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x80}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x2008000}, 0x24000011)

21:49:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  557.058052][T12158] jfs: Unrecognized mount option "grpqux£BÏ" or missing value
21:49:54 executing program 1:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x829d998390339f6a, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f00000004c0)={0x4a, "96c13eabfb7bc201d1c8442f1b86b58392a6e23b895cf30e5e69ad5117b0a6138e2e06ebeb1f6f5af7f91c0b00d29e19ae210a83a72e3da16849bbb442d34cb9208f8589bbff13ef899d017982a4ad55d31ab88297d674f3431e7cd6b264fea9e8a4cbd5d99759d5ff864106bf501683efadc4dd5083c89cd92de871b13ec1d9"})
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x67, 0x2, {0x62, 0x3, 0x8}}, 0x14)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000140)=""/220)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0, 0x168}}], 0x1, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/fib_triestat\x00')
r9 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = syz_open_dev$sndpcmp(&(0x7f0000000580)='/dev/snd/pcmC#D#p\x00', 0x3, 0x400000)
bind$inet6(r12, &(0x7f0000000400)={0xa, 0x4e24, 0x5a5c0710, @ipv4={[], [], @remote}, 0x8000000000000006}, 0x1c)
r13 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r9, r13, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r14 = syz_genetlink_get_family_id$net_dm(&(0x7f00000002c0)='NET_DM\x00')
sendmsg$nl_crypto(r8, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x500}, 0xc, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="1000000014003d8728bd7000fdd9df25"], 0x10}, 0x1, 0x0, 0x0, 0x137b5fc05565d3eb}, 0x800)
sendmsg$NET_DM_CMD_STOP(r9, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000040}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r14, 0x100, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x10000080)
perf_event_open(&(0x7f00000000c0)={0x2, 0x11d, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9121, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8000000000000009, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1, 0x0, 0x0, 0x5, 0x1}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
preadv(r8, &(0x7f00000017c0), 0x3a8, 0x0)

21:49:54 executing program 4:
r0 = socket(0x11, 0x800000003, 0x0)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000000)="a2e6fa9a", 0x4)
bind(r0, &(0x7f0000000200)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x101000, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={<r2=>0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @rand_addr="6e31bfd72c89323c0c80b5167329292c"}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000240)={r2, 0x0, 0x3463, 0x2}, 0x10)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$RTC_IRQP_SET(r3, 0x4008700c, 0x1c0d)
write$binfmt_aout(r0, &(0x7f0000000040)={{0x1cc, 0x0, 0x0, 0x196, 0x0, 0x0, 0x0, 0x0, 0x8}, "e604b1c2069200000000000000e7591714890d5037d45649fa4f745d1c51cf1da0c52f7b6e540a0000000000"}, 0x4c)

21:50:00 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00')
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'\x00\x00\x00\'\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x5c, r1, 0x1, 0x0, 0x0, {0x1, 0x6c00000000000000}, [{{0x8, 0x1, r2}, {0x40, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x5c}}, 0x0)

21:50:00 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:00 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
close(r0)
r1 = socket(0x11, 0x800000003, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x10000000000000f, &(0x7f0000000100)="a2e6fa9a", 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = signalfd(r2, &(0x7f0000000000)={0x40}, 0x8)
ioctl$FS_IOC_SETFSLABEL(r3, 0x41009432, &(0x7f0000000200)="56efbbe32c9833c71ff1e7067c9384c50042b5e5a25a607bb384af1f997801bdd0b1f5d75876de7ddb5e8dec4ae5e9e4d41798b0b8846cea4391f0218c1d52e096bc7b9cd15a375935760042db8234cc3e40410891f8aab906d6fef9cf28dd29a89c0dbffa74f079cac0cebaaed64b37c0ca806fa305f12f6dfa3b42c997b55473763be41380278fd0047f3c04fe1889392082a8b8feda007f6ab1bb57b70b67c110323f7b710ffd929ebec21103cf20800d5fe4b6754381cadac56d582946adfb737e04f6247c78af59088e0d31ae80fb7457dae82828cca29b92c365c24aef62fe0797158135cd1d45b4f377d933ee564a8642c1404d2b9d2de13600dd60e2")
bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
io_setup(0x9, &(0x7f0000000140)=<r4=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
bpf$MAP_CREATE(0x2, &(0x7f0000000040)={0x0, 0x0, 0x77fffb, 0x0, 0x0, 0x0}, 0x3c)
io_submit(r4, 0x20000103, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}])

21:50:00 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:00 executing program 1:
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
socket$kcm(0x29, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3f020000000000000000010000004030010001000002000000146e6b0000000014000000000000000000"], 0x30}}, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000500)={0x0, 0x335, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, r3, 0x805, 0x0, 0x1, {{}, 0x0, 0x6, 0x0, {0x3f4, 0x19, {0x0, 0x0, 0x0, 0x4}}}}, 0x19}}, 0x0)

21:50:00 executing program 4:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x24, 0x181200)
r1 = getuid()
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r3=>0x0}, &(0x7f0000000180)=0xc)
r4 = getgid()
fchown(0xffffffffffffffff, r3, r4)
getresgid(&(0x7f0000000180), &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000200))
getresuid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)=<r6=>0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000340)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in6=@loopback}}, &(0x7f0000000480)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r9=>0x0}, &(0x7f0000000180)=0xc)
r10 = getgid()
fchown(0xffffffffffffffff, r9, r10)
r11 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000240)={0x0, <r12=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r12)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r13=>0x0}, &(0x7f0000000180)=0xc)
r14 = getgid()
fchown(0xffffffffffffffff, r13, r14)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r15=>0x0}, &(0x7f0000000180)=0xc)
r16 = getgid()
fchown(0xffffffffffffffff, r15, r16)
getgroups(0x5, &(0x7f00000004c0)=[0xee00, r14, r16, <r17=>0xffffffffffffffff, 0xee01])
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000580)={0x3e8, 0x0, 0x8, [{{0x6, 0x1, 0x94, 0x9, 0x55, 0xffffffffffff8001, {0x2, 0x3, 0x80, 0x7, 0x9, 0x7ff, 0x7c06, 0x2, 0x3, 0x7fffffff, 0x6ab, r1, r2, 0xffffffffffffbe21, 0x1ff}}, {0x3, 0x5, 0xa, 0xbc6, '/dev/zero\x00'}}, {{0x5, 0x0, 0x0, 0x0, 0x1, 0x8c2, {0x5, 0x7ff, 0x4, 0x1, 0xffffffffffffffe1, 0x1bca0c99, 0xfff, 0x0, 0x7f, 0x3, 0x7, 0xee00, r4, 0x0, 0x10001}}, {0x3, 0x7fff, 0x6, 0x8, 'system'}}, {{0x0, 0x1, 0x125f, 0x346, 0x3, 0x100000001, {0x0, 0x3, 0x6, 0x333, 0x7ff, 0xfffffffffffff801, 0x1, 0x89, 0x0, 0x10001, 0x80000001, 0xee01, r5, 0x969}}, {0x0, 0x4, 0x13, 0x7fffffff, ',mime_typecpuset+%,'}}, {{0x1, 0x1, 0x5109, 0x20, 0xff, 0x4, {0x0, 0xffffffffffffffd8, 0x3, 0x1, 0x2a4d, 0x8000, 0x7, 0x1, 0x5, 0xc2df, 0x20, r6, r7, 0xb0f8, 0x2997}}, {0x4, 0x8, 0x5, 0xfffffffffffffffa, 'user.'}}, {{0x1, 0x3, 0x80000000, 0x5, 0xffffffffffffffff, 0x7, {0x0, 0x8000, 0x7, 0x2000000000, 0x9, 0x1, 0x7fff, 0x4, 0x3, 0x5, 0x3f, r8, r10, 0x40, 0x9}}, {0x1, 0x5, 0x5, 0x9, 'user.'}}, {{0x6, 0x0, 0x2fd29ab6, 0x7, 0x7f, 0x8, {0x5, 0x80000001, 0x40, 0x8, 0x8, 0x9, 0x8, 0x8, 0x96ea, 0xfffffffffffffff7, 0x200, r12, r17, 0x2, 0x3}}, {0x6, 0x6, 0x5, 0x7, 'user.'}}]}, 0x3e8)
r18 = memfd_create(&(0x7f0000000140)='/dev/zero\x00', 0x0)
write$eventfd(r18, &(0x7f0000000540), 0x2b7)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r18, 0x0)
fgetxattr(r18, &(0x7f0000000000)=@random={'user.', '/dev/zero\x00'}, 0x0, 0x0)

21:50:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:01 executing program 1:
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
socket$kcm(0x29, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3f020000000000000000010000004030010001000002000000146e6b0000000014000000000000000000"], 0x30}}, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000500)={0x0, 0x335, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, r3, 0x805, 0x0, 0x1, {{}, 0x0, 0x6, 0x0, {0x3f4, 0x19, {0x0, 0x0, 0x0, 0x4}}}}, 0x19}}, 0x0)

21:50:01 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xd8, 0x484000)
accept$ax25(r1, &(0x7f00000001c0)={{0x3, @null}, [@netrom, @null, @bcast, @bcast, @bcast, @rose, @default, @rose]}, &(0x7f0000000180)=0x48)
ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r1, 0x3b65, 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/\x00\x00W/ptmx\x00', 0x20800, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000480)=@filter={'filter\x00', 0xe, 0x1, 0x176, [0x0, 0x20000300, 0x20000416, 0x20000446], 0x0, &(0x7f00000002c0), &(0x7f0000000300)=[{0x0, '\x00', 0x0, 0x8000000000000006, 0x1, [{0x9, 0x44, 0x17, 'bond_slave_0\x00', 'team_slave_0\x00', 'bcsh0\x00', 'irlan0\x00', @remote, [0xff, 0x0, 0xff, 0x0, 0x0, 0x17e], @remote, [0xff, 0x1fe], 0x6e, 0x6e, 0xe6, [], [], @common=@nflog={'nflog\x00', 0x50, {{0xa5, 0x6, 0xbe, 0x0, 0x0, "04e8e5903714f491c904711b113f68846d83ec896e5bb5da6912b9895ae6baa14384725baefbde4cabbad27196c965937668e7b91adb7ea3c43a84a5af0ac593"}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x1ee)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r10, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r11 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r11, r14, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r15 = dup3(r3, r11, 0x80000)
ioctl$KVM_SET_PIT(r15, 0x8048ae66, &(0x7f0000000240)={[{0x2181baf0, 0x6, 0x10001, 0xd1da, 0x80000000, 0x5, 0x0, 0x0, 0x6, 0x6, 0xfffffffffffffffd, 0x2, 0xc}, {0x4, 0x6, 0x10000, 0xd7a, 0xffffffffffffffff, 0x8, 0xc4e, 0x8, 0x4, 0x8c62, 0x0, 0x7, 0x40}, {0x80000001, 0x5b, 0x6, 0x2, 0x3f, 0x6, 0xfffffffffffffffb, 0x3, 0x1, 0xfffffffffffffffc, 0x45, 0x3, 0x8}], 0x400})
ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c9, &(0x7f0000000100))
write$FUSE_GETXATTR(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x0, 0x3, {0xfffffffffffffff7}}, 0xffbc)

21:50:01 executing program 3:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r3 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
bind$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000001440)={0x0, 0x0, 0xfffffffffffffffe}, 0x4)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000001440)={0x0, 0x0, 0xfffffffffffffffe}, 0x4)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000001440)={0x0, 0x0, 0xfffffffffffffffe}, 0x4)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r3, 0x0, 0x30005, 0x0)
r7 = socket$inet(0x2, 0x3, 0x2)
ioctl(r7, 0x1000008912, &(0x7f0000000040)="11dca50d5c0be1e47bf070")
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx\x00'}, 0x58)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg$rds(r9, &(0x7f0000001f00)={0x0, 0xffffff3a, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/73, 0x49}], 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)

21:50:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:01 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f00001ed000/0x4000)=nil, 0x4000, 0x0, 0x4012, r1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @loopback}, 0x10)
sendto(r0, &(0x7f0000001140)="13", 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001180)=ANY=[@ANYBLOB="0010000000000000000000000000000000000000a02af1607d07640e7337d15b5c0d008ac2c808f6ee870a939e984644ab3e01483ea9bf3b7c79a03356093dc953293647212b563acd468325d8abfb2153d611d1001b20c83e762f243d60cdd72de1c4eeef7494fcc8b2dc051031bc7bf1d98ebc5e38b2cf13750a478e2db49765b5f98d004c9e1e0234afd77952f984d8d58f1560a55c1945d58799b6cf974e73e79d52f80100000800"/185, @ANYRES32=0x0, @ANYBLOB="1d2742c30bac1fbb0444535897e3468f11f7585affd672894973e1fbf01645b2aef3bfe91baffe3867b5d34b5e5b9b5d3379579f444a0bcbede7ef8c4f384f0bffd7ae9ea229d315a0cd0196b6d9f330656a2e94454dd17a3b2c2139bc06a64da6b8e648b91ff42363f9ca02266a0c3458ff4d595d5a406a7522c1a13ec7a86f256e477fcdfb4ec132e70f81ace6d5c13bcde068c761b99e5a43bbee9540e21604c441bfb6cc809a1530118a638cbc77dee6cbc3e537d2370c0272a72268518ee655c62531a410b7cd26976a238e00bd421f41e7f4080000000000000008000000000000000c000000000000000000000088000000b5daaf4f1697f34556ea7d7168d475e5730603e75af8cc9192ecd385e965e167b29994889e6a37a38a17f8d5017372a53a5cc2e76844cf41ce32e078fdea72ead4fc25348d797ae7d7c127e206f574ecd1b2fc552e0f6e6c8a6bb0733493dbd892a178f5f5b7ef9ada4f8d1cc17aedad64fa84d22b23747ce98a43d175f6b2e288000000c6b0d821dc8d471fd8cfdc808c165012af989c141ece8208678babffd84b20fc0978b37260d242497994889004b71c1d012502bb8a25cc0c24e09273897c13db78718e57397ffd6c53d067f29b6d1b8ffc3afbde95f553b9f4b5460cec567929234c6000325e05239b01677eafb5284800000008000000b5975ba2bc158a926fe16cabe28c75a82f1dca68c89cef038c2d597796861d11441f7e40ae890b415efbb8fbc73154f02b21cbca8131199db1c49e1c4f1e10a64af6cc73eafc9ed0c2c3e92410221c683e5f7d625c609701efb8e29c99a2a07b5bb3b4b332030d1426529629181e7e53ed64f2bfbb1d45b8754775387c6d3edf69339bbb0419452c3f6a2e", @ANYRES32=0x0, @ANYBLOB="04000000480d00000815bcec58fc6b33ce5ba6f2922f9f2f3a690069682cd61152d5f619e30ddbdb4769614aedb860c2b75447193ca5b136a119c7614ea2b96397a22a9bcdd401c1f9b8402a4ae09bbd2066c4e46b86e5bedd4eb98e928e3aa766e359c46a3d1bfae2a281af58df6e8856eed3c4000000d1b0afcf7a2f70f2ee6fa98122cd2a05dffe0642b213d0dae2c7d820120726a3561e6b58a98b613e9cf8825b06de8729367e0209e382264c8e56b4352abadb83e896fc9fb94cf8ba14024f011d190265bd76c8bffebdb47392108ac8daebba0b3a502441f115d1a4351798903919b5044bb3b29570fe59d7b77b1ff012769218591ed6d525695e0b648cd6c055669664a5be6c2eba4ad141d318e85fc1d2459094374b9cdb9e1f0321153db5432d0b3c25cd91693f3a19788933c7fdbe000000201bba48e1cfb757f476b16439aca8ed8da70c35a867a76cbf4412a4d9674eb253986a55ecc72590e84d1630f9724bf0fa529a6bb18d9f1dff4396c0243dca2420b301cc794f2bb895f64a8c373bb88771f75c356667da415c7e77fb39744c8872f2254863b5ba59799807fcde92f0f9bbe6c54cdc2b4a5c7cdfd909aa9eb2678c4db4f71cfe70df64ba9c808b5b09738ae7d925c797958f65522fc89a01d19497420624401e92e9d5e8d7f532bfacb1f6843b8e662cc61b50ac561bdb07073dd7617c223a692b049b03edef03a7b15856d291bc2e73572843dce563d15f84536281733f8688df053ed9eaf691f0946aa9a2ff39206ba0c5f3de8b01e008ef79aa8c45ba8995079e1c2785bfbdf2fff31cda17660791f8a39afcda99e087997a43c4c39ba0b17d635917417dd7a7c3f50000000084273025f9517aed414b474209dd5f7547f8f70067edfcf782dc91113e5d59b2021a69f219e49904f0cedde2233ecc5ef760201b6ba65f13b859db116cdd790a06410473e70b2741a445764abe2523e147bececb0cd5bf4792018c85f05bdb9138009842f464785c523b0bd9edb958cc13364117b2337d35a898081347ab12e10607f7b2fbdd0f7b4b512b055a82e5792b5faf21212e338051590910205a88c9b1901e602f56de71d89aa45112a2ca4cd131c259455cde4a20472843521f35e7d29712a8e02a94f530e215d65cbf74a36f370330fe0c93904c93bb85eaa9e51c7205b5f7b192ba9d19dcc8d418863923cb9467b9f801923f3e9ef3c7358e95056eb999dd252b5cd1120ff260d14305cc2b9a64e569275db6120edcb08144f7d7ff7abff5be5c726de876c0b22df8a53a81ba725d69cb49d2b198bb6b8a2f7474c69ecddf5f7d4a387b070c2fa9d73265d22cd1edc1fe3b21b3f035719d5890d56ee6dccd0fa295e3845c26ac39f12855e164b92d393ff0af980bc37dd14aeebe33ee7706000000b6aaf4207a066cf47696c160704b02daee0d3c4be6eb20cfc1a475bb2b00fa38de1e04c1965ed552a4c8216f821bcbd76acce20d2e38ebc892e467c128ab7425784bf2dcbf85584476056480e890b71fc6b4dd930b5a974ddad0355254dd55276e9853d093e667cb20869d0a51fa9f82bd44ca351ea7aa43689623bcab95de64639ec2f25549a8ce1c8d4ebed8b70f21eec1a7799c02d07c2537cc5f58c4f5283dbe0288873cc7fe816d0619dc1d441b305fe769dd8d445fadcb795e0c594464295a4a13ff2f4dcb1526440226f7a0fb22e03efdb11472e1b78c0252cb3e3beb7d6cfa323f4efdced8cd66e743ba0b9a18bf166e640992a42b704a57d312d243e07e76eee7bc9da8e51e5409e344f53ee71085058d587f77fab89b34487c728cf98de9437e338487090b0f0116807241c700c042cbdfab8ab1f23a678ba5606464e693282aa6d8bbfbe790b8dcc8257e735c29aacd115306236b983a4b7dfd167bc59f326b18dfe2ed8e401178397f56748211d679c8a163f1ed6e317cb0a4fd3aa7d9105a58e81c47c172f61599597c0108742885abc70644747f8fa0b3a0f69e024b0552d1d67dd55b7673eb5d3bfd5e64578574d17987733022e3708622fdca6fd7e2340d28bc8264c7682a413332570dec83a3c84d12488ec5533acebf21275153710d31d29ecef4193e0d51f1e8bbf29bf2fe8c49abb48346d4cd538d5ba69f2d79838e80c99b5cafcc25e6e2a8c09e5ba5f47939e1781630126f83ec3368618f2eb9ef1cb5af648be54a278988f646b893f76e68f525619ce470fc5c40506a96a3c6270558c3a31a8f48ef5e8e9ea3d743c0356a558d45d64febca40c3149e8bdf54c131ce0c905f0fd00cde6d617d9f8d40a863c5cd0e5d02b5eef5ab576fbbeff57d8938c2c74013f99e202618057f43dd3c661754338a04db7c5b8228762ded747788868c9db8f59504338887562112ba2f64e2d86da8514420b08fdbb38cc61dc7a20d6edafc43690e9073f86af19426ff4247642ca72ffe4dfddec83572502265baa35bf15ce1e0888d97d936734233b4aa6ea19e713f75d9b149acb01ad8b00015d1e87b82c741d36c6978eabb5dd96bf85d56e0bb5c989f44ee02050384ff3f8c3910c6e14638b385122a095cb10ef8ecceca214642714c7954c632323600f2a1a744222f74b2d6e4a0fb5c05af62dd966961564746ff934632a170e7b8c1362351122beebb6e3fd424080adc72f0dac7bf268c085ac76c4127ead4c11ec1c42f6cd1dd0f7383282fbdac17b286cea0083b2bfd2fccb95a03840dac2ea9e9b6f861fee5eb66cc00facede5120fafec87dacf225d70373921bae4e27898c2a9a115270187e218bc4772512ec89058ebf2b93fadc0c78f30e0bcb1bd27a4ced0f1b8908d623bdc958caffe73c5df7fce96cff18da81fd94817f2c99243cc513093280c918125c9db1d70fae04358ea92a8888010a5ef34e63d137d84fccef6a01277bc21d48e69dccd29bfcef88a64d4d51d5c8d5191b15f8d5ad647e7a6ae3e197bac2e45f539463353446622430c24a9d552b8af6fcc740318a4028d6883ee3a632c611236d2ce13c07d0fc16dc32fb189b67433d5d3f41733d85973896610d8f7623b271528151f5376ea268b88d29ba54ce6dc27f70e069802743bb78aed3f8cbde458d77bc18e9a128e5efefde540b86a7d434d7300dc40f6d693175bc30968a3d5134a81051007d2beeb4c9348e60df60ce1a340f816fcf95cedb7e8318f8ed5b3bf00617143524d09a155888532770bd92dafe3924daf2751429d26f8470f89dd1cf1702c8090682bb37f6f578ec0aed7269577d4e41b2c33acb53554b37f663fd0000000007000000e4f3eead488ca76a4d47349bab9ad06e3fab0c07f1acc624b7f9a4a290aee3d8c1ad1f8d4f39593424d52d45ace2e4613ad431d81b85d0ad5238d034aaaa75fb86aff33641fd13826dbb0c70d03f0cd481151bbe34286149897511c56d9e46e249468f4edb599769f4e39ffaa5bc69a0d869aa2ed1fe76fde17455558064dd2cf21e56443d5a22268b8c0b034a8b120f9eb02602a51eb19690a3170532cd1949dc224f83efbd1745acfc155179eb52ed0d758e64fb31bc70429d5d3f3e1ce74754aa1f8b5323eb8a07a9611a9842d0ff43ff0e81b52556a8f9a7ff34f3b943960f289aed30621d75d542aa1d76572d0b47619006cb5d226b93f51bf574539e4c40591380df32d36f7641d60caaf29c1c16d1030a375162cb27169ffe9b92d72e663b947807098747224c7a23ce29d31f9ed4b7520e19516c90c18604545be71aefe4ffba611d902fa0a09ca26b82f942ebf1b01bb2031b5b690b87df0ccd2e957ace636c94fcfe7a649e6ee672d11cc04d2c2727089e3ef7bd8846d52fec1e8dd19bb34884fc886dfaa9b587dfc18db3b53001fd77046b4594b86e480a1b8728ebd0ab3e9d0c61eef4d0fd8a42b76452e03e2fdffa126f89982d4d0a89e78dbaa59b9f48b9c99e7fefb27dc6c0665fa2c0037e185732697802c3c24abcc128c0ee22531a075cfa8b7f29b5c4446023750bcc5831776db4521de594aa9ba246e2d57cf0f0e52c2b3da0a3768ac409227acbc3720b6e3b6dc3758e560b317a8cb2749f252a7af4e43dca603b7af110a70100d5c00571a4da565e2414842a51e50a16934da35cfb8bbbc30e10c8b61795b26e453036b0c41bdef7a17f736d0d4dde35d99ff9a7596d68a39da6337adc3c6e4187d654195a21b6740940fe9556a9de6e6cba776161d262cceacdf3b8134d59620373cfce54a9dba6cbdd5f3254bc1462a86742fa8a86d901a1283f8717ef093e078fe066ff56ea6405956a28889aae99708c0b39927c646c3728f3c7f28866244fca704630c780f44507fe2b9e9252c01748bc727959f5050dc60cd5ced1c6711424f938b8f38b2e962ee7915daaff975b5047ef8fb3604e33370d95ed8f535864e1eb21a29c6ddafde3b5a7ab517624eb4fc52f59c5756dd7a9ef4e027ad0b28220da50d19ddde4ca942e3435a7b6299bc2f0678e19b09908428bdc585d2d6ca69918007f671fb1de04841b5564d50c82c5106984349120ceae29660a2963b039e4d64b0a25947f439c42c5510ba2aad500de5da0a24302ef2d0f28697648b325bec890b2ce632453ef224e9f2e3c3e62bdd4ed5f834a7b426e48e22c96a80613c3194516e6efe48880340cb6ad6ad8a27423dc657abb88d2ec083c4549e7dac19794aa77893aecb30d57dfe5805901d8984e6dcf9ec229a9cde7bfb9514883c114bfc0debeedad7456d1275df7bd961c52c20699a7e75b2b21719ef6b08a3ec63a4a5a5f184b8e9c3ec0f523a735eef8ad9ab5c0228b200000"], 0x1000}}, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f00001ee000/0x2000)=nil, 0x2000}, &(0x7f0000000040)=0xfffffffffffffd3f)

[  564.883706][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  564.889515][    C0] protocol 88fb is buggy, dev hsr_slave_1
21:50:10 executing program 1:
r0 = syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x0)
timer_create(0x1, &(0x7f0000000180)={0x0, 0x2c, 0x0, @thr={&(0x7f0000000080)="3b1858b1ef2c35b0ffc956d90fd4cae3ffa7647923a348f566b745d56646f48d2eacb6af28e1287a89e818fc7c48cfdcac6fdee857ca6cd7a3bceced0da021912dea3e11f9a8788f49304f64be6d70d3582a17d2e4ee0d15b50e0571999fedc289cf259b4a27cf59ea9db40c469b692089031ae768ec89961eb11f422353193c2a8052dce6c219", &(0x7f0000000200)="289f087e9c58ce38de6a5125a6d40dec7501efdcd31e54e0879d32a128e59f33acc06029c29026c3b517c50492da5ff4b42abac9667d72751ae2d8e66b0882a18a5c6be548ed474189379f5b4ef43612bc19a2a69842939ab6ed42b8adb47efc32d46a223f1f170db214eca92043e60192b30d190063066aba41baa7a983a9ea488feb89d24dad7e2aca7535c09007363595761faa75337fd47070fc1c819939912e9fb9f65985ed5acf228f89f4ef4d16c121b5513ed5baa3417127347ecbb42f8cef5e9a041823e6f419795c4323ba349f35d9c289e73057dac8c4ccc6b26b0b0e3a9f10099b1d7fa8786e2fa1c897cbb4c9a3ac3add19380b6f7593655ddaae5933bc8d1e8a53adc182933fc3464091ea4edb63df444b555263e5ab88c5e55337252cd4a831f6c03add99564197fc3b754dbc6e50fbf2040e320b475ccf5122ba35d22dd160942a1c346f61c274a944417de9cc1f4fbce3c4bec1b5da254723d67e6a1ea925cc7d8a06da158d2931e7d63f5f1397ad248e7f124942e11b5782c211fe31c7a85f1b5cba48a11223ac5c4b8167778e5edb70f3aa6d7ea8812265268e756801d599036cf897aab8a9a1bca87d9b2cfb02f40e632373b73347c20d9c82e66c2078d8e58950bced1eb6b929a65e7ce5d51d70d4d5214f2a5c0c7a934374ffbdc1304ba97a7d11b9337ef74172552e2c3eb552cda889a1e9b889e09448fc988058aabb028fd5db4d37224ac8bbfa554eba08c864a76afb2289f396a55057beaebb095b1d3a4070fb6196ca57ecd613ee5e7757920b62adf241de4b088210b7dcf75315da6cfbbba1650def94450e4f0e5851b37010de4e345e3e9c484cbf1a429b572d2634e96595c3c69a4913b25289728aac69b02c2fbfb4c0d5f1480001f0395a633b5383a423a1d5cf813d8b777ca33cc242f443255123b4ad08c830c955bed0e7120f4ef862b5ba3d3c08cc27b8fc9b8b874624a54b28b5dc7527cabdba4308b408fa0d44b79e35da751bb58249728b321aa030f9409608fe48152f30c99354473b490ae2e03293410f0a631e75f04005bc1a769992526c0f26e12b4c88b22c1021ef371296d906a0a2b6fd4ed756134efd73b60a5a19ec51d7b81a945a67deefbd7e21c63f46432736da29194796eb6135e6fe0d37adcca2d9918ce71c897bf7ff0b7a914ebbd9aa00d125bcf2ba118b2049e28f21ff40bb48c8029b6d99abfe74f3a41d117a9fd086972822f986e6ac7f891a95ed5ba91ad26f3f87faba694be64749837057b1fc4a3f046e52eb2c5e726d5fca01f3f3f78ab60fb948dc3867de7763a4e8c5cdf8ee86b2fde9a47ab3abd0d003d387fcde14ba73ead0ddc819168e203a32745a9db2b586de54686897341a434f25d2f5b79c8719e64af1d2a78ed4e8d20c63436549ca7ca6bf286ec43ae5b7898a6154f8679e7fcb1f4a8a4471b5b121523cf429b8a47c57478aa63a734563ee46de9b133c259c696f4f2ff9d74d30a32811d216f83634ff6a77d8b2c4dfce4b234bc0d66aaadae6da78e295dbb3f7b740b5a50e142ec0b925d2db499f89ac634ad89c6ef2fd6aa6159c76131bf62530c6434a0877421d5156756210a5deefc7a605114420de55d7de03e104e6c0fa16f683260007a9822ee57211fb5748f53bc44fa3b97e5af7e166a50006cb6e2901300fe2873d98051e119a90a877bdc5980327621545ada0f49940d2a0e7953566c79a2245f1c60cfc5d5b8932c943bde0eff3494be5b3b77617afcca3eab7be67f0faa277f428fe958a86b4149bd2fa39f5c0104b2e7a94d2658f0f80d388de1a3e449f910134c537c8bbd6118a965bfd4a08186a508361379b503fae3480891a8d7bb8112ef1a7e5dcfb8249990847703a31101b2b2867fe93bebe13fccfc1ae7eb68cd0e1cec94fd71b7d9eaf524c8a0aadc5cbef3f7a496b51e2fd38d79c433c50783f24f04c42fc28eb7387d1007f49b29522c191d778b83464208fc6a52e0ee92c471e4af79c6dca6517ebe4cd32c3c225ff9193909eb861691106d1da43f79dfaa38ba416e99b77312150adfd4a0170cb2a4f403373b7bd98059c1cdbd613a2f7e8ad6dd09a7b80ed522a022a23c170b4f5b4314e07b7c7a6707a13c62e37a0ef938bea210962440e3f114a82c05ae4f22d2e03e24772c2ed928bff76e3ffc2b9ffd2e0777d77df42bb51a48cb1a23a23b34b741f961491d5ec9fabd18e71a4a5cb1fd661b6a003e773c978d0aeed8332559848d8f1d7aea2111d82da54d37d9659e5a8ce26260183f9f8b4584c0fd2aef46f609ae99a615fee5461749fc6fed67d706c97c2d3128c56429bc6e221d864b464c159bc912b22c2c1b77528911cc88e58f59141ef90e629ff5e12c979cfc097f1f930d2144f5f40cae29c0ee869d1392e524cb57094aa099bb334241c930beda1f54a2b86128b4d1775ddc38e4b79436d6d9189e919ce3ee38be481db24e618c70244af9e5d85d412251820a6e870bb9e36603379c9c2feb96f4f8a7dda5a6eee83cb87af634bdaad3a4bb2cf3d6b30c53421f4e1036b65505097790a61d8fead72d510be49802a51870b534cc480147a58717cf19ec49f2f5d8cc081bbf08b7ed74d79666ca6d22b88e0c0a990fa267d97de62788bc33ee317bbd014e4c9c4d47a7a34b536825681d7ce9791af64b029349762a47073ea85af5ebea7df692601d1a4321213c1c1d7cbb6535ddae993a60ba736b71474bbcb0828b059a137f4b6bff42400aea4e3f8c10c907f069fa165ba4808ed91ee0f93176ca6bcad34c079a99bb8075391e2e038f6707594d230dded3746547185131e18f52776246e3bd544e54abd4e3a5e0589baf26b086b0562be9eb279037470b9e058dce3cce7024f2ed51894e3dbc9cf93b34628787ee512046c67ffe1849b87aa854c239b68bb71f9a7d8b17a0807822b27aa1b024a856c7e0d5090ab9bab2c7baaccc300b93446c8602844980f3eb2f68bc361714f7c75a0e0afbd75acb71cad483aa59cbd292a60df5124661e4f3e5afabb93cee49ca54cf8f114f7f1d3fb0e8970d2b462af2448cbacf47a5d1395573dd0634daa89fd62884436fa878a39a77aa4d6902f82db7efd7ee55a26913ea55cfc2ef0fb1d9c85e51a2683a79d97510d1c632efb0e0200a3e26a4d80427107b633a5922ba42c116b6fcb93a9d47ea71a1849d94936f137a9c972763447cb934187443eb2c6316685d5dba47739bc185233c12ca05dfe9391b301d8443e5255ef4045b40616549be445ac3fec767c04b8cfda33651fdb5c30f3798b2e9c11656e14989dded529038290f280b8ec9366ad02ce021a1188b12dabad1580add1449c51b534bc586ba7fbd9f20696c8ad0181089ebbdf3dff40278f12094f59f2675f187811cd835d4b54c05490cc6ea0d6d3051c6ccd910f7a5cb63b9421425a0662d53552c9dc0895c5bd4bb81a8d702118be8b53d829604bdcefb1dcccb31319682434d1b6ad1abae1760aa8990aa9fa7671e1f7b5cf9817b99b50a8da297465e99ecbc7de24439a624853dd3706f2cfc65e120eb92c76d1437e838c54819f35fa78f3326cef42986d61dee6320050f3439a287c336986258b8683808770fac9a8d23a61ce0518479b7e45f0e8d755bffcabee797580bfef54ec993e22cdae73742d64ac64430d12a38465fe9e4cb5078de43806d8b31a0f4d40de2cdebe754d59180b3a077ccf2763a6af2186398e2920801d9c360b8640bf90bccdd0665b6048a9811da1f1416ca7277197a4d70377b483b3e0cc3e7c0424053b5c974f99c780ef0766f239101ccbed62d6404ebe05d326d5ef870fa468bd09565af6cc83fbe5792fdacf4dc940fa99645d94e9605c540dc0f2fae00df90b05dd28f7d764a4b50940c5945a1b9009cd93427bd537fed5bb522d77026c0f4657c3b0f1cd5d2fa029abbd97b68fff1579790a178e281ad9d10823b5486e401752bb047870a5acf0718b2399cfee6c40b1092a1d1fc208e60c00356fd005bc2a05ccc63359df0cf3a13d1a1ea1912b5f1f804312a175c98cbe07ade3557ab7dc15fa9a4669e0f68ed123ebcd0919a0e429e556669bd6c8811a45ab97060f61da657ff360d98e7d6a653423b38aa76b866cd0a9444c6a143022dde63d7c4e715f21b29f34b63c718b4c2091b6f641ff951786f4482bb547ca4ff222787aeb3dc87903e28411935a56885a9247f2b6a042b010ed22a4ce040484350f18cf8ef1d00da2b3b68651c074cc1e8d75572c61ba6095aa9798ad38a9d1750d57a3d578464562b584d6dc9ad30b0e1b0a809732cc9110dd3d62ee75ee2c7c84e7f7016beec75645be2aa8903e0da2bfd0cf034fb722fb540e216a1c1ed16940f332e7a807915ae3539284aba7b1d4de5ab36a68047de304cd2529a56b06b0f6479572d5aae2acd5c4b2d66f427ff1739d26eee818bafc2d9a965d2491b74d5654532fa52667a96dc761647f9abb7b14b1b04dabdf205668cbb6988b2858dfa9a3727afb581faaf277f3c0df4194cf41294a8ff2f6c52050ebe9beca56c452f945d0058f3f744465b2be780f60d58afa9f48a14fe4779a8a1b133bb3db7325919dce337631ff7de0537e0516ae85a1d600593b361841a5478bbafe054328adebccf25c5067f5bc2df9315f2e27b138684667bfa066a81ca30343dbb0c0a9fa952baee9553b22eb06a9c15dd4ef1e074cd2b038fc055225eb2e1e87fc9eff009da0ddc80e55954bf32b72c620255f96fd9b0ec2f1759ad3d6b88b905a67fadf4be1c6c2b1c0c82ed5d12a55c9cf17c347add794884e23edc363ecccaf414aa2a6bc0b67063bd3bf749e40434d951cdbe72542bf6f572f91c68c89694b8b9bf1ebe5b76c77b1ace689c1abc38c2c6573fe4b349ed91bd862bc93ecbc4c9d4842b297a4016b08f15f66bacce04d9c79af1f035f70e9b824cbaa008987fa29a5802200afa97cb4646bfb63aa90a5190f97d81c4439b9e201a8c22cbd9235398c6cde534fcb9a57cae1dafec82c8a5163ba63e10df1f268ede90558af782a7d19d4b0e232a588196a8aa0b5969e31381b3b4188e24f2b064c0f0eab78c56258252d1f1b60a2090aa806dc717fdefbc9bc8c76f5cc3f836feb3fe28bd9ab70f29b6ceda070870836d84f58ad952564657515eacb79f98f43d0a56b37bfa043f64c9cab3fae428250a568abee0b7d0bbde40a7276bf5b1f283628ce96095c611fff5cce1a0deac700b212e559103510fc5f7a4b9f501f71f594b0b3aeeb512e92dc5cba93be0948bcc7ad276e695cffcb8ebce0d9868d1a26041efafc18f07104eacf0373320496516291920b650822b6a5ba32d24e5a899c0acc36b2fc35b8fdf9b93a4b973f92d88cf420b5ed9cd4ca08cd9629e242c160771bcdc4bc92824ea45dff33e79c3067ac529cc4d1bed8ff081373f9848189ffb4f4a6b4f04a79a55eadd90fbc58802a832c628db08f74e8f9fc2e795797ba4bb0f091967085212476a75968521da7782c183914ea07d2212a03b3556011eeb1527b539b8845e60e5f0b4198b5cf35b12ed74f2c95949062fd986e5c78ab48d5759097c975081b0abe81aa503eceb0b4732953415c2982c0b5fdf8dddcfe6062d388cb70e96b9d0adcab5c126101e039236981de04b52046552409912747586ca98b11133b199d496e3479ec408cc8ede579bc3a3f66868ddfd2f54633a15cc5e3291d1c75b094bea7919fe93fc60b3583948ee17588611e71f7056fea705a6a3b49870c72393a1d0cba653a2b"}}, &(0x7f0000001200))
getresuid(0x0, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000001240))
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={0x0, r1}, 0xc)
timer_create(0x5, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000040)=<r2=>0x0)
timer_getoverrun(r2)
ioctl$SG_SCSI_RESET(r0, 0x227b, 0x719000)

21:50:10 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:10 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000000)=0x401, &(0x7f0000000040)=0x2)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000180)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x36b)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
bind$packet(r0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[{0x10}], 0x10}}], 0x1, 0x0)

21:50:10 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:10 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x223, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sysfs$3(0x3)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x84800)
ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000640)=""/4096)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.stat\x00', 0x0, 0x0)
write$FUSE_BMAP(r1, &(0x7f00000001c0)={0x18, 0x0, 0x4, {0x100000001}}, 0x18)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x44)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt$IPT_SO_GET_INFO(r3, 0x0, 0x40, &(0x7f0000000240)={'raw\x00'}, &(0x7f00000002c0)=0x54)
ioctl$EVIOCGPHYS(r1, 0x80404507, &(0x7f0000000600)=""/34)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000040)={0xc, 0x8, 0xfa00, {&(0x7f0000000340)}}, 0x10)
sched_yield()
r7 = getpgid(0xffffffffffffffff)
fcntl$lock(r2, 0x6, &(0x7f0000000080)={0x0, 0x1, 0x8, 0xfffffffffffffffa, r7})
r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dsp\x00', 0xc0002, 0x0)
ioctl$KVM_GET_XCRS(r8, 0x8188aea6, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000f8ffffff119ae4490000000001000000000000000800000000000000800000000000000009000000fdffffff05000000000000000200000000000000090000000000000001000000000000000600000000000000"])
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
accept$packet(r8, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000500)=0x14)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x12, r8, 0x0)
clone(0x80000000, 0x0, 0x0, 0x0, 0x0)

21:50:10 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x8000001000008912, &(0x7f0000000080)="11f0a505ba583bcb7bf070")
r1 = socket$kcm(0xa, 0x2, 0x73)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69)
connect(r1, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev, 0x6}, 0x80)
r2 = syz_open_dev$mouse(0x0, 0x0, 0x541000)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000040)=<r7=>0x0)
r8 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r8, r11, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0x3, &(0x7f0000000680)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0xffffffbc, 0xffffffa0}}, &(0x7f0000000200)='GPLz', 0x5, 0xff7b, &(0x7f00000006c0)=""/195}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r12, 0xc0, &(0x7f0000000340)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)=r13, 0x4)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001800)=r13, 0x4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={r7, r8, 0x0, 0x6, &(0x7f0000000200)='[em0{\x00', r13}, 0x30)
sendmmsg$inet_sctp(r1, &(0x7f00000003c0), 0x3a301e0909ff6cd, 0x900)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e21, 0x8001, @remote, 0x2}}}, 0x84)

21:50:10 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:10 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='clear_refs\x00\xb0Ix\xe6\fK\xa3/\xd7\xb9I\x8ah\xf2:\xc7E}W\x9f\xd6\xf0\x95\x02\xae\xfc\x84qK\xcb\xe8\fW\xafYt|a\xa3\x16\x19\xcb\xaf\xea\x03O[k\xb1S2\x86\v\x9f\x14\xc6T\xd1\x01$\x84\xf5\xc9\xd8\xed\xca\xd2\xf0s\xe0\xcaPx\xfcd\xd3\x8d\x1e){\x9df\xa7\x14R\xb9,\xaegV\x96!n\b\xf2\x1e\x87\xb8\xb5M\xa0\xd1\xb5\xf3\xb4\xd6\xf8\xca\xf3J\x15\xed+,\x98\xfc\xbfX\x12\x97\xb3\x1b\xea\xea')
syz_open_procfs(0x0, &(0x7f0000000540)='loginuid\x009\xda\xd3\xc4D\xdeJ5\xf0\xfd\"=\xb6\xaa\x1e/\xddc\xc9\xf3_8\x9eFi\xe0\xafe\"\xc2%\xbb\xb6E\xae\x9e\x0fF\xc8|\xd4M\xb4\x91\x9c\x1a4\xab\x1d\x00\xbbAW\xf7\x9b#\x91.\x9b\x96Vn\xbf\x93\x89t\xf4\x8dB\fI\xe5\xb3\t\x00\x00\x00\x00\x00\x00\x00\x19/?G\xc7\xea\x9a+\x9c5\xbf%32\xe8\x83>\xfa\xb8L\xde\xc6<\x1fs\xe1\xdf\x14\xa2^\xd1\xd9U\xc0\x99$\x8a\'\fx\xa2\xb1\xc9/\xb4\xfdp4\xc3\"\xea\x95\xce\x10R\xa8p\xc6\xdf\xc8|x\x14\xb8\xa2\xbb\xcaG\xebL\x90\xf5P\xc5\x7f\xe2\x97\x1cr\x84\xc7\xba\x86\x96k1v\x17z{\x91+\xe5r0\x0ez4\x12E\xb2[\xb5\x94\x00\x05\x8b\x83Rl\xd1\xec\x89)Xdig\"2*^\xcd=\xdf\xda\x83%4\xe5_q A!I\xbb\x7f\x9c\x13\xff0G\xc9\x92A\xcf\x03\xaa\xc0G\xaerd\x11\xe6\x00\x00\x00\x00|;\xb1@2\xdbs\x8b4Pk\xc2Sl\xc1\x90\xd9\a2eL\xef\x8eGX\x8c\xbbA\xa6')
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000000)='trusted.overlay.origin\x00', &(0x7f0000000080)='y\x00', 0x2, 0x2)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
sendfile(r4, r5, 0x0, 0xb8c)
r6 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil)
shmat(r6, &(0x7f0000ffa000/0x2000)=nil, 0x5000)
shmctl$IPC_INFO(r6, 0x3, &(0x7f00000002c0)=""/232)

21:50:10 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000006000000100008000000000000000800"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:10 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
socketpair(0x0, 0x1, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x80800)
socketpair(0x1e, 0x3, 0x0, &(0x7f0000000340)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x127)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000280), 0x10, &(0x7f00000002c0)=[{&(0x7f0000001580)="276c5bd6f0db828036f59b152925d176a9e51a4722f8fd829657ff48969c3c5f309ceaf42e7b242b7fe4fa128061aec9827004000c31fd9e31cb1c79990c2b89045ea4dc3ad63a775c80850ea10827e8a40a6c8b5fa7cc514639bb99f13c6a3d0825a738a1a53433042c75230d368c95f8a0b5562b58ecf50fd78e5def7375cd62fb5728535bf371b2ffc7d8058398075e1d0a7a4451395c39f79c26b7287cebd130de7737e77714686b9d67d87a3cf8da02cc70fdc99c1a7c916ae542b9d5baaf1f9daa4fb845fd5d5cad2073a61ce51c345150f84b3900997296d55c7d394af17b01d445465ef377508a1a29a5d6b03b0da22c973f22814fb2a802d50fb1f051e7d95d53d598a0599ec79cd27123fa1d13b7996609d4548e81ef7b1e8de8f32593ef46c3081ab55929a3c1cb1fa28a485518391a76b7b80d5941aa42222cb6f25be29ebc938af75971ffffdd4dea114ac37f38e69cb670020a7448d99b7b5e3d09bcf2625c94d6599182ce9edb0bbfea111dae3b1c9d6cd3162ce0aaebcdcf22a8d29dca0d04ebf5944168f398c500915579070586dff7a2ec6d345d1f69a8c749740aea0dbb2d30c9f7e3afd498a886c906fe09a83322d8e94b3ebe288ec1601e6a16122fa44191b6b3f5315eb0b35cb628540438919b906502eeb7cacc7d15753e456b056e6145ab65ac7c01253f3c5663495a74a0598feed07436a72d3ee1185d0fbcf89e8c5d449e0216cab8110efe923be24366dffc65bb386e7f015bb40b6fd9abbf7180b217f88d99f168c113f3ff187c202e2ae32a0238e43af612678a44a3d8373b6dc6bf820f8bf73e6411c51152f51993c66effe25c6e72a3127da6996f13691ded659e1f9d6eab1124435750dfeb60de2b2d59d9196bda3a3c5cd5054b2960481d50ce28ac4159b54f3f26a9decfc8ab36b6110eda741e21c95e3631b3de40fd3c7828fb0e3c85070eb233d4d4b1b75e0167ec62e81f1a12a0cd2e02a7a43edb384e4d0d59744bbe86611575966efe25b4191f14a368a72c13aeb4de7caff7a9439b583d08714fd22a9b1ff08297a562a859e2d21dd4f8ecf6701bcd9a30d28909c52c56a8ef739f0841ae895ad858121b1ec82ae1bbec856730aba8e2f42841c33caa862fdf8b651d90055b6725e5bf0af348ec550ad23c5a3c15c7455fdb13a57a6e452bdebbeb32200ab7dce3fab98b206ec2571e3de8904bea2265288dbaec64359cb5cd926dc025343fff78e7bdab6f541a3d2b569f37b8339d14e706163854d01ba5380d648391740e1fc2e118557692796acf6e0fa8ab21c5657259bf05a8b510eb285f306c8cdd6e185094b0ff46ec71d5a9b8e344176f263730468db893eaba00c32bdafdb1ebdc3ec441abaf4e7b2db744411ae02f33b340a373ea1a485b88073c2da7bd6828bbe4028fef4c30088c9b28daf899741029da8f52d2927250c582f16ca173c0761ad74364f562f3106a15d17d34ff27abc49b8a7d9aa3d2d2bd5c406c9fe21e59ffad1a85c3d1283f983efaab087a92ce4bc66c934605b658f56857301278b09f5e22ba0034a3944ae27bd20cf9cd4a7d1973d4818716d0bf71d922d74ef68ede2604a98f6db652206e0a34ceed21cb950eebbee9686fc368e2b42f9417b22ab84c1a341630f962560900e02f20cc0ed618e657fe4ede15f9a105620dd2206dbd74ba7f061f2d058a127f5ecb72ad12264d81816d82169d668adf80bbdd279c684e11980f72ba126d0326dbfe6736d2b737069e0c5efb7e76276f10fa915907d91282084fa9a12c5636fd265ef705f49adc9924ffcc68742b17c9212fe8abcc49e4db91ee543a7fd438e59d030d6fa1c31ebe151f9c44af0069df608f0395159c41339aaf31b4c3e67526036c7f4d96fdd5afa5c4c85f2a6648098dccd6a49a8250e26bce3ca0e78976c961432783947e3a8ff5430af9cfebf3d2ee72153b7bd4d7f2cce79da6defba02cc5a73f7fa137c01a2cea52a961d9504d959aec7e2627fc33d07ef45bb8afbded876bee54c7f2feacf548bbab68a782e7bbcb6140d6c6b3fbe1108a6f4dd750c0424a9e1e0b8f239c4739f28463a23fe011cb8c98e25126c5693f19f16ab8a4b6351ff2955a397c3618ae47c78b2d123c334082f9aae0d7f9e7b761d58ef7e1f6dd20a23c7bcc3e84dbc75551573c425e5d56ca84e263b22c2ed5ff1255e500c1810574ff1af28114221fa6e72439d5fc117700bf5a7e01e2ffc0cfeabfddb8ae217a7033c9c8dce5a685ca7a0f4ceeb153ab2ae77652e1d73e9510f868b70270e386664ab4c45ddf353e61aef1ac0c673502b7e7faae557df3eaa5fd0a3a00c54f23723ce6406f616f678b6f789c57e09864895dd8a1e5da9ff0bc7be9f9174af99e157e4c71ed69c71783abb3ad18141d99e49ef32614b8ac29eb50f64b2355f4b599acbdf039877d68275a2ebeb0729791412dfd3194cc2cb4f045a4d2ac74afffec582df03ce4afd2aedc594c6cd34a4cd21d4ea653b04d49a8aa1e942df36b530c90d0c2c62ef8369677ce2ffd4304b0410ff9ef86be8afbf55adc6abca02acf03dcab2fe5339ab0eb9d79dfc4817c5e2c10676904192395d9b8552760b0fa79add2769284a0ef5ebc4d61e64dc9a8b2d4770cdb4be4345026f6d04549140f4bb01e8252eb06d70afd84247f8023a0cc31329499a0efcd8a79e0832992a96b437258ab186c6a9c8f2e55fe7319605453b888d928730a11a11b4f56eec25b4c18b2205aad508a9f6850e6e23103a517cf43af019d54593803b76a3529777a58441d781d2eb509fcb723ba3be91d12c809f0148095e2066e1b0f0656ceeb751ad610e265bd4bc1b67f5e521ef420420e9b7e137f29240d63a42d678c1739f33f39a09a0f4c5249f808f41152a07ce9bfcc94e35683bea83f82a5e34e1fef3f8ea2cf4c9f1c8ccef87d7f58fc1b4ace6cb667e62ed1f54f72b3a156551d96f9a16ff4864ae3a01dc86b5c65e6676493f07d7257b34d8c6c5851334a4542dd2bea4aef4f444b5f26ac89a27e3313a4a66bdad09382357f1adbd61d526a2541022814cc4b2515aec30f74729d1a5826a3206c02ccd6adfb6c2b6c7aee33b7213bdbc5878151b50d1a8fdc1b2b9b44a01606770028723c848e1faf60b89de5a2e72b7d19f7745f7c89989ab2a8174291ad7d0f2b172672aba9f4a1b42df53baf6d353b45d755eff7526efa8a87a2aeaf84d9a434e8844a98eab172fa474b353f19e1231aca846d93eb24e650e015a42c578d23d794c02304ff72e358ea5c75f6709e587951d3900b3b1066ddd4a2fe9186d0cfcfcc7e33e9b882e8c2242ba990face580f94d66bb6a5212190fba3c1f1e046738c422d9e94ed6671157af9145bcfe7fd0d431a7a7c84a3eec802794286e2dc2b59e93fcb09ea22a1e47ee8f0b3cf756fb67bc3676819cbc67396322ea6be61552533b52a2fd258e82dc7c57a09211cce3e785f5b4deacae7b9dcd48080c9edb03d935c9c9a426bb6d3ec71e559af61b796827b5e425c991d3485381e0842b35cb0ad91154f4a13117b35d2a9ebfcf0ef68d73093dd483923f7b3a00e9c04c0eec31effc9f908f38949e1766409fc9c8cc48f95d4d537520159dd794edb56e824d31c67d9c7cbefdb51860a8d1f859baa9bf5c2752d00b6969e94d47a88be798f6df9e6b5977a56206c33a38e74ac5de0b23489c9f5a037e13ae0194beb9f954c6b8ebefa78194a4e891c12ddb43019e60d9b8e7fe78df65a83671b76fd1a9c7be064c6d822bb0749d2162168821484ab78f906cb990167a2f9e19a33be2086dd55e54cb8b6dbcd6d1cc9b4c828472d55db6f175547f73db54d142f290ef99e8e26f2c6ebc7a53bfe31fe1eb2ac6a13dd0081debcc346cc0d3407ff158bc48a314a18b7fa781e32b66f9eaa792031567fa8d5c33fd85ebf85af958ef84c0c69f2bc3f842bff08b4b3112a6ac24a78c9476f15d40de489e50fb5e426167a10739db436cb1a63f5e7b3baf7c21c3506d3021c487ce4625f66a18468c89c3a9c94c7c1c2676e1f21a26bc393cf83e7bdf9bf66c2e9dd080574e1a80fe152124e5191c9367f22b4a712322986165964ccc2b016f0fc52e69d009a2f9fc13f344153f17bcebf937f59714f44dfdc11e69c7216cdb4f4d2143222e41d7415b3ef52e45477f62def841cea29c6258a2a2d8c7895712c51025ed7fd5d68bf8aa5a96fbbba98090dac42ad69522f47288af9f6f7acd2406c42706a940300ab41a59488966dc63f4ce8a6e6e7b18c1cf7b3e5013441ad0d7f201343e4a64da2cd513782877cb35d00f2113147ec4d7410971968daa76b1b9ad115c9ef6e8fe6abeb8b372806dbccb26f504f3fb8fb26c97fc6dcc7091f2f940e76fc121b39f215cb5ee96383b0ad5dcb2f7671e1d75612b3992a8bfd9ef25545b75845991f64a26c87a8abbdde668be3e6fb8ebdc31e73eb4eafda15215e0b545907a86c0fa3d5f1af4cf096cd7ec9c31dd57851203a2ce0c4cfecefe63e43ec9335f00fe3195965d0602bdf0fb36a8b4c6a538f18c002895f4d33968901c0228fbbfd250ae07075c9c3d8e3233027ca1ba82586797b9c3fd5c256c9562789f4393908ecba4bbd26a49672d71098198efe77b3661a2114c3b919330e67cd0ae6e90d88e1922750b6d36bde8926f9c635fbe0b1016f016af69965d762ebcab348ea4fe695007c9e1f91b8f7019a3206627751c8216dae9857569f152888ba8876b51d5d73bffb3c5544500e1121d72a0d2ca9b382bae36c36fdb5680b5973ec3529eefc2077654f5ec0021d473c221d544d6c0b56c48926ece451f01bd3b2746f6ccb0a44a2e934eefbc24c8f4ced796e4941bb6363d2bf0af8834e0dde49632c228477fcbae8d6667c5996aeb14eac620e35a1b3a3b29c4122c91f92a2f9917291c04cfb9ef91215d8b0dffccd082474c9a2ee26ab2139d4428c74efd41f820d671b4255253abad18028b4d19715ba084eaa884dcc975da4c316ac3f8c056a2dc1215bd1db2fd504169e6dab0494bc8e02d4374f061c517d424b0050b678fb240df83d19c0f9a71465541f706cf976f6f653a216dc290698158864c941067577cc0b54c8ccae532de0ec0ddc67d4a22f5c9dcee990b7ae21567991bb1fa1f83d51114f00248735a3b884311b695a65fe6671db499588fd69c79baa8962d6f4331e3dda9b3d7075b2240d58cbe88521c4bfab84", 0xe75}], 0x1}, 0x0)
r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x80, 0x2080)
getpeername$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x1c)
ioctl$ASHMEM_GET_NAME(0xffffffffffffffff, 0x81007702, &(0x7f0000000280)=""/101)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0xffffffff, @reserved}, 0x10)

21:50:10 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000006000000100008000000000000000800"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  573.569378][T12252] debugfs: Directory '12252-9' with parent 'kvm' already present!
21:50:10 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000c740)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[{0x10, 0x1, 0x2}], 0x10}}], 0x2, 0x0)
r1 = add_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="4d7e5e6ab5a601db030a9309cab56f3ad0cf26f60871546a4d9ba7c00d135608b3d8838f0d4d6d7c4d9ee43df0e167b9b7a0f2ef338745db90850578b4c5c01e5b684958984c71696a1371bc4d124f7a226f2b71d30c41afbed1a92d3e18f81fbfb033be45de365a7b1f5d43c31fdbd5666d0d202e5b5eed3d4fe6218c7269095f4076a39d5d0aec1ee6c17335375bda3e15a022ad6db6ddb45615469bae664830f313e1158643a1c9d34c4b4a3dc2e813c3e4f2d19f951019162915e085870d8dcff602455b627720f756d06b976345181fce730cb747c24679", 0xda, 0xfffffffffffffff8)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000180)={r1, 0x4a, 0x49}, &(0x7f00000001c0)={'enc=', 'raw', ' hash=', {'sha256-ni\x00'}}, &(0x7f0000000240)="c2e429b81be03d54f4d7c10f90e4b69bda104768980a062791a9b16541277cfe0a0b2d79f25fdde548e0c4c71331b2da0d87594b8b2b982dd00e19ad7f9d5f975e3ba57d22ca23ba0714", &(0x7f00000002c0)=""/73)

21:50:11 executing program 1:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f0000000100)='y\x00', 0x2, 0x2)
r1 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ptmx\x00', 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000001a0039b400000000000000001c000000000100"], 0x24}}, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, &(0x7f00000000c0)=0x6, 0x8)
dup2(r1, r2)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000))

21:50:11 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$VT_DISALLOCATE(r1, 0x5608)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)={[{@type={'type', 0x3d, "b1a8a8b9"}}, {@type={'type', 0x3d, "d12c10b3"}}]})

21:50:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000006000000100008000000000000000800"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:11 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  574.026492][T12289] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  574.028819][T12287] hfs: type requires a 4 character value
[  574.057684][T12287] hfs: unable to parse mount options
[  574.107758][T12289] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  574.183100][T12294] hfs: type requires a 4 character value
[  574.199488][T12294] hfs: unable to parse mount options
21:50:11 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001200), 0x8}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="fc0000004a000704ab092500090007000aab80ff0100000000003693e0000100ff01000000050000f5b5000000036915fa2c1ec28656aaa79bb94b46fe000000070002000000000000006c6c256f1a272f900e2e117c22efc205214000000000008934d07302ade01720d7d5bbc91a3e2e80772c74fb2c000005deef11a822c9afea7dc2add7f671fd5a32e280fc5993f0d7d7a2897a010fbbc2268d2ebd83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bbab2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d09b0350b0041f0d48f6f000008", 0xfc)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
write$UHID_INPUT(r3, &(0x7f00000001c0)={0x8, "73da791ac9e8151a43362ff0f6c3c1cb1eeb12d08dcd5a6ead8e668c16e0d0acc19efe461c5eec5c0d2d81d2de058393d0e221d249ccf872e5abbefe8ca9b4ed22dccee45ae1cf5400806644fbe50a298bec26696b83303a1d5314dfba6dd7dc43fc95f959004cfa6e3495b5157c2aaf5c391335442004461093ef34c3df862dc3219f99216d56a9135f43f96e9bff3ca5cdd1e2ac7568eff777425ffadfdaa2cd41c590f6924efced657fd648c1f3cbf964172e59b969d9cc3ba248dd4bfdff28c37db852e71e58746ef40babbb1fd1d7de63368256c56c52bdc3e9bc2e1df3462fc6bc5ecab7699bdfec873a3607d7d924dc09e59717128166ccbe7d90f2ac5cd2227bf5ba937292e129a69c445b90779c120e93f58ca083f890a1056ee2e5d4aa1aa76d16cdba1e5224a43564a191e417a9f629b99b79685c604ed6bce25c04a2d41639fcb01a9e354964d2146aab214bb8361db0a0aadf20e0850f2a49c6666023aebaf28beebba303a8ab60577be372f7965761b0a8e16cd18264353de2c3446a04b498cd748fc918fcbb415bf5d61a9ef38eca394b4fc6c1f1347e6a98b7a3005c91157e14010c66d268e333ff1da23e32f47b745f09b60cc6811391241a76aa95fc16ae18020fee113a6ff6b8f1c77facadfa29ad7e068eab42473db260b12bc39cf7759f83f8d644535d8b3d74d4ae9e7256c8328b05c16e85bb7d064a3ce5b27803934d8fc0597167ccc74fd368167195b5e7d7ffe9b74a883c0b32bb3725700be7efbd7910f0a477164df9f07bfd5bc06c6dae804339daa81be3568dd1658224a2601391c620c319586208e262dd025b5e4c0518edc697a4ccd2de859b66811e32cbe4e00f11d749d0f567b17931b07c1461397c223019897c0c191ae2b913f544bebed6623faf87e7c80ec5e517b4d0ac0bb3204dc8a4a6702f7ed1a5fff9d55d1e39ccb60bbcd63ea7f585dd0c6be0c14f9c6815ec203f3fc076fcb39b98324176e3949f6b2142acc3ed5e2eacefb6015dbeacf243b2f0c19cbada9161a01a04a33c0dc100fc464283e3803293d83805e76d17c657d1242e00587f3a64a530c152b6970adb09307987776a616a3f6be1dc6089310936bd64cbef1350216858b40d5b46f3f46305a80de3111f6ea7c7d154417b3cf9add2940a9429b7375c2678d6088d6ccb7311b0f3bc7b6ada4b193cb5e27a5e849e540c04bfdb05ded2bdeed0dee7419363dcff5d4a7a97a9f976aad34edc71b016462bb6c912cc209ec74acf7f8ca1c7667d2b0ef030c3d8e2cd90bd261a36b0166c6944cdb099fb50b080c7a9e86ab29ab8101b50ca89db1caa7507fe5aad3b1ae620050e56a88bc75d6cb00b406bbe988097bba4e9f34af2f9e3e9584f6521cf56808f8632c83360878376ec88c4eefff34cb672d57884ef6a5350f202ceb3347bb1db3b87808f24edb71ae87a7d98bfb5572e1efabd6d5821a5215c6ca3d15c1dc19da2ed15f767551afadf70774243a5b41dbdb793fccf6281628c62d49e37ab435a6e943ce20a9f3d71d83952814d0b5ed27e68d856aab2efaa610d4edb502f8fb63df8601c524fad8a44a2d3d0ec6a1b5bd727f1767487a4c6cfc79e8b1c9fe83118819f08b5e165684c5ecc15282d9325a7440f28e10b34f84fc3c57b6f8160819bc19645fd852da44fec3afaca6ece7227308d9c57aefc86df96ae0156678aefa0ec300bfa4f7559e70d6b8484ebdb88b788875908dbbea62d2e708547148db0d586a2063f36b8a1bfba8f15a8b71f8f546b497c040d9237973a5068947023ca8817d471594c888d1ca80d8a897322a6601893eb6fe63d5383fe669ed8ff76ce2ad19555a0999788b5fbd8c51409e0affbd19a04ad68b3d9a6d2b4293305426ff74e183317d305be6f4e62d1e57a2f27dba028141b1087aa889e9123a57c0cb651b9cc7d876c05a5416ce8580bc9b706209e629f87332c0d1376ab0a8d50360b6f284859cf2895000cc3bb0291c4adcb4237ef47cf8635a7e489587ae8bc37284f5f7c6c4e59e13c86bc8e398d20741dfc059ce15f393a101ead71d84ed6738e4e2c0e605a457fdb6d212a12de55c4d46938962981a522c33559be82cab0a1a59a83a8252052ab3e32cef5d60373227de1995e85d3d0f4dfbcf66ba58112fbec3fee67992d85d53c1f01ecea21a58c749412f3f11bcf5386e7c9e42870aa7831fc09a45b49dc964994efbcfe1e70ba1ab71d1c884f8383efd81b1ca81c949867e1c404fb8c31df9f616ac0b31d7fbbb44470d2089d6b23f8c03e01964c96556aae5b2f4c02d22a7025053750d9fdab2bb10f26259e2d8d6112e53d4575cd6659f43695c9f5a22d0c7e8ab9efb0426ef3c3022417bc518b2262e062f3add51f1b607f1afae70cf70de1360ba686468fb69027b5271e3d03424ad497df691cd6b1155d21ee310dc37fb2f27d5d436a324bb63fa382e7fe0c4ea20cac46b1c687dd5608404b0be70e6f21026ee6af5ed648e9aaab8a31544afb01f84a655864f4be3f77de5b0a017443cbf7f035135085231ccd8bbe48290bb4d2ce024252ab942c60c51dee4191283b94534d69134c332fb98462ac370882c47704740413ab218fa059245bbf072542aa6730c5603b23ecd32a4108081f6876dab1d35523404a44cc19e22c5426f83fa1cec88b0a6f3db58242479f333f26ad6e8ba310504fcbd5fd4764c6bf35b5435ceaab514e567c622a8e3b4332a87bd4de32b4ecf4f2b16641db363cebc10ffa70c5b1476ddcfcfabc8894360b6eb77fac7259b02392fde16f5da53d9423e245af322da3a82022f75078fda9225d1bd7f65efc0bae7975a273fe9973ab7dff18125e0e3e0b5e92ca15465010d2418ef2f97a7d57a2e78626a76616fae31291d0b79032d785cc81f1c3db593e95451192f13dd03e0c86ded34f2a2de504c70478d5fde0e1981780fe65f6ef9f9463545e9452d51819b4f1ceb362aa82fee246b4926ddb777736290228ffdff72bb3e6e239150cb2d85c2763db3ac46e8ddd5b8877c69cf4fbafb4df56c00bfefba8addf0985f7393582a03abe269d907bc989ba9c2b8ac2800a6982f319cfb34a42258e5e7992c8e6e7bd5e272f89c7751148dc3e9fe5d16bb0a7f5d613e3d3a70fbad039715cfddec246ab56ecd5970935dedc85e3c333aecebdaef09582436a2284f52bec78a3710f7a162de642f24b50699962af4dad4d1c6c38a5981655c5369f62f97451bb132a7af2493041371dc94e6f290420039e329d164e5d8e3537e655dba54f6f9bf35c7e974fe5ca8a4b59c4c4856e9b13a83ed19413f3ad15e41016a784824392a71ff4d706a642fa86a2d3766103388476f0fddb785eecdbd748de48adddd234db6cf46979075ae9f99ff7b2d9294b20035e7f443066f90c9899922e577a09ee9f90dc15a473af4c8f24e4413257ee0a8569b25abe21d2d498fe8d00bf112f9e6ea29a0adc17758fbb7085d0f68f3ff30309d49088693891e7de88228e11f40912b6f4740fb94038fa9f4f5b9f02fc666d1c78c8ed9d8b08d62fe34c6828f3138279a4baf5545c42792065e1dfd63ec7f9ee72a4a46829759bc72448cb169b429ffe83ad14dbd40217d4310f27abbcbe971025367bde664ca5d449fbe283b543959b130d73f39a22581a2c050ed2f318bc1653ce0f4c8eede76630ba22817a498c1ee14593ad665993e329280593c04ef039ea0a1d57b6153b1595ccf0de5adb6cfc16a5418f59d0ee681996d9dfb558005d5eb845d345ef2e0b32e8efaa6858a7e231cf6f5e4cfdd39d11682b385ba205208e420c931243b0e4837993086f07bf773765bd68a4d0b7dfb3206d9b88a7d597a4c309bc0fa042a152bfe50342184f2b6dafcb4cd7c66f426600e92b05f0b9c7954a341ab73be0a77f58e0963b32e80d5637ef8b2e07d260ea8077f3ea741debfc97d4c508a6859faec35a729f24aeb64c99d42e309f87e4a362e7b1e807f247f45ac1f8af7b11d2a56a8183a99b81debb7b2250756f8283b1cedfa5b66312534a03a3f6360544dd0f57f186756527362c80b5513fda3d51ff9269702ec766f95686ddaa032b903245239d574ed4796a2c333a5f8ed4de8a85bfd111e1f90d09136403d0c490b74444bee5487aa9b47ff4ad9d105d9148f3d0b7578bbd1197787745c21c73300ee94596eb6fca03c2faf795e84f8e99e6835ae47ccb8de5f8bc52afc4aa437b19952860fe40cf6413ca011eca64a508403a542ce831234576ce6f9e16c458705f0271be7af319a58096dc3abee3674760c5e8b2afcea0c19c9b681558c260c7066060aa91a7925916b8f5d9ae4954c3160b6fa5539a65a22d8247d4020cc0177d0f073274dcbbfabde6bb03130130a91b602d446d7ee916b7faa6a919ae594c9f66d01af7d3b838ddb60e3f58ff39b025a9beef2e2f4d6e539adbd1e9dec6dba16299cba905b2cec6e9a66b62b1ac1b00c2426dce5916e6e59ea1a712a0ab34a92885674286557794211687579df21dabe3495290d96137bf074e03fa2cfd45f779aef339d1d54a2f78bd0af22976071438124b2aacbebb3dac0415ec9f64c9ae7c504bc3d7a7f9e20e62943f1e7a32e4322b013fb398d0c1728246f11054d414732244d6518aca27a89ddffc62c22c0e716a9df6d6951fc50ed8e9ced127172be33e7cba1ed66039d301267dfc9317a6b980ce451a4e67f1bb7bff95beea976569ca55a895b2b4ce9b311321dad22f5ae40ff05d7acc75c15331f01ecb3c11519ab80ddba9b1d2240e31963448b62cac89e6480ee147d624d94de20460a6be4fd46d1962cd54fc259f33afff197d4dbf45c4817c910ca515ba436763112dbeeda62dc3f077f497c4a01ac4f887102eb85bf7650cf8e967cade24b97e8ea237fabb3b3ad9063e896dec88035539073b97f70b186368983c4386ff9bb5f65506395a5bafa27980372569e03f747a734254333b215da5d0b402f672656404ae317628f1114aba5c4c4fb52020564fa29dc7e42b79cf946221439eed5ffb7093d1155308560dc0d95719bda3c1385c6b0d9a86c7bb484704ce1d8b83c6d0c178acaccf197f0f157e6231f2da46633bc62ad1ba95b386ccdb28833e3947d8794b3132cca28ae3771f4c0b9e8df0d485129dd63a4c67dc7c6a4d6d8c238a58940fbc8c0d3378efa13b5e8e1ab3fc2b5824bdc9be79c1b3c770827e6d7436bbbf31fb5dc677395d388cc98bd1be576893ba481e1aea9a42d98eac916b4a347251d3af948876ee38c530c71dd81e7db9b73fc8e1b8ab6a6a2775912348bd71e11c14a99d31c2b41d16365e25eaf2614c621156c97cc72908b85f65d6c710f2df20af1c6bda9a7da8b21c65d5197dca0357215a15bf7a82eaabf11b549db91a4d5394991676d7644ba4df929901a9e0897277a809279e3202cb7b16041ed28f609c261989ebd28b93ef41e7dd7f20c2e44bf35cdfd8d05932a7e540d5b438cc57b80fdb9ef4fe6c04109603d0201d35aa9aa659a29d6998607996e55be4875bc2fb9c3e8014b60786b3dca4206eb3a187ebacb6750ddc79923e082c190a1949ba15f08a2694132256657c3f1db08095118def8bdf6cb7d5b32aad4e1cbdc1dd22a5a40ce2d728c643f3abb2bac3027f7c297d80397bd084d07f9b55a06abb22de5f768e9c4fd20d38be239b3157f8bd8b5f6ad4ee62b23f4629bb4c19695155727920fefcf640b8a1fd502406f18b0879f04e6778623fa7769119e744fad3fc59a68f1b1650fa538829345e08dca00e54", 0x1000}, 0x1006)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
connect$x25(r0, &(0x7f0000000100)={0x9, @remote={[], 0x3}}, 0x12)

21:50:19 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r3, 0x28, 0x2, &(0x7f0000000080)=0x5, 0x8)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r2, 0x0, 0x2, r2})

21:50:19 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d080000000000000000060000001000080000000000000008000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:19 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x3, 0x9, 0x0, 0x1}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
write(r0, &(0x7f0000000080)="240000001a005f0014f9f407000904000a00000000000000000000000800030000000000", 0x24)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0x1b91, @remote, 0x1ff}, @in6={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x9}, @in6={0xa, 0x4e22, 0x800, @mcast2, 0x8}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x64)
setsockopt$IP_VS_SO_SET_DEL(r2, 0x0, 0x484, &(0x7f0000000040)={0x1, @remote, 0x4e22, 0x1, 'rr\x00', 0x21, 0x43d, 0x1c}, 0x2c)

21:50:19 executing program 3:
io_uring_setup(0xfffffffffbfffffe, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x2f7})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff)

21:50:19 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:19 executing program 5:
r0 = getpid()
r1 = syz_open_dev$sndseq(&(0x7f0000000300)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f0000000340)=""/28, 0x1c)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r2, r1)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r0, 0x1000000000013)
r4 = syz_open_dev$video4linux(&(0x7f00000002c0)='/dev/v4l-subdev#\x00', 0x2, 0x50400)
getsockname$packet(0xffffffffffffffff, &(0x7f0000008180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @remote}, 0x0)
seccomp(0x1, 0x1, &(0x7f0000000100)={0x4, &(0x7f0000000180)=[{0x0, 0xc5d, 0x4, 0x5ea5}, {0x8, 0x1, 0xff, 0x3}, {0x5, 0x6, 0x6, 0x1f}, {0x100000000, 0x3, 0x52fc, 0xa6}]})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x0, 0xaaaab89, &(0x7f0000000200)=[{&(0x7f0000000080)="02005500000001000000ff07000000000000000000000000000000000000000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}])
ioctl$CAPI_MANUFACTURER_CMD(0xffffffffffffffff, 0xc0104320, &(0x7f0000000280)={0x8, &(0x7f0000000240)="8c4a5bc873ce2f2f"})
ioctl$VIDIOC_SUBDEV_G_FMT(r4, 0xc0585604, &(0x7f0000000080)={0x1})
r6 = syz_open_dev$cec(&(0x7f0000000500)='/dev/cec#\x00', 0x1, 0x2)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000540)={'team0\x00', <r8=>r5})
bind$bt_hci(r6, &(0x7f0000000580)={0x1f, r8}, 0xc)
syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x2, 0x100)
r9 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r9, r12, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r13 = syz_open_dev$media(&(0x7f0000000380)='/dev/media#\x00', 0x4b, 0x580)
write$9p(r13, &(0x7f00000003c0)="3ac2552c2f0d585da1eb29b93f445c073e03032b1053929807ff9b33d7ee1d1e81aa0024aad2b1612f2cfdc0bfc8fdd25230f59c731f758677dd413a4017618f2495076d4bbcb18f383860f7567870df038d01b39cb16f8f49ae79361b021b3bec7eefbe31f5b40815782220cce810bc5dab68904cd96167d574821ba10945130bf97cb4a2354b3625018043c48539bd33ca0130fbd9fa4d48fbcc43c7f062f7063913ebfda55da7b9f3a3163776522543546ee17372d43e224da887826ea268635b7b944f505c895d1ffbe3ecd74c7affff0000000000006e60880f79e7b0d247acf3da214d52197fae9d400741da3d8e28e4d9c07d8ecb75f4de39562ef996c96c0a2841dceb63b0e7ce60caae16daabba57bf151c40371b64cdfee73ae64a", 0xfffffffffffffee9)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f0000000000)={0x2, 0x0, {0x3, 0x1ff, 0x1008, 0x7, 0xc, 0x4, 0x1, 0x3}})

21:50:19 executing program 3:
perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='clear_refs\x00g\xff\xca\x02\x8a\xf0\xe1ZM\xfa@\x1bS0\x11\xbe\xdc\xdc\xdd\xc1\x17~\x18\xd6\xa5\x88Cd**\xde\xae\xaf\xcf\t\xec0\x04\xe7\xf3\"\b9\xb5\x96VR+\xbb\xa0a\xbb\xc8')
socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='loginuid\x009\xda\xd3\xc4D\xdeJ5\xf0\xfd\"=\xb6\xaa\x1e/\xddc\xc9\xf3_8\x9eFi\xe0\xafe\"\xc2%\xbb\xb6E\xae\x9e\x0fF\xc8|\xd4M\xb4\x91\x9c\x1a4\xab\x1d\x00\xbbAW\xf7\x9b#\x91.\x9b\x96Vn\xbf#a\x8d\xfd\xd31\xfc\xac\xfe\xcc\xdb\x93\x89t\xf4\x8dB\fI\xe5\xb3\x7f\x94\xbd\xb6Q\xb9\xc1\x02e\x904\xf4\x19/')
sendfile(r0, r1, 0x0, 0x1)

21:50:19 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d080000000000000000060000001000080000000000000008000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:20 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
recvfrom$packet(r0, &(0x7f0000000140)=""/224, 0xe0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1000000000005, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000002180)=0xfc, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'lo\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14)
getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000), &(0x7f0000000100)=0x30)
sendto$inet6(r0, &(0x7f00000002c0)="030400000300600000000000fff57b016d2763bd56373780398d537500e50600591f301ee616d5c0184374a7ffe4ec55e0654786a70100935ba514d40008efa000801600002fd08d49a47eff71bc4131fe4c1f99bf00a900000000d1843e770afd6e9ef5837dbd0000000053", 0x6c, 0x80, 0x0, 0x0)

21:50:20 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000300)={'syz1\x00', {}, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}, 0x45c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$binfmt_misc(r2, 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/166, 0x2e6}], 0x1)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x1000000000000012}, &(0x7f00000002c0))
r3 = gettid()
timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
dup2(r1, r0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
fcntl$dupfd(r7, 0x0, r2)
tkill(r3, 0x15)

21:50:20 executing program 3:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f0000000380)='./file0\x00', 0x0, 0x2001001, 0x0)
r0 = geteuid()
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x80100, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000100)={0x4, 0xfffffffffffffff8, 0x10001, 0x5, 0x400, 0x690e5f28})
syz_mount_image$ext4(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0xffffffffffffff65, 0x0, 0x1020, &(0x7f0000000040)={[{@oldalloc='oldalloc'}], [{@fowner_lt={'fowner<', r0}}, {@fowner_lt={'fowner<', r0}}, {@smackfsfloor={'smackfsfloor', 0x3d, '!![(}#bdev^procloposix_acl_access'}}]})

21:50:20 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d080000000000000000060000001000080000000000000008000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  583.025841][T12346] input: syz1 as /devices/virtual/input/input9
21:50:20 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="c0dca5055e0bcfec7bf070")
r1 = socket$kcm(0x29, 0x5, 0x0)
close(r1)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$BLKTRACESTOP(r2, 0x1275, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e)
socket$kcm(0x2b, 0x1, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x4, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x308, 0x80600)
syz_kvm_setup_cpu$x86(r9, r8, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0x143, 0x12, 0x0, 0x0)
write$binfmt_aout(r8, &(0x7f0000000180)=ANY=[@ANYBLOB="5300020355010000bf030000050000007c02000001000100000000000000000063f907f56032e9437be7b25d88d00d1409774e4d9a3f516e696c092b7c009fb882dbee44db4eaba2ea5396e2e1b084133b02e1024f33753b16ddede6557a19bfa5eec2c6e54cb08a3974673f7bbb39c73862df342ec298c7c182d45cdc4b3d2b0cbe77999e3669db537e5c76ec7f0ab82e7af36c9f566d58133f4499e02384862d15fb09caf19e3e7ed5ea2da3b0c05ea39e93583a0c4bdaa6bd9f26a254103f33846036b920f94a9003660d1babed44000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00"/720], 0x2d0)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000080), 0x2cb)
close(r1)

21:50:27 executing program 5:
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='limits\x00')
preadv(r0, &(0x7f0000000480), 0x10000000000001e2, 0x0)
ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
open(0x0, 0x141042, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r1, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r2, 0x0)
dup2(r2, 0xffffffffffffffff)
ioctl$BLKREPORTZONE(r2, 0xc0101282, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x7)
perf_event_open(0x0, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000e40))
openat$zero(0xffffffffffffff9c, 0x0, 0x442400, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

21:50:27 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket(0x10, 0x80002, 0xc)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
bind(r2, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x2d4)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe07002b00000001000a0014000000450001070300001419001a001263e29d5d010020020300"/56, 0xfc86}], 0x0)
sendmmsg$alg(r1, &(0x7f0000000140), 0x492492492492805, 0x0)

21:50:27 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000380)='asymmetric\x00i\x8dRT\xcc|\rO\xe2\xbe\x95\xe2\x80}5y\xd6\xda1\xbd\x15\xddH_\xed\xe3\xae\x0e\x14\xc1\x87$\xae&\x90cPh\xb1,\x93[D\xd7\x88\x9dI^AD\xf4[3\xe17\xfa\x05\xc7\x16\x1c\x02G\xa8z\xd3\xda\xc1\xd01\x87\xbf\xdf\xe6)\\=\xc2\x15\x7fu\xf1n\xba\xb8\xdc\x80\x0f\xf8m@\xb2\x88\xce+\vXKa\xaeK\xed\x89<\x84_a\x8e\x82\x15\x9d\x9d^\x99\xa6\xbd\xbd\v\xd6\x1d\x80%#}\xaeDZa\xb9\x01\xff\xca\xf5\xc5\\F)F]\xc0\xfe\xd9\xff\xc79\x86\x01\xf9\xf1\x00\x80\x00\x00\x00\x00\x00\x00\x19@\xd7\x1ds\b4\x98U\x17Od\xaa\x98\x1cu\x13\x1c<\x01 \xe5\xf6\x8b\xe6C\x99\xe4\xc5\xf5v\x98{\xce\xc40N\x03\xcb\xffh\xf2h<p\xf5\xaf\xe3w\xdd\xf2*E\xfcd</N{e\xf2\bZ\x16\xbe\x8e(\x9a[\n\x1c\xca\xc2vs\x1d\xb4\xb7\x17h\xa7$90:\xf6\t\b\xcf\x95-\x1cB\x9b\xc1\xd5n~\xdd\x92\xa0A0xz\x9d\xa2\xac\x83\x9e\'wu8', &(0x7f0000000180)=@keyring={'key_or_keyring:', r1})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, &(0x7f0000000280)={@llc={0x1a, 0x311, 0x2, 0x423, 0x2, 0x5, @broadcast}, {&(0x7f00000001c0)=""/176, 0xb0}, &(0x7f0000000040), 0x8}, 0xa0)

21:50:27 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000006000000100008000000000000000800000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:27 executing program 4:
connect$netlink(0xffffffffffffffff, &(0x7f0000000180)=@unspec, 0xc)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000009040)=[{{0x0, 0x0, &(0x7f0000004580)=[{&(0x7f0000004480)=""/245, 0xf5}], 0x1}}], 0x1, 0x100, 0x0)
shmctl$SHM_STAT(0xffffffffffffffff, 0xd, &(0x7f0000000000)=""/148)
writev(r0, &(0x7f00000023c0), 0x1000000000000252)
clock_settime(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
listen(0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x8010000000000084)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r1, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000380)={'#! ', './file0'}, 0x34000)
sendto$netrom(0xffffffffffffffff, &(0x7f00000003c0)="511b86788d70b33e8d67a2c351dd002004093566f57fc78462761025082e9ffad78df6ed2c82641469a6fe520ab6fe425d9a48a49a967760598fb11eb7c0a2db43a0497034efafd9e21147fdb262b727b2ae3122331c47dc39a5daac5a532a7321d8a3d3d7fe2787ec3cbca669c0071741dfc66e29c2a49ce868a476b89d9cc0f6b1e30937e0b389fc6f45c90fe3883a2047cea60dcd9039942ade1a166ecb1a8408a0feb1f2a13be6e33329ed84b1b2cae46b194cc82eebc788ee4e83fe806cf1326bb0a5e18ee114b17cfd5e8652865eb81e2c6472a73defa9d3dca5ddaf99d7064dd052d344235158360134b91a8395dd3590616ed34c64ef798b609df6dcd75a052e47a05827ab67e947ff955fd8a08471bf5cd03d8dd97855e37766c31bf04b105203550c0250f4e4ba9920cd31b9ebf6a0c86a29ab992f14306eafe6b6496d673f7528549c432957f4151b736b60c806cdf81dde804d920f795cbf89573b78fb9716c349e3404e9ca860720e9825146f26446632aca8e3b7e85fd1810c30574017dd738f899788661e39d3f9d2795aa4a09cf7b79763f0f8e23ec5f093c3bac24f833f1c3ed88c75283fbc2b74e9789902fceec9816d4bed3dc2f75c4d2465a9ddb39daa22433975496396fb4f8f9e87a6fb48592f8bf3ca728e1dd230b1d2195e61530db5b1d53dd1df01a987b62ce9cd0a4bad6faa314031f0f9a3e8a567fda162ebedecd42801f3bad012f0b0d2dff2d249cc9fb39841f876b215c5cb3993c1bbee23e16e704002e7262a0a09ea50580dcdc84b9e04666356bc289136378ba2e5c1ed0f439ba4f5776cec0d1bf2356dcb4b54a09ecd4ae3bbb969c487e741943eab5c6ce7f05661575ce08d6170dff016dd48ac595173a5d6ff6ce6261c019ba8a97b9b53a735c19e5d13dfa679fbdbad54d4e81948a61edfdcaf3d73c2cad8904bd19aa8abedab44f6eca241f5dcf56bca1b55e3b238d07b6a2f4d4c8c4b70012375b5be29f256fdca0e9d2dead4d2a0583a928ae7b02ee6ff56f20072a7be87aed1569ed1bcd9551658f2777f79262cf18ca2df90ef543fab1c2e8f572a9bbfac869453dd5b2eb6a2ab6dcc1181496a90d6b474c27784f13b3c03221b8284d4602ae1502f96a07ec938737dea65f833632c128a414de6e096bf011157baa22c52f119a4d5069b1d703fbd6f6bc7ec11b90e52ffbc2704936e48c36821207c0e2373ff0887154a781a920948f8a79d647b3936e43dd4cdc71a78d1d971c3e24622e098a13e0c0dc5a43026d21cbdca06d25515cb67d7a47085145c4d0eb9700301f01712703cbc3a53470f06798fc2f66ecc1e2db8254a6bce4d281b3d8cf3b9b5ae5ca37f5b99438a025561bcb38fd733d01e99751251287fd63ff46d01b1462fe1d11af106e902e0d2cf4da41344b63e46354797b3fb9e46aa1bad3acefc664830652e55b82e106b1f05a62859278a892df3df411a1d2512efd0d376ef34e614b219eeea0bdb1bed8acba2aac17dcd2e8fb6d41aa224bd50f9ea469648c74c4118dde8c8122de78a1d762efb25c5eedac29b4be407f694c058e5256c0d2ad7fea5e27b00b0e2d5a55ff8954714f2c6dbc2269849808cfc8ddf5e43dcb9628b875ca7a7253fbbf3f12581bb29cad0b00e6e7e9c07a262c9ed36675d5ebfa28bf3e298b06f5c4f105c932f4f827c84bc57a28ee55c53f776a317cff7470dcd6e53dbb30f83197ca64b5baf98fb2ea2d0016107ad17243299af71297163585b3853cf23c5ce36b0af3b5e7db8f048af051a17fa19c110e6c6b11d4592187da39087d9eee13542f8f18be9eb108a2f39c7819d13186726349940b86c92f2995b4bff3feb1dd29718e833af1cbaa8488f8c20a63d019e19f2da72e08b3e4a68482c9e842d8890f3f83b15437169bfbd74b9d9e4f86dd71c52d803b8accd5896e571746e1579a613bd99402e25f7a6b678bbaeb31aa5f385a21d12a9811418cbe852f1bc12562feaff5535015c48a8d5edc5b79ae7e8f40c2051b3f336d976ccf623a1281253a3a2bfd309aba6d2254bd05b9946e155d774efbd5920fb516fff8ba82f57aa16faa6cc1208ad60c89ee47148a889c0f1e350e0971e1d35215bdd74c5b1990346b924e9d6cad644452e2d5e2d8d689a8b9c72a735c398ab8b71614cb1f632296b567d4a390ec124bf21db74125ca606a6067faec63eb304289c7de9ef75dd4093730169bf9b951a284581708e1b1dd8612f23c097be73a48abc598fbe6df2c12f07881bd3ac422d30528e1f8772d4cbc43b8b923ee530f1ab38bc23bce93e134d26052cbdf8095ed52780206e9f674e5694c438cf8810029be6db9d8c6ec8a205b1cea08fa7de4b2cd6959816e2a8912df953a7504f1f48f39070212fde9482affa22f4aa6e2a2231fe3bbad0e53c73f75a9a377f2ceed112e04f23cf017cc2e105ba49951c52b6426561c5666b55eff49687a359f166f03d81016ff9a54f30e5319f44d2bca0d85eeb2c8d833330360be81cedd70d3133a205d1b85210261909e8ec8304c8f3e72d07f61da353851786be4df4ee51ddb96bccef4ac7ed10b589c08225fa22ee4cff563e4eea507d8b57b8a59a1930c5077d80a0bac35e3fe2a697dfd3fcf63b2b94d36c5fa9d6680b833fed4ecdf0f2d445adf61fa66061b50007347c1d27d1417bdb7284a559fd577a745a9e6d76649b506e82cb20ae8a8420eeacac6c7fa4cbaae47568be33acc9411ea3a9136f331c96951fc2379b10302120f18ebc93c18908b10529fa13d60259cc4dfbf7621bf87ac8e3ac2e3ffbb61a0a183378ad51e578c9580ad1831b21b566a7d75c3e9e66ce0e4eb4b7237eac1ede95dcd85b4eaf99126fc726938d3724f151f0f7c6f2794e2be24f2fab4683daaea7eff683b30458edd52c5298f17bf17dd8aadc25c445572d939e4cfbfe9c122c8b5ffc9bb1a5574f3e38f250ad0199d9a1194417570fa8ddcb04ff8454c3457ba27c64ef750a35abdece482cf9ca7f193f159795a1c69df51f1d55dbffd3610189265d8f15b1f62022087b4d6608bb7fb6fabbd12cf9ddf8c461f9839a90ca7cdd193a02918ce1d2df11e73d86ecb444ae446adf232f88047334d6b0f4dbd0ca397655559d636e24b4a6350c66d46cadb23074ed846dc2c4d5c213392624285ff90bf301c1f120fbe9524b968d524ade43e7bb88b0edcb5366e479992520d28307367f3a89cb3d64a7659760b4aba57286e62cf8a3424009349ea6bb163d3247e5fb5f22e8247789e6b3356b1f3dde74e5271be555c6e4a810a52ece5bd280abc76dc72edb06aab9f3f90aa2ebf33299d0e551638cef2759be37de41819332381d73d6e4efb6fad46b4e372fbb5fac61697a8a9623170f076430de6f4502b36c9c44de8b7dcfce9413c370dbf38692aff578773a48807ee66ae9f68c02f0c83ea4b01ca91d2c501c46afb2770ef1487016f74a00090f0c828da37026202d839317ab3aa60bb802f4631d0a3ebc771abd190767482ae21165445b0796c167dca029d057452f004834487a1c1090a19883fe6681579d1260a3c60a00d61bae40f68ab06660545ad241bc24182562673e762c1aa6b2561f605c26df00a791d6cc96014379ed81abf345332fb27cbd6f097f42dd5e7b1b63ed5b3614f230213948f6a75ed56dcacd8f3db3e22849f01039278223ab6695aa15f86eaa1d884e0ad2c876a840a01325029721e5cb6b79a6858329153ac95d3de2dc249afa7eb3950d535160fd3e9a7c05e533b6c9d0ea36808b167869a2d0d4fd61335fbe6f7705b31d0ff21329dfa0cfbc1f5c3aa48d9cc96958e9c774b8c5091c204634063a546debed7be6bf0a3fbaeb51d6cf69f1a046c3a9af40dc6da9ae2111b9f90a121e78a4e476967cf92103336dbfa86d9f7ce6929ae5a2843f0df90d9542feb6a15b1d769c396813e37fe43fb5ad4887c2cff2ef3af5908a8fdc5e467692d40c00323178ed82704315c54415035ceb677cfd837ec67531fe5a4370c9084668d9a1e6cf028a35df1f6c3b5ed7ad81ab7f826c178bde63e6855b9621f5222c7b4d6ac394415e015d3531d30ebc5d050bd233f37c59aea2a0e3e2532f3636c7a0e1a8abed6a7f883722edd5c7c890590619bb9209f37b6d4553047f24158a628424a26ae147f8dda745a97a8df05b3d01a963aa9f83026056a01807f98ef4fd9ebb37c0d4e7dd2ecdb72ab39a746b5875ef66e7b6d66578110ad61a461e1c2f45146ca40ce207873abdac3b3dc1e48294ec90a4cd6d1c5cb0defd78086d1c644bab5d68bb8b43b78fc0b090293fbd48b90da8eacb346de6397222f00172e225d468b446630a9a759b9b4291d1c26380d191841bf04a8055cb9b26272a89700af2acce589ead4f1ebb60ffa378b8442457f97a3a69cd680c8c7c31ccde25e1ae58c72ec362a23c44c33bdf2dd8dd1a3a51ddb5a939c05c05b4b455912f359c5eac9ca9ff8a7e9c2890228fd6986266e8445e51b12b2f48dd045386db30fddd828a28520489b15150db0f2094bcd8f7b2ac7434dc92646ba3433defbe73fc9a79c54fb33572152b420069c61a9e1b73c0691762bc44fefc17f72bf40c90bf0f65d62885743b073763b6ac86dc007ad4e5002f4bec2f225b71290a91a99d7020a3f10bf244c1dd603085907ecc3527ca5708d94727d213740b2b4886b9ac4a86f14ef46116d5b9af54a544b2dcdb5248b18fc509fb0a0cb9db510845f0b3e27b5c8be3affdbfd5c116d2c5bc295a984818789229b5eb3993f2a3fb6df8b00dfb42dbf95498b00606d12070fb160c94d329351a9620b39d98cccf53183e734e70ef465210e6222743cc48ca7a9aa6329187c5289a2d7e51f3cd27ea66ff9fa1a9cfc1e54520b4b66527fd708ee4b2de7f88020c946a8f671438d536a6428ade0473001638c91df166c8d97410fe7bd101a64cf942308e21b8cc26e3bcf551d4e214a111c34f27c386343ae500bcd42018157f92bb8e67b6747cb6bb2babf28adc590aa29a2d3428ff03b6d3841f99f9ad214c55b592c7c43eb6d09e98785a2a24681340991c0eaf4242c256fb202e18a3fbe1b5db17ec3a31c15f7c5ef8fbf7828dc6fb6a15de1193f398fd4482b2986510491c877d6bdc3172f4cf3dc49677fc94c4d6fae4402ff022b2538b97386d56b45083e420cd1eed40444260fd88eeb9a792ea61f92a4e12346811e5e901d7cf4180cb6d0131a27d0e676ef1a523173c8433948138dace6faf2e268edeb8e3c501c83c1fafed1dc3f1a42e3d6d0a938cd74f30cff60dccacd873b5647e20a4185651b5c0728979f61a7d2e064034172fad42f5f8ccae2b4a48eeb5b95558b7bd2673f3c3ee7f70a18a87c0c131b9b2a3a23dd2964440b9064f8cd74fe884e93d88ce3f7f2d919fcc4341a591f81b34737371008a28a8f3073f1f97b93693ceea8e7f75fcdd1a0bc73a6db7638cdf3d7e7a246629161f249de76de5585f73d0dc82bc11e79a383a82bdfd2aa6e2f3d23b561b3c60495acb0cb702739c72ec61ce056e0bfdcdf8b53a1c6b380d38e2be5fa4a9b199b9da7c739384f61f3b50d0a0486d9be56b06e429633dad0298cb7c335a242fc82dd6f2b84fd324984b3d6c30b4175d496d716ec013aa9c1e3eecb326a0fb1dd5d0b5f4eee361a0454901ddbdc2f2e6518294a5987b2b8cf4d7cd90935fa8619ce299cd463fe5f7c8ad72c59ef5d6dc22771ea2f8723354b559f602867f0cb91378a5e4989efb16a57310393aa5afd13d26ab55f2dc863219d9", 0x1000, 0x4, &(0x7f0000000100)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000280), 0x0)

[  589.872049][T12370] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.3'.
21:50:27 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000006000000100008000000000000000800000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:27 executing program 1:

21:50:27 executing program 4:

21:50:27 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d08000000000000000006000000100008000000000000000800000000"], 0x1}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:27 executing program 1:

[  590.324387][T12391] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.3'.
21:50:27 executing program 4:

[  596.260561][   T26] audit: type=1804 audit(1567979433.510:56): pid=12402 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir730936814/syzkaller.cZ9Ux4/109/bus" dev="sda1" ino=16648 res=1
21:50:34 executing program 5:

21:50:34 executing program 1:

21:50:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x1}}, 0x0)

21:50:34 executing program 4:

21:50:34 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:34 executing program 3:

21:50:34 executing program 4:

21:50:34 executing program 1:

21:50:34 executing program 3:

21:50:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x1}}, 0x0)

21:50:34 executing program 1:

21:50:34 executing program 4:
mkdir(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000240)='f2fs\x00', &(0x7f0000000280)='./bus\x00', 0x0, 0x2, &(0x7f0000000500)=[{&(0x7f00000003c0)="e0", 0x1, 0x3}, {0x0}], 0x0, &(0x7f0000000680)={[{@noquota='noquota'}], [{@euid_lt={'euid<'}}, {@measure='measure'}, {@uid_lt={'uid<'}}]})
fchdir(r0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="800008b7960ff7f978091a778eebea7a7de8e700000080000000007c8874ed11cbfa6b061d20801deadbcc87d9b2d07ace128e74101b09cfb5fe9f187d95a3affbf6810db7c5d50acb02f4e79fc057d377a98ac8c58d9c3ddd83e0b2"], 0x68)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)

[  598.003281][T12425] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  598.012732][T12425] FAT-fs (loop4): Filesystem has been set read-only
[  598.021235][T12425] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17)
21:50:40 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000200))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000939ff4))

21:50:40 executing program 1:
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, 0x0)

21:50:40 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f00000000c0)="1c0000001a009b8a14e5f46b000000ff0000e297be31fbbe014d0000", 0x1c)

21:50:40 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x1}}, 0x0)

21:50:40 executing program 4:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280)='cgroup\x00', 0x0, 0x0)
rename(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000140)='./file0/file1\x00')

21:50:40 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:40 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d6000/0x1000)=nil)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='environ\x00[\xaaZ\xaf\xc0\x8c\xaa\xaf\xc1DP\xf0_\'\xaf\xeb\x19s\xf3\xafp\xcam\x14\x9cR\x8d\xefh\xbb\xca\xfc\xdeF4\xbbc\x93\xae\xbf\xe6\x7fJL]\xb7\xc0#;,F\xc2\xc8\x93<\x0f7\xe4\x01\xc0\xa6#\x82\x02\xcdT\x02l\x80\xff\xf8\xd8YQL\x06\xdexu!\xb32$\x04&e\\^\xe0nZ')
preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000140)={0x0, {0x2, 0x4e22, @rand_addr=0x3ae2}, {0x2, 0x4e24, @multicast1}, {0x2, 0x4e23, @rand_addr=0xffffffff}, 0x20, 0x0, 0x0, 0x0, 0xffffffff, &(0x7f0000000000)='bcsf0\x00', 0x80000000, 0x1c1f, 0x1})

21:50:40 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x6, 0xe74, 0xdb9, 0x3})
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')

21:50:40 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
socketpair$unix(0x1, 0xd635d21e515325ed, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0x1)
setuid(r2)
lookup_dcookie(0x0, 0x0, 0x0)

21:50:40 executing program 0 (fault-call:6 fault-nth:0):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  603.808122][T12462] FAULT_INJECTION: forcing a failure.
[  603.808122][T12462] name failslab, interval 1, probability 0, space 0, times 1
[  603.851513][T12462] CPU: 1 PID: 12462 Comm: syz-executor.0 Not tainted 5.3.0-rc6-next-20190830 #75
[  603.860664][T12462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  603.870737][T12462] Call Trace:
[  603.874055][T12462]  dump_stack+0x172/0x1f0
[  603.878412][T12462]  should_fail.cold+0xa/0x15
[  603.883041][T12462]  ? fault_create_debugfs_attr+0x180/0x180
[  603.888875][T12462]  ? ___might_sleep+0x163/0x280
[  603.893749][T12462]  __should_failslab+0x121/0x190
[  603.898700][T12462]  should_failslab+0x9/0x14
[  603.903207][T12462]  kmem_cache_alloc_node+0x268/0x740
[  603.908506][T12462]  __alloc_skb+0xd5/0x5e0
[  603.912843][T12462]  ? netdev_alloc_frag+0x1b0/0x1b0
[  603.917977][T12462]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  603.924237][T12462]  ? netlink_autobind.isra.0+0x228/0x310
[  603.929881][T12462]  netlink_sendmsg+0x972/0xd60
[  603.934658][T12462]  ? netlink_unicast+0x710/0x710
[  603.939628][T12462]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  603.945200][T12462]  ? apparmor_socket_sendmsg+0x2a/0x30
[  603.950677][T12462]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  603.956938][T12462]  ? security_socket_sendmsg+0x8d/0xc0
[  603.962410][T12462]  ? netlink_unicast+0x710/0x710
[  603.967370][T12462]  sock_sendmsg+0xd7/0x130
[  603.971802][T12462]  ___sys_sendmsg+0x803/0x920
[  603.976494][T12462]  ? copy_msghdr_from_user+0x440/0x440
[  603.981982][T12462]  ? __kasan_check_read+0x11/0x20
[  603.987018][T12462]  ? __fget+0x384/0x560
[  603.991187][T12462]  ? ksys_dup3+0x3e0/0x3e0
[  603.995618][T12462]  ? __fget_light+0x1a9/0x230
[  604.000396][T12462]  ? __fdget+0x1b/0x20
[  604.004469][T12462]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  604.010720][T12462]  __sys_sendmsg+0x105/0x1d0
[  604.015318][T12462]  ? __sys_sendmsg_sock+0xd0/0xd0
[  604.020363][T12462]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  604.025831][T12462]  ? do_syscall_64+0x26/0x760
[  604.030515][T12462]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  604.036602][T12462]  ? do_syscall_64+0x26/0x760
[  604.041290][T12462]  __x64_sys_sendmsg+0x78/0xb0
[  604.046061][T12462]  do_syscall_64+0xfa/0x760
[  604.050577][T12462]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  604.056467][T12462] RIP: 0033:0x4598e9
[  604.060363][T12462] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  604.079973][T12462] RSP: 002b:00007fc76794ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  604.088412][T12462] RAX: ffffffffffffffda RBX: 00007fc76794ec90 RCX: 00000000004598e9
[  604.096412][T12462] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000006
[  604.104395][T12462] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  604.112385][T12462] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc76794f6d4
[  604.120373][T12462] R13: 00000000004c77c2 R14: 00000000004dd050 R15: 0000000000000007
21:50:41 executing program 1:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r4, 0x84, 0x5, &(0x7f0000000440)={r6, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={<r7=>r6, 0xc8, &(0x7f0000000180)=[@in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e22, 0x0, @loopback}, @in6={0xa, 0x4e20, 0x9, @empty, 0x2a}, @in6={0xa, 0x4e21, 0x9, @rand_addr="3977eb2506ec400942bb9284ed21b900", 0xf991}, @in={0x2, 0x4e20, @multicast2}, @in6={0xa, 0x4e21, 0x558, @empty, 0x4}, @in6={0xa, 0x4e22, 0x9, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, @in6={0xa, 0x4e20, 0x8, @remote, 0x4}]}, &(0x7f0000000080)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000000c0)={r7, 0x5, 0x80000000000000}, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x1)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000040)="0a0775db7b2803b4f0a12585675d26b0d5e383e5b3b60ced5c54dbb7295df0df8217ad62005127000000000000e60000", 0x30)
r9 = socket(0x1, 0x800, 0x12)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x48, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x8, @ipv4, 0xde}, @in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0x10000, @local}]}, &(0x7f0000000340)=0x10)
r10 = accept$alg(r8, 0x0, 0x0)
r11 = dup(r10)
recvmmsg(r11, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f0000001200)=[{0x0}, {&(0x7f0000001240)=""/116, 0x74}], 0x2}}], 0x1, 0x0, 0x0)

21:50:41 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r8, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r9 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
r10 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r11=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r9, 0x84, 0x5, &(0x7f0000000440)={r11, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={<r12=>r11, 0xffffffffffffff57}, &(0x7f0000000080)=0x8)
r13 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r13, r16, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r13, 0x84, 0x76, &(0x7f00000000c0)={<r17=>0x0, 0xa2}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000140)={r12, 0x2, 0x20, 0x4, 0x9, 0x45, 0x4, 0x9, {r17, @in6={{0xa, 0x4e22, 0x862c, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0xffffffff}}, 0x8000, 0x7fff, 0x6, 0x9, 0x7}}, &(0x7f0000000200)=0xb0)
sendmsg(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)="24000000200007041dfffd946f610500020000001f2d1f0000000800050016000400ff7e", 0x24}], 0x1}, 0x0)

21:50:48 executing program 0 (fault-call:6 fault-nth:1):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:48 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:48 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
prctl$PR_SVE_SET_VL(0x32, 0xbb61)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r1, &(0x7f0000000000)={0x9, @null='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00d'}, 0x12)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r2, &(0x7f0000000000)={0x9, @null='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00d'}, 0x12)
dup2(r1, r2)

21:50:48 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x200001000008912, &(0x7f0000000140)="11dca5055e0bcfe47bf070")
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r7=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r5, 0x84, 0x5, &(0x7f0000000440)={r7, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000040)={r7, 0xa5cb, 0xf1}, 0x8)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="28800000062cf200000809276aeb184760f900000000ad3a08206966"], 0x28}}, 0x0)

21:50:48 executing program 1:
r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x3761c00c617e484, 0x0)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f0000000480)=""/202, 0xca}], 0x1, 0x3)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x22}}, {0x6}, 0x2, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}, 'bond_slave_0\x00'})

21:50:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000080)=0x1c, 0x4)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r2 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x16})

[  610.858300][T12502] FAULT_INJECTION: forcing a failure.
[  610.858300][T12502] name failslab, interval 1, probability 0, space 0, times 0
[  610.908518][T12502] CPU: 0 PID: 12502 Comm: syz-executor.0 Not tainted 5.3.0-rc6-next-20190830 #75
[  610.917681][T12502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  610.927749][T12502] Call Trace:
[  610.931061][T12502]  dump_stack+0x172/0x1f0
[  610.935413][T12502]  should_fail.cold+0xa/0x15
[  610.940015][T12502]  ? fault_create_debugfs_attr+0x180/0x180
[  610.940045][T12502]  ? ___might_sleep+0x163/0x280
[  610.950672][T12502]  __should_failslab+0x121/0x190
[  610.955618][T12502]  should_failslab+0x9/0x14
[  610.960124][T12502]  kmem_cache_alloc_node_trace+0x274/0x750
[  610.965938][T12502]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  610.971919][T12502]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  610.977738][T12502]  __kmalloc_node_track_caller+0x3d/0x70
[  610.983381][T12502]  __kmalloc_reserve.isra.0+0x40/0xf0
[  610.988755][T12502]  __alloc_skb+0x10b/0x5e0
[  610.993166][T12502]  ? netdev_alloc_frag+0x1b0/0x1b0
[  610.998290][T12502]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  611.004535][T12502]  ? netlink_autobind.isra.0+0x228/0x310
[  611.010170][T12502]  netlink_sendmsg+0x972/0xd60
[  611.010191][T12502]  ? netlink_unicast+0x710/0x710
[  611.019867][T12502]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  611.025425][T12502]  ? apparmor_socket_sendmsg+0x2a/0x30
[  611.030893][T12502]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  611.037138][T12502]  ? security_socket_sendmsg+0x8d/0xc0
[  611.037155][T12502]  ? netlink_unicast+0x710/0x710
[  611.037172][T12502]  sock_sendmsg+0xd7/0x130
[  611.037189][T12502]  ___sys_sendmsg+0x803/0x920
21:50:48 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x80400, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r8, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendto$unix(r5, &(0x7f0000000400)="542a66f9a6d3639eebfb82d340237dd654e155e0f23efa0ba87eaac3cf5ce4c6d245766b95514ec0795b042e8173212f8d23a1a0fbfca759bd0eae791a6eeaf6f5165a7357976937ad859eecceeeaf658eca3ce2b3e2a3d212b475b74f94a39ab65361800e941286ab4a8fcfb6ac436ad87efdc65dacadb034fa820e257b112d2eb6cf11b98bd4a4c377da6ebd9b2f959a880dcf7b3f1c6a7c23a0e7b211519587401556998966f89cd3a1a07318e609a3541e987ed50acf6c70eda226832d7fb9946877f3d99c53cbab4015405337072bf704dc8d7ef4869598f0fd326fb6b6acd99953c1a29bb2a791ff", 0xeb, 0x20004000, &(0x7f0000000500)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f00000005c0)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000600)=0xc)
sendmsg$inet(r0, &(0x7f0000000740)={&(0x7f00000000c0)={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000100)="5031cbd0a271e15a52dfe70df391c87cbf503ad90496659d17e7e31f00a701216967fd658d9c14111fcae43e75d419886df19087edbcb4df", 0x38}, {&(0x7f0000000140)="0c372520a2a2ccd0cdc72f539be1ee29ab09ce8e49b7e6c34986cb993e51b4d4a46ccd6ad57d5b2e2d4e745c0cb11668f7d795f42f811b9c", 0x38}, {&(0x7f0000000180)="7f586951a475adb850b437a8380d6fae325eb255e5a9494f59b73a6214b1af48fd8ca5de823e354009ca86df06b460238e6c529ce10fa07a5413c07e459ff0c3548b3ca73348a457d2bea309a0f902414f8f2fee98eeef661313db6d9a7f33df0d43071684dc79d98935a405d56a73e3f484e08ff54ffa7ddd7b42b196a4848a5dc7b6f51941b16a84abf8662115ac3c07da5e6c42aebb405152793a1a28f20b5fb2da06294df449", 0xa8}], 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1400000000000000000000000200000002000000000000001c000000000000000000000008020000c6fa6136b8d6ec4665d526ccf56d66ecc3fdb17fa1644c67f597d772105bc231cd54470fe25938188a7ccced5db9b6c986aa43205c269fd7174f2e6b11d7c7d1fa732c8170e42e2d0fca8fab713173685205f0a058f476d72660b4d7124ad170021607c9007057e9c1e621e3e2547f9af914bf673a3f4485017ff05f1539f5e345701e9493dfb8a6136d6591e1099352823f2996a1ecf8985b04b603413a112423bbe24e966c377cecd652f4179bab21639d1d3ffca62cc3", @ANYRES32=r9, @ANYBLOB="e0000001e000000100000000140000000000000000000000070000004402000000000000140000000000000000000000020000000400000000000000140000000000000000000000020000000700000000000000140000000000000000000000010000004e000000000000001100000000000000000000000100000006000000000000001100000000000000000000000100"/156], 0xc8}, 0x8000)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$IPT_SO_GET_REVISION_MATCH(r10, 0x0, 0x42, &(0x7f0000000000)={'IDLETIMER\x00'}, &(0x7f0000000040)=0x1e)

[  611.037203][T12502]  ? copy_msghdr_from_user+0x440/0x440
[  611.037226][T12502]  ? __kasan_check_read+0x11/0x20
[  611.037241][T12502]  ? __fget+0x384/0x560
[  611.037257][T12502]  ? ksys_dup3+0x3e0/0x3e0
[  611.037277][T12502]  ? __fget_light+0x1a9/0x230
[  611.037290][T12502]  ? __fdget+0x1b/0x20
[  611.037307][T12502]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  611.037334][T12502]  __sys_sendmsg+0x105/0x1d0
[  611.071371][T12502]  ? __sys_sendmsg_sock+0xd0/0xd0
[  611.100592][T12502]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  611.106065][T12502]  ? do_syscall_64+0x26/0x760
[  611.110744][T12502]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  611.116814][T12502]  ? do_syscall_64+0x26/0x760
[  611.121501][T12502]  __x64_sys_sendmsg+0x78/0xb0
[  611.126280][T12502]  do_syscall_64+0xfa/0x760
[  611.130802][T12502]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  611.136707][T12502] RIP: 0033:0x4598e9
21:50:48 executing program 1:
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x41395527)
syz_open_dev$vivid(&(0x7f0000000080)='/dev/video#\x00', 0x3, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sequencer2\x00', 0x0, 0x0)
getpid()
syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x4}, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

21:50:48 executing program 5:
r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2)
ioctl$KDSETLED(r0, 0x4b32, 0x40)
r1 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x783b, 0x400)
r2 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000440)={r4, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000200)={r4, 0x1}, &(0x7f0000000440)=0x8)
r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00')
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r7 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self\x00', 0x42c0, 0x0)
ioctl$TIOCCONS(r7, 0x541d)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = syz_open_dev$vivid(&(0x7f0000000080)='/dev/video#\x00', 0x0, 0x2)
write$binfmt_elf64(r9, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0xff, 0x10000, 0x1, 0x5, 0x1, 0x2, 0x3, 0x1f, 0x1f9, 0x40, 0x299, 0x20000000, 0x9, 0x38, 0x2, 0x8, 0x2, 0x2}, [{0x0, 0x0, 0x7, 0x1, 0x8, 0xfffffffffffffff7, 0x5, 0x9}, {0x5, 0x2, 0x2, 0x5, 0x6, 0x1, 0x2, 0x5}], "32df04f03aeee9c9ca4d445cdb0f079d73450af606a6d95a12db74350010f5ba93d7d65c6e55bcdbeea9977c6c4e7bba9ac475ec8ce81e03cfb6456e81305fad99a207a4b97328508089972c6f129d505dc3584978e35f20057f451a67eb64c1e6be9e4191585faadd3f9addb55b63799c8a02f4d79ff5c28bf147602468fd5466f9a407c245a3948395494afe3279ba23852c948d599741729a5547bed6045f574a73e0fd8d1bd0bfc49faab96f"}, 0x15e)
ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f00000000c0)={0x8, 0x87bf, 0x5, 0x0, 0x0, [{r6, 0x0, 0x401}, {r7, 0x0, 0x9}, {r8, 0x0, 0x432}, {r0, 0x0, 0x8}, {r0, 0x0, 0x9}]})
ioprio_set$uid(0x3, 0x0, 0x0)

[  611.140607][T12502] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  611.160305][T12502] RSP: 002b:00007fc76794ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  611.168729][T12502] RAX: ffffffffffffffda RBX: 00007fc76794ec90 RCX: 00000000004598e9
[  611.176716][T12502] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000006
[  611.184693][T12502] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  611.184702][T12502] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc76794f6d4
[  611.184711][T12502] R13: 00000000004c77c2 R14: 00000000004dd050 R15: 0000000000000007
21:50:48 executing program 0 (fault-call:6 fault-nth:2):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:48 executing program 3:
openat(0xffffffffffffff9c, &(0x7f0000000c00)='./file0\x00', 0x2001, 0x0)
socket$inet6(0xa, 0x6, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x22d, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x800, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001001, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000180)='./file0\x00', &(0x7f0000000400)='trusted.overlay.nlink\x00', &(0x7f0000000440)={'U+', 0x20}, 0x28, 0x0)
write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000280)={0x7}, 0x7)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x3, 0x0, 0x0, 0x10033, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x9fb8)
pipe(&(0x7f0000000540))
io_submit(0x0, 0x0, 0x0)
pivot_root(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000d00)='./file0\x00')
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0x0, @local}, {0x2, 0x0, @remote}})

[  611.542074][T12525] FAULT_INJECTION: forcing a failure.
[  611.542074][T12525] name failslab, interval 1, probability 0, space 0, times 0
[  611.609033][T12525] CPU: 0 PID: 12525 Comm: syz-executor.0 Not tainted 5.3.0-rc6-next-20190830 #75
[  611.618187][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  611.628248][T12525] Call Trace:
[  611.631545][T12525]  dump_stack+0x172/0x1f0
[  611.631583][T12525]  should_fail.cold+0xa/0x15
[  611.631604][T12525]  ? fault_create_debugfs_attr+0x180/0x180
[  611.640506][T12525]  ? retint_kernel+0x2b/0x2b
[  611.640524][T12525]  ? trace_hardirqs_on_caller+0x6a/0x240
21:50:48 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:48 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x480, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x3c}], 0x1, 0x0, 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000140)={0x3, 0x30f676ca8d5070cc, 0x2, @stepwise={0xa51a, 0x2, 0x0, 0x5, 0x3, 0xfff}})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0xffffff16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x40000009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  611.640548][T12525]  __should_failslab+0x121/0x190
[  611.640569][T12525]  should_failslab+0x9/0x14
[  611.665955][T12525]  kmem_cache_alloc+0x47/0x710
[  611.670730][T12525]  skb_clone+0x154/0x3d0
[  611.674979][T12525]  netlink_deliver_tap+0x94d/0xbf0
[  611.680105][T12525]  netlink_unicast+0x5a2/0x710
[  611.684876][T12525]  ? netlink_attachskb+0x7c0/0x7c0
[  611.689998][T12525]  ? _copy_from_iter_full+0x25d/0x8c0
[  611.695380][T12525]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  611.701105][T12525]  ? __check_object_size+0x3d/0x437
[  611.706322][T12525]  netlink_sendmsg+0x8a5/0xd60
[  611.711101][T12525]  ? netlink_unicast+0x710/0x710
[  611.716049][T12525]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  611.721608][T12525]  ? apparmor_socket_sendmsg+0x2a/0x30
[  611.727080][T12525]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  611.733322][T12525]  ? security_socket_sendmsg+0x8d/0xc0
[  611.733339][T12525]  ? netlink_unicast+0x710/0x710
[  611.733357][T12525]  sock_sendmsg+0xd7/0x130
[  611.733380][T12525]  ___sys_sendmsg+0x803/0x920
[  611.743758][T12525]  ? copy_msghdr_from_user+0x440/0x440
[  611.743787][T12525]  ? __kasan_check_read+0x11/0x20
[  611.743805][T12525]  ? __fget+0x384/0x560
[  611.743824][T12525]  ? ksys_dup3+0x3e0/0x3e0
[  611.743841][T12525]  ? __fget_light+0x16/0x230
[  611.743858][T12525]  ? __fget_light+0x1a9/0x230
[  611.781148][T12525]  ? __fdget+0x1b/0x20
[  611.785235][T12525]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  611.791494][T12525]  __sys_sendmsg+0x105/0x1d0
[  611.796098][T12525]  ? __sys_sendmsg_sock+0xd0/0xd0
[  611.801147][T12525]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  611.806615][T12525]  ? do_syscall_64+0x26/0x760
[  611.811301][T12525]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  611.817373][T12525]  ? do_syscall_64+0x26/0x760
[  611.822065][T12525]  __x64_sys_sendmsg+0x78/0xb0
[  611.826840][T12525]  do_syscall_64+0xfa/0x760
[  611.831359][T12525]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  611.837277][T12525] RIP: 0033:0x4598e9
[  611.841178][T12525] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  611.860793][T12525] RSP: 002b:00007fc76794ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  611.869215][T12525] RAX: ffffffffffffffda RBX: 00007fc76794ec90 RCX: 00000000004598e9
[  611.877647][T12525] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000006
[  611.885626][T12525] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  611.893605][T12525] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc76794f6d4
[  611.901583][T12525] R13: 00000000004c77c2 R14: 00000000004dd050 R15: 0000000000000007
21:50:49 executing program 0 (fault-call:6 fault-nth:3):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:49 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600)=ANY=[], 0xfec8)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$EVIOCSREP(r2, 0x40084503, &(0x7f0000000140)=[0x80000000, 0x7ff])
recvmmsg(r1, &(0x7f0000002680)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/182, 0xb6}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000001380)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000000c40)=""/105, 0x69}], 0x1}}], 0x3, 0x0, 0x0)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f00000000c0)=""/82)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='rootfs\x00', 0x188a2, &(0x7f0000000280)='aead\x00')

21:50:49 executing program 1:
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, 0x0)
unshare(0x8000000)
r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x10, 0x0)
r1 = syz_open_dev$mice(&(0x7f00000001c0)='/dev/input/mice\x00', 0x0, 0x8000)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, 0xfffffffffffffffe, 0x0)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e24, @rand_addr=0x9}, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x82, 0x0, 0x0, 0x0, 0x81, &(0x7f0000000100)='team_slave_1\x00', 0x3, 0x80, 0x2})
r2 = mq_open(&(0x7f0000000000)='md5sumeth1wlan0{cgroupmime_type\a\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000080)={0x0, 0x2, 0x5})
mq_timedsend(r2, 0x0, 0x2d1, 0x0, 0x0)
prctl$PR_SET_FPEMU(0xa, 0x1)

[  612.232746][T12540] FAULT_INJECTION: forcing a failure.
[  612.232746][T12540] name failslab, interval 1, probability 0, space 0, times 0
[  612.315793][T12540] CPU: 0 PID: 12540 Comm: syz-executor.0 Not tainted 5.3.0-rc6-next-20190830 #75
[  612.324951][T12540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  612.335010][T12540] Call Trace:
[  612.338323][T12540]  dump_stack+0x172/0x1f0
[  612.342677][T12540]  should_fail.cold+0xa/0x15
[  612.347289][T12540]  ? fault_create_debugfs_attr+0x180/0x180
[  612.353119][T12540]  ? ___might_sleep+0x163/0x280
[  612.357990][T12540]  __should_failslab+0x121/0x190
[  612.362944][T12540]  should_failslab+0x9/0x14
[  612.367452][T12540]  kmem_cache_alloc_node+0x268/0x740
[  612.372752][T12540]  ? mark_held_locks+0xa4/0xf0
[  612.377533][T12540]  __alloc_skb+0xd5/0x5e0
[  612.381859][T12540]  ? netdev_alloc_frag+0x1b0/0x1b0
[  612.386955][T12540]  ? __local_bh_enable_ip+0x15a/0x270
[  612.392315][T12540]  l2tp_session_notify.constprop.0+0x32/0x160
[  612.398363][T12540]  ? l2tp_nl_session_get+0x9d/0x220
[  612.403554][T12540]  l2tp_nl_cmd_session_delete+0x3b/0x180
[  612.409177][T12540]  genl_family_rcv_msg+0x74b/0xf90
[  612.414361][T12540]  ? genl_unregister_family+0x7b0/0x7b0
[  612.419891][T12540]  ? __kasan_check_read+0x11/0x20
[  612.424896][T12540]  ? __lock_acquire+0x16f2/0x4a00
[  612.429901][T12540]  ? __dev_queue_xmit+0xbb5/0x37c0
[  612.435009][T12540]  genl_rcv_msg+0xca/0x170
[  612.439413][T12540]  netlink_rcv_skb+0x177/0x450
[  612.444155][T12540]  ? genl_family_rcv_msg+0xf90/0xf90
[  612.449421][T12540]  ? netlink_ack+0xb50/0xb50
[  612.453994][T12540]  ? __kasan_check_write+0x14/0x20
[  612.459088][T12540]  ? netlink_deliver_tap+0x254/0xbf0
[  612.464365][T12540]  genl_rcv+0x29/0x40
[  612.468325][T12540]  netlink_unicast+0x531/0x710
[  612.473073][T12540]  ? netlink_attachskb+0x7c0/0x7c0
[  612.478167][T12540]  ? _copy_from_iter_full+0x25d/0x8c0
[  612.483534][T12540]  netlink_sendmsg+0x8a5/0xd60
[  612.488458][T12540]  ? netlink_unicast+0x710/0x710
[  612.493399][T12540]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  612.498936][T12540]  ? apparmor_socket_sendmsg+0x2a/0x30
[  612.504384][T12540]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  612.510609][T12540]  ? security_socket_sendmsg+0x8d/0xc0
[  612.516054][T12540]  ? netlink_unicast+0x710/0x710
[  612.520986][T12540]  sock_sendmsg+0xd7/0x130
[  612.525387][T12540]  ___sys_sendmsg+0x803/0x920
[  612.530060][T12540]  ? copy_msghdr_from_user+0x440/0x440
[  612.535509][T12540]  ? __rcu_read_unlock+0x220/0x6b0
[  612.540613][T12540]  ? __kasan_check_read+0x11/0x20
[  612.545624][T12540]  ? __fget+0x384/0x560
[  612.549767][T12540]  ? ksys_dup3+0x3e0/0x3e0
[  612.554174][T12540]  ? __fget_light+0x1a9/0x230
[  612.558834][T12540]  ? __fdget+0x1b/0x20
[  612.562886][T12540]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  612.569115][T12540]  __sys_sendmsg+0x105/0x1d0
[  612.573692][T12540]  ? __sys_sendmsg_sock+0xd0/0xd0
[  612.578707][T12540]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  612.584148][T12540]  ? do_syscall_64+0x26/0x760
[  612.588811][T12540]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  612.594858][T12540]  ? do_syscall_64+0x26/0x760
[  612.599523][T12540]  __x64_sys_sendmsg+0x78/0xb0
[  612.604271][T12540]  do_syscall_64+0xfa/0x760
[  612.608760][T12540]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  612.614631][T12540] RIP: 0033:0x4598e9
[  612.618512][T12540] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  612.638098][T12540] RSP: 002b:00007fc76794ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  612.646490][T12540] RAX: ffffffffffffffda RBX: 00007fc76794ec90 RCX: 00000000004598e9
[  612.654442][T12540] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000006
[  612.662397][T12540] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  612.670349][T12540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc76794f6d4
[  612.678302][T12540] R13: 00000000004c77c2 R14: 00000000004dd050 R15: 0000000000000007
21:50:50 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:50 executing program 4:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x2, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000000)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f00000001c0)=0xe8)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f00000002c0))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r7=>0x0}, &(0x7f0000000180)=0xc)
r8 = getgid()
fchown(0xffffffffffffffff, r7, r8)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000200)={0xa0, 0x0, 0x4, {{0x4, 0x0, 0x1, 0x7fff, 0x3f26, 0x3, {0x1, 0x3, 0x3, 0x8001, 0x4, 0x100, 0xe1b, 0x1f, 0x4, 0x2, 0x5, r2, r8, 0x3}}, {0x0, 0x8}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='9p\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB="00000000010000", @ANYRESHEX=r0, @ANYBLOB="80fe"])

21:50:50 executing program 0 (fault-call:6 fault-nth:4):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:50 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00')
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x800, 0x0)
ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000080)={0x8, 0x8511})
fchdir(r0)
sendmmsg(0xffffffffffffffff, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000003140), 0x5e2}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000007380), 0x280, &(0x7f00000000c0)=[{0x0, 0x117, 0x10000, "398a5909def4f99bc1aac7cafbe7cca9b56aa85524eb18ba76a284045bc9a6e63d2ac69500c20857d8d316a4a765db8e8aa6eb443dfdb35654b21c9cb354fa4e49a18bb68a6741167a954ba42a0e0bbebc5c6a2743beccf2d713e4779e0f73f991"}, {0x0, 0x109, 0x81, "4726e03195bf7abf2e6e18e9d49a40aa982ce4085b2d9c7299f2dd73800d5996d29a7ecb2678bb83fd92db454f48355baad24948ee2ac12ef8f44d92d994b3f97b0d45dcfc1b37eb050919ecf660f034434b947e5364dfe38cc86e7524f2d1aa8048856b3c6d2c19e996e3798dc12616e7a6e21c1955f89bc4986fb6d48e5dd4f83771e7c6a603e060c31ebffa43e520b08d4c6f606014f32cda40a4db"}, {0x0, 0xff, 0x0, "51e50b36116a3c6f93bb809bafd515536986d098e6b2dabae0f8162149b351c029fef37edeb43864ce4ff47d84daea8d02ff38d7312d5bf6eb9555c36896f317238993c304cdfdb8e783dd16353d99b24524f112143467938a871c9048e2dc4fe61775b638fa819b389818b7d87e082f63c939629ae4dda6c999da80f396fe1881d0806334694fe9b4"}, {0x0, 0x29, 0x9}, {0x0, 0x10b, 0x15, "e227ebf0119b4ed0341ca3fc4ba0a37111ea65680544f0f74c6bc8ae35dfadb6e941bae5563b30f53f78d3747d49d71de963417396547bb85cf708fd8fc929b274c9ab14f2a87193c04daec72e45a1"}]}}], 0x2, 0x0)

[  612.958441][T12552] 9pnet: Insufficient options for proto=fd
[  613.170857][T12563] 9pnet: Insufficient options for proto=fd
[  613.299507][T12561] FAULT_INJECTION: forcing a failure.
[  613.299507][T12561] name failslab, interval 1, probability 0, space 0, times 0
[  613.323967][T12561] CPU: 0 PID: 12561 Comm: syz-executor.0 Not tainted 5.3.0-rc6-next-20190830 #75
[  613.333111][T12561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  613.343171][T12561] Call Trace:
[  613.346476][T12561]  dump_stack+0x172/0x1f0
[  613.350823][T12561]  should_fail.cold+0xa/0x15
[  613.355422][T12561]  ? fault_create_debugfs_attr+0x180/0x180
[  613.361237][T12561]  ? __should_failslab+0x99/0x190
[  613.366375][T12561]  __should_failslab+0x121/0x190
[  613.371430][T12561]  should_failslab+0x9/0x14
[  613.375915][T12561]  kmem_cache_alloc_node_trace+0x274/0x750
[  613.381701][T12561]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  613.387670][T12561]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  613.393469][T12561]  __kmalloc_node_track_caller+0x3d/0x70
[  613.399084][T12561]  __kmalloc_reserve.isra.0+0x40/0xf0
[  613.404450][T12561]  __alloc_skb+0x10b/0x5e0
[  613.408864][T12561]  ? netdev_alloc_frag+0x1b0/0x1b0
[  613.413967][T12561]  ? __kasan_check_write+0x14/0x20
[  613.419058][T12561]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  613.424594][T12561]  netlink_ack+0x25c/0xb50
[  613.429005][T12561]  ? netlink_sendmsg+0xd60/0xd60
[  613.433932][T12561]  ? mutex_unlock+0xd/0x10
[  613.438326][T12561]  ? genl_rcv_msg+0x106/0x170
[  613.442981][T12561]  netlink_rcv_skb+0x376/0x450
[  613.447736][T12561]  ? genl_family_rcv_msg+0xf90/0xf90
[  613.453031][T12561]  ? netlink_ack+0xb50/0xb50
[  613.457601][T12561]  ? __kasan_check_write+0x14/0x20
[  613.462734][T12561]  ? genl_rcv+0xe/0x40
[  613.466801][T12561]  genl_rcv+0x29/0x40
[  613.470813][T12561]  netlink_unicast+0x531/0x710
[  613.475566][T12561]  ? netlink_attachskb+0x7c0/0x7c0
[  613.480656][T12561]  ? _copy_from_iter_full+0x25d/0x8c0
[  613.486022][T12561]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  613.491757][T12561]  ? __check_object_size+0x3d/0x437
[  613.496945][T12561]  netlink_sendmsg+0x8a5/0xd60
[  613.501689][T12561]  ? netlink_unicast+0x710/0x710
[  613.506619][T12561]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  613.512153][T12561]  ? apparmor_socket_sendmsg+0x2a/0x30
[  613.517601][T12561]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  613.523831][T12561]  ? security_socket_sendmsg+0x8d/0xc0
[  613.529281][T12561]  ? netlink_unicast+0x710/0x710
[  613.534199][T12561]  sock_sendmsg+0xd7/0x130
[  613.538593][T12561]  ___sys_sendmsg+0x803/0x920
[  613.543244][T12561]  ? copy_msghdr_from_user+0x440/0x440
[  613.548706][T12561]  ? __kasan_check_read+0x11/0x20
[  613.553723][T12561]  ? __fget+0x384/0x560
[  613.557860][T12561]  ? ksys_dup3+0x3e0/0x3e0
[  613.562255][T12561]  ? __fget_light+0x1a9/0x230
[  613.566921][T12561]  ? __fdget+0x1b/0x20
[  613.570996][T12561]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  613.577222][T12561]  __sys_sendmsg+0x105/0x1d0
[  613.581818][T12561]  ? __sys_sendmsg_sock+0xd0/0xd0
[  613.586834][T12561]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  613.592304][T12561]  __x64_sys_sendmsg+0x78/0xb0
[  613.597056][T12561]  ? do_syscall_64+0x5b/0x760
[  613.601721][T12561]  do_syscall_64+0xfa/0x760
[  613.606223][T12561]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  613.612187][T12561] RIP: 0033:0x4598e9
[  613.616059][T12561] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  613.635661][T12561] RSP: 002b:00007fc76794ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  613.644088][T12561] RAX: ffffffffffffffda RBX: 00007fc76794ec90 RCX: 00000000004598e9
[  613.652046][T12561] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000006
[  613.659995][T12561] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  613.667978][T12561] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc76794f6d4
[  613.675940][T12561] R13: 00000000004c77c2 R14: 00000000004dd050 R15: 0000000000000007
[  614.806507][  T932] device bridge_slave_1 left promiscuous mode
[  614.813447][  T932] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.918011][  T932] device bridge_slave_0 left promiscuous mode
[  614.924329][  T932] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.796021][  T932] device hsr_slave_0 left promiscuous mode
[  616.843813][  T932] device hsr_slave_1 left promiscuous mode
[  616.898534][  T932] team0 (unregistering): Port device team_slave_1 removed
[  616.910606][  T932] team0 (unregistering): Port device team_slave_0 removed
[  616.922493][  T932] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  616.968937][  T932] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  617.041769][  T932] bond0 (unregistering): Released all slaves
21:50:57 executing program 5:
r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0xc0505405, &(0x7f00000014c0)={0x0, 0x0, 0x2})

21:50:57 executing program 1:
ioctl$sock_bt_cmtp_CMTPGETCONNINFO(0xffffffffffffffff, 0x800443d3, &(0x7f0000000a80)={{}, 0x0, 0x100})
r0 = socket$inet(0x2, 0x3, 0x2)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
sendmmsg(r1, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f00000007c0)}}, {{&(0x7f00000000c0)=@in={0x2, 0x0, @broadcast}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000000)="25c9250021eb695612f50c4fc2b316b9c4", 0x3}, {&(0x7f0000000140)="7953b256b3fd43a57111a5e246d845eff6891bcc7353f68e4ec2a0d10c1d24556dcc97f8a0b32d9381dd92bd9d5dde68b59839c35c306d5aba0e77dc12ee6e4e8a4e9f28011426a25dc4c3452d17208d14b68091fbc3e724227e4d897fc3e7faf9800e7af8bfda7ab2efbc4e769eb5a95366ff9108bde736c5c5206ac46df3563f71ef3995f7154e38bcc560d1df2ad43a0246ef8823307423dbd25247a9c7b53af3afd20390be43f9ed38ccd4b0c4a991bccbb0268b", 0xb6}, {&(0x7f0000000200)="2851f822a7c25c84a8a6a2eda10629abe26631a638070f2c92ebc86f9bf94f62efc8fbbbfe449e0053686fd8793a5d6b14b658ba220ec819c2686bbf163c06a1b25d6bd6bd38dcd5b0483e4e4967f31668b7f61a881e77b1bd39d207414ab205d126980e2119eaca29010efdd2929f26154bf1b7175336c0a93c2ab3214fdd689630fc446ef6c51a8f5319bb7352b70e0ccfa0db056d4d03c3b26e77f692aa7c4751c54465ee52bb70ad6c2650874fba159670131387ecc8f639f5fdd5d510b74ba1027267b1c9debafa8919254e3018a11507823a242b51c10c28d2aeaeeecd41eb292a0b42c5b917a90f8862a4230b22f45323c70cfb", 0xf7}, {&(0x7f0000000300)="64eec0e543d804a5098fa6ef463084b5169ecba20a0726faa0da4992b26d20f676d70a4403754c85d743919e70157083e314db63a785429d7fe4fdb829f43b845eaf504cafdab5ebd4421e63815e6e3e20c8b71e3a956bdb10e0a0694ccf7d21dcff9cf82e225c09e6e43dbe507244e98a37d850d49c1d005c6d37fd7b81908131c2ef01392965e6d71b06a453771482ab849ca8ac4239a855c56a6e17b084e5650ec8c3146a24c594a093bce6a1b519666cbb9b04bc212a989e8a54e4dbd63c21bf1cded5115be7a28e3768f5b85fefd9a82b6856ed4a083e6051d0", 0xdc}, {&(0x7f0000000400)="7d56ba867f083f907e27f6f189af79f0ea0e3cf8500bb2", 0x17}, {&(0x7f0000000440)="404b99567c3aa8a4d36f86c6a258ab74170ac1067c2d04d4", 0x18}, {&(0x7f0000000480)="973395521ba8454f43ad3016bed4860268cf2791bf0ece9fd2245d5a8c6dec587dbf3bac57b76e66d8735b600c06454f87825794e428acb2f31da4", 0x3b}], 0x7, &(0x7f0000000480)}}], 0x2, 0x0)
prctl$PR_SET_FPEMU(0xa, 0x1)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
write$binfmt_script(r4, &(0x7f00000007c0)=ANY=[@ANYRES32], 0x4)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r8 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='Jduv/Svm\x00', 0x6a0140, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r8, r11, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$KDSETKEYCODE(r8, 0x4b4d, &(0x7f0000000600)={0x0, 0x8000})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r12 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r12, r15, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r16 = open(&(0x7f0000000740)='./file0\x00', 0x1, 0x122)
ioctl$TUNSETSTEERINGEBPF(r12, 0x800454e0, &(0x7f0000000780)=r16)
r17 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r17, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f00000005c0)={0x73622a85, 0xa, 0x3})
r18 = perf_event_open$cgroup(&(0x7f0000000540)={0x0, 0x70, 0x1, 0x100000001, 0x1, 0x9, 0x0, 0x8bc2, 0xa8028864d5b8d009, 0xc, 0x5, 0x26, 0x0, 0x1000, 0x8001, 0x2, 0xffffffff, 0x3f, 0x5, 0x1, 0xfa, 0x4523, 0x0, 0xfff, 0x1, 0x2, 0x2, 0x1ed64b3f, 0xfffffffffffffff9, 0x3ff, 0x1f, 0x3f, 0x4, 0x4, 0x7, 0x9, 0x4d, 0x8, 0x0, 0x8, 0x4, @perf_config_ext={0x3, 0x1}, 0x8000, 0x1c62, 0x1, 0x1, 0x7fe00, 0x8000, 0x5d6d}, 0xffffffffffffffff, 0xc, r2, 0x2)
ioctl$FICLONE(r0, 0x40049409, r18)

21:50:57 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x420400, 0x0)
ioctl$PPPIOCGNPMODE(r2, 0xc008744c, &(0x7f0000000040)={0x8029, 0x1})
setuid(r1)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, 0x0, 0x0)

21:50:57 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:50:57 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
sigaltstack(&(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000140))
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm-monitor\x00', 0x133740, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0xffffffffffffffff)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r10, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r11 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x400, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x65)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r11, r14, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0x14, &(0x7f0000000200)=@int=0x100000000, 0x4)
fcntl$getownex(r10, 0x10, &(0x7f0000000180)={0x0, <r15=>0x0})
getresuid(0x0, &(0x7f00000001c0)=<r16=>0x0, &(0x7f0000001240))
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r15, r16}, 0xc)
r17 = syz_open_procfs(r15, &(0x7f0000000040)='net/igmp\x00')
setsockopt$inet6_IPV6_ADDRFORM(r17, 0x29, 0x1, &(0x7f00000000c0), 0x4)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r18 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x4000, 0x0)
lseek(r18, 0x0, 0x4)

21:50:57 executing program 0 (fault-call:6 fault-nth:5):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  620.129080][T12576] FAULT_INJECTION: forcing a failure.
[  620.129080][T12576] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  620.142325][T12576] CPU: 1 PID: 12576 Comm: syz-executor.0 Not tainted 5.3.0-rc6-next-20190830 #75
[  620.151439][T12576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  620.151476][T12576] Call Trace:
[  620.151503][T12576]  dump_stack+0x172/0x1f0
[  620.151531][T12576]  should_fail.cold+0xa/0x15
[  620.151552][T12576]  ? fault_create_debugfs_attr+0x180/0x180
[  620.151575][T12576]  ? __kasan_check_read+0x11/0x20
[  620.179582][T12576]  ? __lock_acquire+0x16f2/0x4a00
[  620.179600][T12576]  ? l2tp_session_notify.constprop.0+0x32/0x160
[  620.179622][T12576]  should_fail_alloc_page+0x50/0x60
[  620.189633][T12576]  __alloc_pages_nodemask+0x1a1/0x900
[  620.189651][T12576]  ? fs_reclaim_acquire.part.0+0x30/0x30
[  620.189671][T12576]  ? __alloc_pages_slowpath+0x2540/0x2540
[  620.206515][T12576]  ? fs_reclaim_acquire.part.0+0x30/0x30
[  620.206543][T12576]  ? fault_create_debugfs_attr+0x180/0x180
[  620.206562][T12576]  cache_grow_begin+0x90/0xd20
[  620.206577][T12576]  ? __kmalloc_node_track_caller+0x3d/0x70
[  620.206594][T12576]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  620.206612][T12576]  kmem_cache_alloc_node_trace+0x689/0x750
[  620.206630][T12576]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  620.206642][T12576]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  620.206661][T12576]  __kmalloc_node_track_caller+0x3d/0x70
[  620.223616][T12576]  __kmalloc_reserve.isra.0+0x40/0xf0
[  620.223632][T12576]  __alloc_skb+0x10b/0x5e0
[  620.223649][T12576]  ? netdev_alloc_frag+0x1b0/0x1b0
[  620.223668][T12576]  ? __local_bh_enable_ip+0x15a/0x270
[  620.223692][T12576]  l2tp_session_notify.constprop.0+0x32/0x160
[  620.223704][T12576]  ? l2tp_nl_session_get+0x9d/0x220
[  620.223725][T12576]  l2tp_nl_cmd_session_delete+0x3b/0x180
[  620.234265][T12576]  genl_family_rcv_msg+0x74b/0xf90
[  620.234288][T12576]  ? genl_unregister_family+0x7b0/0x7b0
[  620.234304][T12576]  ? __kasan_check_read+0x11/0x20
[  620.234320][T12576]  ? __lock_acquire+0x16f2/0x4a00
[  620.234336][T12576]  ? __dev_queue_xmit+0xbb5/0x37c0
[  620.234368][T12576]  genl_rcv_msg+0xca/0x170
[  620.234385][T12576]  netlink_rcv_skb+0x177/0x450
[  620.234398][T12576]  ? genl_family_rcv_msg+0xf90/0xf90
[  620.234412][T12576]  ? netlink_ack+0xb50/0xb50
[  620.234428][T12576]  ? __kasan_check_write+0x14/0x20
[  620.252230][T12576]  ? netlink_deliver_tap+0x254/0xbf0
[  620.252255][T12576]  genl_rcv+0x29/0x40
[  620.275491][T12576]  netlink_unicast+0x531/0x710
[  620.275512][T12576]  ? netlink_attachskb+0x7c0/0x7c0
[  620.275528][T12576]  ? _copy_from_iter_full+0x25d/0x8c0
[  620.275547][T12576]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  620.275563][T12576]  ? __check_object_size+0x3d/0x437
[  620.275582][T12576]  netlink_sendmsg+0x8a5/0xd60
[  620.275602][T12576]  ? netlink_unicast+0x710/0x710
[  620.275615][T12576]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  620.275633][T12576]  ? apparmor_socket_sendmsg+0x2a/0x30
[  620.290481][T12576]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  620.290498][T12576]  ? security_socket_sendmsg+0x8d/0xc0
[  620.290511][T12576]  ? netlink_unicast+0x710/0x710
[  620.290531][T12576]  sock_sendmsg+0xd7/0x130
[  620.317998][T12576]  ___sys_sendmsg+0x803/0x920
[  620.318018][T12576]  ? copy_msghdr_from_user+0x440/0x440
[  620.318043][T12576]  ? __kasan_check_read+0x11/0x20
[  620.318061][T12576]  ? __fget+0x384/0x560
[  620.318081][T12576]  ? ksys_dup3+0x3e0/0x3e0
[  620.318102][T12576]  ? __fget_light+0x1a9/0x230
[  620.318119][T12576]  ? __fdget+0x1b/0x20
[  620.328129][T12576]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  620.328149][T12576]  __sys_sendmsg+0x105/0x1d0
[  620.337629][T12576]  ? __sys_sendmsg_sock+0xd0/0xd0
[  620.337658][T12576]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  620.337673][T12576]  ? do_syscall_64+0x26/0x760
[  620.337688][T12576]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  620.337705][T12576]  ? do_syscall_64+0x26/0x760
[  620.371862][T12576]  __x64_sys_sendmsg+0x78/0xb0
[  620.371882][T12576]  do_syscall_64+0xfa/0x760
[  620.371906][T12576]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  620.382349][T12576] RIP: 0033:0x4598e9
[  620.382364][T12576] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  620.382377][T12576] RSP: 002b:00007fc76794ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  620.393246][T12576] RAX: ffffffffffffffda RBX: 00007fc76794ec90 RCX: 00000000004598e9
[  620.393256][T12576] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000006
[  620.393265][T12576] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  620.393273][T12576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc76794f6d4
[  620.393287][T12576] R13: 00000000004c77c2 R14: 00000000004dd050 R15: 0000000000000007
[  620.421705][   T26] audit: type=1804 audit(1567979457.670:57): pid=12580 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir724823644/syzkaller.ykxueO/157/file0" dev="sda1" ino=16705 res=1
21:50:58 executing program 0 (fault-call:6 fault-nth:6):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:50:58 executing program 1:
r0 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc)
add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000000c0)={'syz'}, 0x0, 0x0, r0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
add_key(&(0x7f0000000100)='Bns_resolver\x12', &(0x7f0000000040)={'\x00', 0x1}, &(0x7f00000004c0)="dee7030022cf9e5e1dbac27b0426fc0299c40800000000000000c894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976ede8860ab49c3a4f51ab0124b50c3362201a307df03000", 0x78, 0xffffffffffffffff)
request_key(&(0x7f0000000340)='dns_resolver\x00\xb7.\x87\a\xd2w$\xdb\xf5\xfb\x89\x96\xdd\xc3^\xbaW\\3x\x85\b\x18|{\x93\xdd\xe1\xd5', &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0)

21:50:58 executing program 1:
socket$kcm(0x2b, 0x2000000000000001, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xf9a02c778fe8ad44, 0x0)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r4 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x2, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1800000000000000000000000000000079111000000000009500000000000000ec9ac6fa8d252940136800000000daec56cb0600f2c7010126d395d55075ae9dabcfd613d8919b5d3fe4112348e709735a6b69f9e9ef9565c85cadf4b404182858792747b0b2394d41197b4c14bcc3f0cb912da94f2871a249de472a1977645440441eddd29f30ec22634dc8ee52261c74dd5c646964213b90b3fe48edb67e96e9e9c0a184227f00526d4059781f7d09356fabd0c1bd477d41bc08f33ae06b1b6f2a2bb64b0c24977848c25f5f16898cdcd7b9aa1760ea1842a460d5202c313d5397cb28ae8ec415dd036e621fbd62fe61fa62b6aa5c036447364f60b75cade7e9bea598dffeff240e9439c629b16ed40965a499fc2dc1d9f8e0ce1d45b0ce26f086d557c2a65b2a85a07675155db28f9f794e44ea151c22a23a84e28d49f607d1b188f17a045dadb6849fd2ae359e88f768e2fd304a400f0f5a1cd14e03a108cf9ac316d122a4d3a85857780b92c6af0fefee7ede5ce7ad639fd300"/393], &(0x7f0000000100)='\x05\x00\x00\x00', 0x2, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  621.009415][   T26] audit: type=1804 audit(1567979458.260:58): pid=12578 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir724823644/syzkaller.ykxueO/157/file0" dev="sda1" ino=16705 res=1
21:50:58 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  621.108888][   T26] audit: type=1804 audit(1567979458.360:59): pid=12574 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir724823644/syzkaller.ykxueO/157/file0" dev="sda1" ino=16705 res=1
21:50:58 executing program 4:
perf_event_open(&(0x7f00000015c0)={0x5, 0x70, 0x0, 0x0, 0x106, 0x0, 0x0, 0x0, 0xc40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x5d89c0f4c668f199)
lstat(&(0x7f0000001380)='./file0\x00', &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x6, &(0x7f00000012c0)=[{&(0x7f0000000080)="957b67c113b814ab930cc7181ecfc6a673f30a8d16f72cf32413bf43aa1ce30bc338", 0x22, 0xb66}, {&(0x7f00000000c0)="715606c88bd9eb6fbafa70e8156acf32475d5a7dcac436c046c661dd9d0860ed69192e1458823ac74121facdbfc9cef7f71c395216bea7690f6ae2a5b5e39a15cc4691ec5b73459da09d477e5bd749441956e8789329500ed8db78b4ad9b25c83c816324f9249f59b92c1fc79bd512f5d015b23d", 0x74, 0x372a}, {&(0x7f0000000140)="ca1cdec3ea454cbdef91e39b0f0ea981491da7d288cf50bc7f6ef3d681b7266f78ae0f2209a9c82a2b5ba722e7d3615d2c296064750c736328f8cead8375c101fde765fbb306bbfd269d26299bf282d80e779db9ab1b1980edfbe8650456154a6ceb62e0282423ce87dba59a51232206e41ab0f0eb33a5c77f11a905d232e3173e02d239182c5d7c7a18f1c59e2e71265ebfe06d3c67df7b401c0e5fdf9e8b7587eb2cb56e3db556f46f09012e1690a6d7e07bb22fcd99efd3a13df3ebef8513278bf012", 0xc4, 0x1}, {&(0x7f0000000240)="ceccca775f35b5375cdd2142b8cec403ccbb1d397bbe63310e5df6a00f", 0x1d, 0xffffffff80000001}, {&(0x7f0000000280)="4f93edcbb9bca0cdbd64e5c07977503bcdfe28e43a0362f284816bc17fc5c5c69f92a6705e93c1220cfbc310c3149c4265433593bf1fc2b1a392b2a33da358a948f0fa52c5588f6ebf55f416e4f8df683fd77d743f8fcd00df67a1163cf2b4d9c3253054cb5ee984119630512a20d474dc5c90e72aff6f611377284a628639836cdee4965cb70f3761f53dc7c8d2fe7ce9afbf3910fe75a1f28fa1ef270d389a6af9d4dbbfe55a11e0313b0cb18481200389815def213953ee9cea1b9de57e28d44e4aeaa57769ad83b4953bdda8c4a7a6222623d82606cacd3117feaec9be446ffcd6fc37e2cfb6973af00c88ebd18bbcffe8b70db273c934ece125ed6bc31cbdaed9222d615511042ea09e53c91c6d9864eb700580fec2c88a23af8e706f6d752015e78ca412ccd52a374e5c95910b588bee1ab6fc345f698b569a5a082ef32aded65ee3cef89e2957404ec806dfda0d6ce91ff11f12bb8e86f1c929dac8f51b7d1413dbb45e74a653c476db070e939cae6b7c12baefcc1f20a5d9d2733e7c47652be0a3aa6d6337942f4fbadb3448a57688acc08813b65949c89e24f4fb5fe15ebb339d38f7444f750563f124f49e961dff8fd8e683803a7c23bee4bffc1edaafa59bdddd1d21b9f2f3006509d1e109fd726eb82d520f48d5d7b741c2c275979156cbea5737b0cf9f63fb16edcb907d87283479b2fbc07c36696132e7abb1f9f866c7324ecf8128148a6d9b7556efd12bec8e7921d05f12334530452aaa981fc8318460d8213cb6b37aa9c2b6fc5f80391a6b48a7c8309ba1f5aeae914ac96735ad30d385c0382b25a89016186b5f0188d4776e2e7149a1bf4a1c021c702f6dfa38a2dc92eccf2074476a40791596f444614e163ea6e3f61114433ba0ceae26431fca0fd4dcfcc7e23068ee6fb5a4bf7cf8eaff665c11f6ea386df213847d39a0c84e0550f7d30c4d5fad97045d3b365ed2fbc36a38d7acf18c4255a5fdb8c3c672caeec16a95176acd4edfb934d87b6a96d09a4d3f3099e13d56869f8d3dc0ed93cf26c864b404859c9f89403fac2457cb66ca60f92940718f8b084e87368a5263e71ad3c3dcf1b8421be6b407af3b7a5656e96ba1bd1e12302752199d2b3e1c159106e2cf5313a76e23d80ad250bb46ec09ab67a3ef6dcdb1287281fb6b5c5635524e175e5f6a8cad7e9a801d06c850ecbbe3464ef5240d4b95fbd935280edbaa01d8c4407678415e9de61f890993596b3e23db54b45a4323d6dbafe68ab6092beef3290a7b0e2d6071d9cdab263a145dd6c6443346871e7c8a701c62e08396dbdbb8f704856936390074d2ed91e923c0ba6d170c855afe1689875ff978b84b72aeaf21dfde2a7067674964399a672f428485dd8e89b5bc449fc21d357b3da64a3a7b08b176c5c931f731bae832b448995457397fbdfdcd24c194859f200ae08b699ec1a4489f45d480b0fcec1d5489e13bce9d54fe58157727dbe2d3e15ee0163334068d5ab01113963123fba628b18bcebf59f21728eb5fb0e69b7f6ae21111d761e317728ed1c8c7153e1178f3848aae044ad8db95d4ede065463216ff2f181f09b2c87609ae7ae60b51c80754fb692323a82352a9be71a3c890b8a9d2c5decb1744170b67d4ece68dd70f66c3d1757495bb59a61d03db0e022397135be745305b877c5f6c30ae92a3db7c6468570d490a2a41a545b3523c1de4025b8c22c69c4c59e72cf9a26957029df5eebd1a9a89ec5505d5f03eb4a308171360dd86fa525862da566be624330e77c2f5f836904aa0d719a761fd36230ab53721d37d969ea44e0d8b0a5d7abbc5f1c1d67fdddb4ed3d798503a2b872a26aeb5b0e3c654d0fd38336b69256356e00fbb4e4cf5b1b1817337263ced679935be61bb94bc80b197230df69dc58be9f02547a4c1ae77db375b0c57e41e5cd1169d749bcb566ca581c826ca93d8efd4946df56d915586018bab6fe78939d6cc00a87d07246a8d7006f3fc36fa18e149ad9ae173efbecf8a32ba3485d819fd5f6788436bbdf823c48cf31bc432cb82768f202a5f6448a32877aa7ca06cb7c6aa6cd9048b3f1359e60e4aa0bae7a450395ba6ed96b5f860e977a10e416f1c784406e927abf7e9088db2f7d1130250b08d70b43e4d753b5dc1968ca96275e87195507158458cd4124942a55d83dd9afeaaf6f8472145933804b6b1d3678921e6021bbf6a7921f18b8a70b2b6c2c0a193d08f5f481ce0264bdaad8bc1e827aec52574168bf8f4972f2cb932eafcf06ee599541ef116042e11d8eb16e00bc3c2861f6f8f4551854d17169cdba4ab9cb99e0dce03bac825ac923a43d5c77edf0bffcab6674f544ea789ba0818061ff89cd007f0fb4fa6b8af394cc9f80b25225ac8c7e52d04c3840095316d4a2dc256a1e1139d780136f048a6280e65ceb19820ace8bcc1362a8f7c68acda3f20864fe69dd1fb34e15886a9377d8f319d4a78584719c9134fbf5b93c3772e8fac76165c02061c1650eb7d6d5e9e490b9eef17de5fb2b107c89a35ba6cb84913eb1592237b1571cdd6c19d991e1c73844ba33630d61b8ff953d4440b30845d9dddcc09f378e99f10ad2794bc7a78e07587a60175449be8a2bf26a3da78a33c88e12ccf4ce1d49d360c842e85e1d003d3d94bfa2692f04e8b40c4939acdb526f8a1eb693e7d4c113066c52e609beaed352bded723e3c4bb83b39e8f797c8f72764030a44362e0da71b59b49ff580b2e3f3f430d603505c651b7e4623961d06fd7efa9eaad44b8ec2cd2c672fcdccc8c7aa111e0b373f7b01214cc8d5ded28f0342f628988f44055b22ec880157ef3574a26aac025b39d79793c05c213193e708b6798625aa2f5b3ab873f7e2b1ef6326214858f13bb698e60820ee3a031ea9264d0d1ba9954eed3dc672ce2d8e3e362c5b457cc58cde7ee755815d4f6802c67143e3247876a32c17d8f08cca4f4a7266cde4de982377fd3c7bca5119d492d70b2898af7b102b54f26f03562009c0f30e6ea571441e13245f67c985841ce24756056b7e6f8d188e896ad8557cb9f8367fa602b0c5040980c7baa88b7baea0b9da4f7ec7f6af4732404a094c4da542a1b335f68de6969d6f7656aaa33782b123d183c2fb1f3f98a23b768bb1273114ce650e2b26b71cdb348327d5713891278a831263dcb7fc041fa6bdb39791f9830fdb7b30f6e8952aba8a5067d700ad0860b5d6a1f47902da399c91ff4b5fb60e2377cb089f22a218723b76f0c3f135c8b405f256b27702759e2909772568ac93f50601669f1668111af0906f6a94b85be23834c033e6a29c91bd0cedebf0c740f5d055eb68b8fa03446113deb9c901c2237d2e2f5aaec88549624b239126f3b93390ea1a0685664b4bd17c125efceb9e5231bfb7d7a8f5753ff1cb71932765d42a8c0038de8bc1461813c6af1908750fd2044c7691e853ae0a9baa33e443233cb81254bf861c405dd16e42a436e3c7e91b3fd602eb4c03d070d03ea992f15482ee51763375643e34815647bfc56df293845883b4cf1e9bedee3aef8acb8ae7400add40ffd61af447cc4ae096ab3f6ae0ba63ee85753d0692c1d5e414f7cc915fec64ba077807d96f3f551ad812e17cccfb926259b3737e20eb4f57ee1081be0e905e271061e9a67d76bf65d24d043b3ba747fc39ff1e6a7d7c3ded2870c273edd08492d0d29f108a34257d590f2d84ae59ac59ec0102d8454dfcd50bb16ba874e854b587109655517b4183296da445acdf809e05b3abd4537902444a4fed3b11babd773c8d5487646c957318b10b2a3c556e7f34a1452efd6de11453796842f7669fe91b1eb56040da7665fb4db8e5fa37d0aaf42aa6479550406198d440b4cae779e54757096f283fd899c42dafe39be8f3cce492f28ccccdfc3e9d3c8f5629033a5b4489c3282ca598e36af67a3ba11a5a5c18f67562268806442cd450721ca3f05a6c7c0bca76192880974c8a8db5316037a526b7a07baab5e0cbff54064b2209cd9900d04ea2b41324d916a1b94891a2c203d85dfdb62434630d6436874b071278e312843914f7cca5c4291dcae493b7369759e5795a16c624c8b8c52bb82614b4f90ea32b5a70b4ed990cf7246c8aeaab67fe230be38a74b8b8821a383aa2e0e72d1c2bccef541971bedef8391d59ff7dbb132ff1292169736f19884c200cbb49d7ed9b58635e71bfce1c8b2a766494bf43b9d74ab9a315a9f7224172199b21fab18990e18376dc52b095bfdf06fca721bcf04c7eaf19fb4a3ceb93841e27f93c9b70644894e084ab5795b18f282d5fb0fd3cdd6122b84fdcc7be19a6e3b37f09e23546d34384daba8b10ac498d4c79f345a87fec4b4647c22388911d7c16a7a3ad0954ec21d1e265a639f1e78a93b5be8ca7acbe2ced939de0540df1b425d2a2982ecc95ba0104cb1e4ccf2731aef5a7fe1029270afaebd1ad80ba7db7595dbeae9f2344b8bf21ae37ba2582275a887e786c8cd41699d892fe1acb05b4caa20b0d51a4a082a2f04705bccd45df82af2ad64b8699492d4131e28142d609a1ecd0505a33aa255eaec2828cae3695cc66975aeac5e09650238d7129c4f012cb2a1bdfda1f38b60b363f07ab67fe419a2927be5d5df45a95bb1692adc0d199b463d3bf0187b0db349d140b3815dfe98c972dede09f51a685f4d814bfe8b8f5c8167acfb2ad1e4ba91e4b2a809413eec45e7334887cdc3383e6738ecbc567310721c14a4f17a81c23e00bffc37c3d066fe39c36af9611aa2e007fa225901afac4fefa385fcfc953c5c10e946a8faf1c0e71eba91d80e32dc055219f7ebeebcb2209521409ea9f30237b732e281e7faf1780f2e5563f9eff6e9ffdad9bb060b42128218f48bb2f8829bea1b9afd40397678cb5d35b4f6ac4b715fdbb3c44085cf20b823d6a84ab9105c3056b004c3779b0d8842a35c38dc0fb73777b57b8565cba815fa5fe1610615b3dcc8a685e317afd76821a02d602b33ac3eec121d3a29132715643da2a4d48640779f58ad6ee2b89322ee6ef02a0e234b7fc2d938435ec94c67f1b8948f2a01835b2f49fea6f2d8a875a3496fd56c16153157d7bf2adaf00bf0ffcc56a00531fe6a7094eaacc53d828deb196cdb6c2176e2cf793579a54ffac8f0caae82af23ec9581563a4b8484a75ec3705b0f271a3a298bcbe0163628b086410eff0c478088ae0323bb84c2845254f0a83e635e587f59f0bbf458a8646bb3e0c3a426160d1d436279f734b0469efa4c92bf6d81d2bc7aef5b79188397a0a24d49ff1097bc972244a8a6385b74299f9a256818f967ce76096158e0380c77f87134d7a7c4cf299bb21a0e9dfb0e528f9cc22d22caa39fe3bd7457e02fc2d0873e3bea358b5b371c9ab8e67b325305d4791ca63637a99a5f9fb4860e080185982791a99280f90f74a88cbca2a02433c2159d169df52d3a5b6dcb99ffd3a47a6572443cfb36207906ab0d56a4437d8386d6d4ab9c4961e368944da103470c7abe7e0395798eb5f2b79550d634116ec2d8a6f9c0c9ea0e706ee180e1caa805eb535aed4240c9b9ffecd1940c1f037c0fe3cec9dcc34585e7c09bc07a2e9435a067f9e123c0259c593e56287fc4bfa69d2f1ed925bfc8f6151766bc7aa7e0ff36417f488e55aadde2a5c098566ad96bb55a33265832ed9c0fb119309663eb7b094bdf39cf5c1b311f01598a4852d1b01ca54ed52dc69eaece03746d2119e00d906a83277525a5668dba7dbbb59057a88d2ebdf2329680fcbb13d05ef96c4a520c29ab2266604794d9f010a4", 0x1000, 0x9}, {&(0x7f0000001280)="83ca85a23730872a2412226d483a2d21f7fe1cb2a9090301f3afb1afaa0d9c05a0a5682ee25e6618c94880b76b93e7c4797980238ad882c042bb84", 0x3b, 0xba9895b}], 0x0, &(0x7f0000001500)=ANY=[@ANYBLOB='user_xattr,acl,acl,acl,fowner>', @ANYRESDEC=r0, @ANYBLOB="2c61707072616973655f747970653d696d617369672c66736d8fe19c7f28b7616769633d3078303030303030303030303030b96e8efacd5cd4e2b58c966da108ff2b875efab2db57b66fe4066e70a0af8c928af1f76833329fb2754b13d5d5b459e73dd0faf41e9c2db49a8b10"])
prctl$PR_CAP_AMBIENT(0x2f, 0x5, 0x20)

21:50:58 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  621.427810][T12601] erofs: fill_super, device -> loop4
[  621.453610][T12601] erofs: options -> user_xattr,acl,acl,acl,fowner>18446744073709551615,appraise_type=imasig,fsm�áœ(·agic=0x000000000000¹nŽúÍ\Ôⵌ–m¡ÿ+‡^ú²ÛW¶oänp ¯Œ’Šñ÷h32Ÿ²uKÕÕ´Yç=Ðúôœ-´š‹
[  621.516110][T12601] erofs: cannot find valid erofs superblock
[  621.559845][T12601] erofs: unmounting for loop4
[  621.722398][T12605] erofs: fill_super, device -> loop4
[  621.773690][T12605] erofs: options -> user_xattr,acl,acl,acl,fowner>18446744073709551615,appraise_type=imasig,fsm�áœ(·agic=0x000000000000¹nŽúÍ\Ôⵌ–m¡ÿ+‡^ú²ÛW¶oänp ¯Œ’Šñ÷h32Ÿ²uKÕÕ´Yç=Ðúôœ-´š‹
[  621.853772][T12605] erofs: cannot find valid erofs superblock
[  621.859816][T12605] erofs: unmounting for loop4
[  623.182655][T12616] IPVS: ftp: loaded support on port[0] = 21
[  623.259754][T12616] chnl_net:caif_netlink_parms(): no params data found
[  623.288040][T12616] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.295268][T12616] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.302946][T12616] device bridge_slave_0 entered promiscuous mode
[  623.310635][T12616] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.317813][T12616] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.325833][T12616] device bridge_slave_1 entered promiscuous mode
[  623.343141][T12616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  623.354307][T12616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  623.371057][T12616] team0: Port device team_slave_0 added
[  623.378317][T12616] team0: Port device team_slave_1 added
[  623.446628][T12616] device hsr_slave_0 entered promiscuous mode
[  623.493876][T12616] device hsr_slave_1 entered promiscuous mode
[  623.533645][T12616] debugfs: Directory 'hsr0' with parent '/' already present!
[  623.551118][T12616] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.558279][T12616] bridge0: port 2(bridge_slave_1) entered forwarding state
[  623.565682][T12616] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.573358][T12616] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.610140][T12616] 8021q: adding VLAN 0 to HW filter on device bond0
[  623.621458][T12100] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  623.629875][T12100] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.638379][T12100] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.646977][T12100] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  623.658670][T12616] 8021q: adding VLAN 0 to HW filter on device team0
[  623.671451][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  623.680080][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.687161][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.699600][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  623.708229][   T23] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.715314][   T23] bridge0: port 2(bridge_slave_1) entered forwarding state
[  623.740262][T12616] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  623.751797][T12616] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  623.764707][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  623.773146][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  623.781653][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  623.789966][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  623.799659][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  623.807304][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  623.827260][T12616] 8021q: adding VLAN 0 to HW filter on device batadv0
21:51:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:07 executing program 1:
r0 = getpid()
capget(&(0x7f0000000040)={0x20080522, r0}, &(0x7f0000000080)={0xfd0a, 0x0, 0x2877, 0x20b, 0x3, 0x7ff})
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
fcntl$setstatus(r1, 0x4, 0x2000)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000001040)={0x2, 0x4e23, @loopback}, 0x10)
shutdown(r1, 0x1)

21:51:07 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:07 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000500)=@random={'security.', 'mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13'}, &(0x7f0000000640)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x102, 0x1)
writev(r0, &(0x7f0000001800)=[{&(0x7f0000000200)="9cdc2581b104c34d8cf8e1574f5eeaa28fab571bef485dfaa240ef9046f3fa7180ecea52720850588510fac1fe5cff376f58fcaf3c109344377b2407450e1f5c3bcb40eb9a89eaa3ff6127007e55243196658c06f681eada1d18a15ddd2d528a186357f46e0c9b21ca0d249f754420909af686ca3c", 0x38}, {0x0}, {0x0}, {0x0, 0x2e9}, {&(0x7f0000000240)}], 0x5)

21:51:07 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="18875163", @ANYRES16=r1, @ANYBLOB="7f6600000000000000000a00000004000300"], 0x18}}, 0x0)

21:51:07 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x100, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r3, 0x2, 0x1, 0x5, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20)
write$P9_RFLUSH(r2, &(0x7f00000000c0)={0x7, 0x6d, 0x1}, 0x7)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r10, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r11 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r12 = accept4$ax25(r11, &(0x7f0000000180)={{0x3, @null}, [@bcast, @null, @remote, @null, @null, @netrom, @remote, @netrom]}, &(0x7f0000000200)=0x48, 0x0)
fsetxattr$trusted_overlay_opaque(r12, &(0x7f0000000240)='trusted.overlay.opaque\x00', &(0x7f0000000280)='y\x00', 0x2, 0x4)
ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r7, 0x800443d2, &(0x7f0000000380)={0x1, &(0x7f0000000340)=[{}]})
r13 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='\x00\x00\x00\n\x00', 0x109002, 0x0)
r14 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r14, r17, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000480)={r14, &(0x7f00000003c0)="17e3948a73cc73535ac1e9feaef98dd369a754130684a542933c56167962", &(0x7f0000000400)=""/120}, 0x18)
r18 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0)
r20 = ioctl$KVM_CREATE_VCPU(r19, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r13, r20, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r13, 0x5387, &(0x7f00000002c0))

21:51:07 executing program 3:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @reserved}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r3, 0x4040aea4, &(0x7f0000000000)={0x2, 0x8000000000000, 0xdf31, 0x0, 0x9})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
listen(r1, 0x4)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f00000a8000)=[{&(0x7f00000000c0)="580000001400192300bb4b80040d8c56286932324ba7e680129643c218fe59a2e04a03ca8164243e890000000a215a0004fbf50dfff90003a5000004000000005e0000001d30221f1000010007008a96ff0000ec6b0f536e", 0x58}], 0x1)

21:51:07 executing program 1:
socket$packet(0x11, 0x0, 0x300)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000280)={'nat\x00'}, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000040)={0xfffffffffffffff9, 0x33a, 0xffff})
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x41395527)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_settime(0x7, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x10}, 0x0, 0x0, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
r2 = syz_open_dev$usb(&(0x7f0000000280)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f00000000c0))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, r2, 0x0, 0x0, 0x0}, 0x30)
fcntl$getownex(r2, 0x10, 0x0)
mount(&(0x7f00000001c0)=ANY=[@ANYBLOB="2f6465762f525b317f4373723000"], &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='sockfs\x00', 0x8, 0x0)
close(r2)
getsockname$tipc(r2, 0x0, &(0x7f0000000180)=0x1000000d6)

21:51:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0dfbfcc0d8d6ef4e1ac9bf528cc77859d4de737f324bd8efd530c366fff91fff447bd3bd400d046bb0b02abde978374750c385417355fad501ae9dad4fde414d7033583120eb51a6d87f17", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x5, 0x0, {0x1000000, 0x1}}, 0xfffffffffffffd57)

21:51:08 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:08 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:08 executing program 4:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$ax25(r0, &(0x7f00000002c0)=""/232, 0xe8, 0x10, &(0x7f0000000140)={{0x3, @bcast, 0x7}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x48)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYRESOCT=r2], 0x1}}, 0x10)

21:51:08 executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x3, 0x80000000000004)
socket$inet6(0xa, 0x3, 0x80000000000004)
openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f00000031c0)='/proc/self\x00', 0x0, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x28000, 0x0)
getsockopt$inet6_udp_int(r0, 0x11, 0xfda6e74dcc39ed3c, &(0x7f0000000100), &(0x7f0000000140)=0x4)
socket$inet6(0xa, 0x3, 0x80000000000004)
socket$inet6(0xa, 0x3, 0x80000000000004)
socket$inet6(0xa, 0x3, 0x80000000000004)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$vfio(0xffffffffffffff9c, &(0x7f0000003340)='/dev/vfio/vfio\x00', 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x80000000000004)
syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
socket$vsock_dgram(0x28, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000012c0)={0x0, <r3=>0x0})
getresuid(0x0, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000001240))
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r3, r4}, 0xc)
syz_open_procfs(r3, &(0x7f00000001c0)='net/sctp\x00')
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000002f00769e743319b30900000b0000000805030000", @ANYRES32=r2], 0x1c}}, 0x0)

21:51:08 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:08 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:08 executing program 4:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/67, 0x43}], 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000180)={[{0x100000001, 0xfffffffffffffff8, 0x1, 0x4, 0x7, 0x7, 0x5, 0xfffffffffffffff9, 0x0, 0x4d63, 0x8, 0x1, 0x7fffffff}, {0x4, 0x8, 0x80000000, 0x1, 0x8, 0x98, 0x3, 0x7ff, 0x9, 0xf53, 0x1d, 0xffffffffffff1adb, 0x3000000}, {0xfffffffffffffff8, 0x100, 0x2, 0x8, 0x8, 0xffffffff, 0x81, 0x2, 0x7f, 0xfff, 0xfffffffffffff705, 0x5, 0x8}], 0xfffffffffffffffd})
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r7 = accept4$bt_l2cap(r3, &(0x7f0000000000), &(0x7f00000000c0)=0xe, 0x180000)
getsockopt$bt_BT_VOICE(r7, 0x112, 0xb, &(0x7f0000000100)=0xee, &(0x7f0000000140)=0x2)

21:51:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x6, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:15 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000002400070500"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff0000000008000100706965008ce9c2709aa44b401ae409a782240002000700040000000000080003000000000008000600000000000800020000000000"], 0x50}}, 0x0)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video1\x00', 0x2, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r3, 0x4020565b, &(0x7f0000000100)={0x3, 0x95, 0x3})
r4 = getpgrp(0xffffffffffffffff)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={<r5=>0x0}, &(0x7f0000000040)=0xc)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r9, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r10 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r13, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r14 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r14, r17, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, r9, &(0x7f00000001c0)={r10, r17, 0x40})

21:51:15 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:15 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:15 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x9)
read(r0, &(0x7f0000000040)=""/11, 0xb)
r1 = syz_open_pts(r0, 0x20501)
r2 = dup3(r1, r0, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000000c0)={0xb, 'syz0\x00', 'syz1\x00', 'syz0\x00'}, 0x118)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$BLKRAGET(r3, 0x1263, &(0x7f0000000200))

[  637.876131][T12702] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
21:51:15 executing program 4:
r0 = getuid()
syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x83, 0x6, &(0x7f0000000300)=[{&(0x7f0000000180)="ce", 0x1, 0x2d5e}, {&(0x7f00000001c0)="decdcf4c05dc81a7e553", 0xa, 0x1}, {&(0x7f0000000200)="8d2c0d681bb24d4c200c4293a421a2f555d78e4ec29a67aef4e3bc88e130126601d128c53ce87cad6696e4abb40b2c4e4c8f", 0x32, 0xffffffffffffff80}, {&(0x7f00000015c0)="80899aa926fbd179ba748d9d31051a194867d759435796aa13df51519dd4f4c228ef65be936b6baa2c21118ac00ec01858214c9fd23746f53189a9edc13d3198eeb5a02a25e5a19a4d4a8a1beddafbd37143a3354bfe2c94adff85ca61a6d38c6679c69755c494b6f4241f1ae926562b68d21f72ba1fe0ba65bf5471009a98e921d5195a0775d3551f770178d1ea71ef6013d7f58ccf550ae6d725b5d80c0bf381fc743f2fd39b5e425c503c781c6962cacf1904c2cdea31d3fde8677a18b9e3f18bf49229491e86915e4bf23c0805790b182b6a50f8be00cc2da525372606bae45505c05910ea2c139e3273e354ddd9aaa32681e55b6d1b026efbd2c19e81d3a741003d9a30137ab889e2c4832176ac60ef0c5dba251f10eb35e8115d364a1dbd5617517fd3373b68db053acda7f1639eb524ca1da04e225d3e5872d7a55867d1b7ce7df847365eeb577bd75a40e663c63a2489402fcdd883acc57056c5e08782aeee6f859183c7a429055bb969bf35c3de88262c386557680691f15af9a6b40cf4176db0e81ca96345bbea4d7780dbc9adddc0935eeb4a4c480fa22241b60d735d0badccab5e3483c46057f4d6121d35e81601b3215e704f74f9550657670ca03f6df4c2b7516700aa5e74f5d86cef02f305c234ce662aa4084bef7b8e40e8494d6fac56ae3030190dd700ccf3c12f5aee81093361e9deb23869a54288682683820becd3e72912fddb36692e92ab18adb11fcd0ce635f0fc5f6f36a3a135228ef3219989c88d3ac33981081d9fcaee3f5f4b6c280d22fad6d089fa1e8a30d294b01c259c45668a0bdaebbe08bb510d73fe061b0db1fb9624105333e7110067ed60e44b8511a9874d1049f77671de29ef5a0732c71b3c96a6f57ba330ad2be824299c1c9197e391787a9151ff1a11fed65894eaa5f6dd4e330c337d287e0f6e9169d703a635f93995d663fc7d1e142850169256abf9400c33088fc2fec7637996fb806cc648d753946f8fe37c5c83d0debfb22714a372b626551b5e0e8dc18ec41c4e0d37072385a1a6801cd9ec7ea1fb2142fb7babb916083ec3af0cd7e7432bce2eb1dccfc02b3a0374e2c1acea33f59d87cdbabd18fd0fe642b182e7769da4a24348172b6dc74e4752ab3fa81a413aba5e729248c95a67685eb82f235aae444520a57c133a359809436d4ffb63db75ba320180096068f806acad5c898ff84e733ba14b212cb42007d4d6555dbd6156f9be9f71a42295bc3521a72ec08f9c7f06ac8705fe57a472ac2f484b2210ca9e48f4b9bddfba40d0d1ec68f75782e3b6a5d68c32db55c9a5aee38ebe0fe2d6a9b5f31833730e7ce65a47bac25da597d63f8617e82ec0e4353964482bbefc27571f22aca52b9f40592660e9dd22108fc5f62d6310314cd5fce23f69d58f688b3ba2dce26c23526fcdb048a35d90faf2fe07ce0fa7dae03ddb6996b8851ef51c2b42d0e1d23a3f0fa034597a3928b88b73639249840c2419a86e5a3889efd77990a96578177e5512cf9a36cd3a7f91648faa67b420c279e2683e682aacf153b49dc54e530765f2ed6e02ae86f5b722e75e81a705e9aa1c5d432f70db4008a23caa6d414888801128148f3e78778b804c5577934867fedfe5ce3d3e3f46f8afcefbcb72d59527f92e75fca64ed27bf5a57aba6e90fe236ac61bbb8ff5244865f5e1bcc0e43e2e727ad9f8e2cb9fbe76d0368d01782adcfa5b8d2f52bd2ba18794f1de724e3324c566d9b0dd94f656a62150f43bb44489bd18baea775f04ef21e7e859e0d25aee7f80e1306068e8e5fefaf513a58217655de74631adc5c171b84b08915e7909e7e614466a2c947fe9988b18abaf962aaa8dd47f3017d5d6bdf9974b258aa7edf6c24b6ec4cc69c54b7d9b95dfb79c803a03f6b850b610bab9208d85d1a5e360dad982212cee740293347e83cb772b22c8912cf1e3e46f32e0ea1885e54e62c302a82c4486e0f2c3b6a647dfeeb65873f5475f70663b7d2092ccba07b3e925913059474d2cf66d63a1a7f3141c71efe8cf5d9237b869f54935576b5fadbcef9a5f8c63ccc869ec7fb340b3681c5d0b056be29281adcf37295c20ccc9f42c721d4c71b790aed7807eba3d069b9e65784d8bc9371209f828b60720446945adf894fec98de9a7536eb786d2d78cbfe513aeafb7242ec5be1e77cabba7b0e92bd8f625e243428deb6f2367098e8a8fa946a8c9cc1c4daab357537c10f0ab3b5855c1caebe7fadf1af5f8e74dbe8d78899bd839cbbf2dae2da2f82ed7b93e72c123c0d2a9d1a701f314a0b4ab1f9454e14cbe4017b4ecb7e47393f7b060c154ad496662d832614a5d1e98eb6b5d7b172fd26ee71b519a9fbf6ae19b3037f04466cdd6c80817f9a73476fdb2f75b656e680ae70a12c286b656a25fb65644b963707955dbbdcb94e63f5ead6b1db5ec06b3a59ab6bdcf923ca4aaf522f0eb20a965e68c1694f722c02546c3a9a875445c3c9471fc323ff5cfee1e792d8939d20e73fba046ba3e34b957caa4abac9bfed8d5ac1cffc4e549799d78b71c7bb4934da324412029901d10905dddee9af235b16155b4f1816f73944a1710aafcfa6dfddddd6b6e30a5cc2a3fa9aef99d60e4e6f09cde7fe2a5d2723f1ee419ce35176e4ae38957b9adef8d161688f628cccce4f5d9891db9f00254c7b58659ffb4b1f2ceea34a4555d1f184c635c2c82c90c71ead7f4f3365762792034dc9182b68306bf1cc930328a15660884b55f37c616a7e1e607dabfc067b0b8ee2f1d3f7c2d0a52c8e5c08d34ee742a59369335da10318e9341e708aeae7956723e9884a29a3a6976a842e20156732f67609b69d0d9d702d8dbd476045e5d3e46d99064b0282e81cdc4cb437f6ceb3c51bf20219e5544fd5ccbfdd8f1f79daea100fb160b49bbc76f0ba86291adb3661c2cf7d0e4d1f159a88f24b3ab3eec48babafdbb64e662247fa226a8111e4a15c9d14eb19798d3752a6935a643afc553f5b0cf3e06a591df849ba80ccc4d25e1f7a4b7f05bf4fd81f892417ce873adac8ee0449ed8b5f8bcebfe6b61fc7deec4ea1d8fe88a435a3976b400c0a308d2709fdf6d1c2e0564c6aca1dfdb31367c6e191c2950102f0da1975695ef5f38430900b38c187538d8cba1b8b1ac66c15bc459a2da3dd3d10f571009fc7579ecd2e8be50e7f3f62ebd7bf4f5191969f90c98ef5daaf6ffbac90dd75dc4937ca015dd110391d25a143fa4d9a1e3eb6fac92d43bf8d0ecc91f903869d8d78dc936c28e9b071564db01c6bd533788c96dd836fc5b0d1db00212fc606125c978f5ce515d5b3f1ce3f18e36d7e5be231bd56b64330c636273ffc023f6957bd4659de10c688ef65b8784a50cce16712373dafc0790f7a15c6b3dde7b3efc83608d5646ea9e9814206c84a89721c219bcd299f9040a897d7b36d38a174d71dc7fdbd490c805d595198a55872138a4e4e4a68dce477b1f997ccd0014f501a42c8485ada4759b5232eb5e677e79f02bef1042deed4e5992f7dc59e4592eb154bf72a1aebb89114bb2a28feec69ff98cb45e5a9492393644ead3b0ff6819956fe82c707ce219417481e0617a0579e6d7078f4ea9e3a89a93703a57e902f526acb461a4532065810358374d19d471591d2a660b7b3d611cc52f3df0740c8f59fe3a3f3778e62ea83af491c04b3d7b7209a408cacf68feb9bef7a8ecbcc8900fb3ba34287933aaab0c9cc7139c2d42f1bb60be54d1891d5e28ae18f9ddc9a368991449156b78aba990f2b868b4f8a6ea4aa4e6f23b09ac07ca90e4043d760140b1e6cd67118642bec48738e01d36ae96f0988591fa1ea591d72347b12329fd4ca1d98b285652213d2beed7837392f4799d4d3851d3d3856d400a23465365ff72836d6cf8b68c9add3ad695b50fdc161aafbf206f1f9d7f732eda9a2cd349ff15ae8c7501626703d816b10601b6642ec6374fc35da6f950335e9dd1f09087a7113c6cf7ef86ededa94e2088af90c1cd97df5e60c766aee5bf24de960b1e292c81631a9fdff74e251f6cac23331f3287834f1754a830847f1e06e5ea917a144a53d0cd37856be5460fbc4fca0301fb6d6ab197a5a4d50c07e5a3dd8891322d66acca92ee888a9418b9663e13f3faa486f69f22ddb7eda27407b7aea3bb7bb1590710131ddbc18d660846e773d592744de7fed502a2d375b94e2127fb38a1402d4411c4fe23720787348833abcc562ff713bdc54d65245ee218de88591562eed0f0fdfeda8f97bd711e816076a8efeb86c28c403f06f2ba96245ab60c693f262a88f72f9bf4ffe7a354094765f0b4f481a3fa923303d0a9e32272937f0716ab66d3f2bcd471011c94a36549fc386e0a77d2014cafd6ddd5467fa02a796c09bf72215651000f83efbf3071c66d84d2bd23b836c174347230846a0a3f5d229c38c7f76c7b88d08b4ac6f39fe7466496f4fb215b601be168147fda7ff7a7b305f6211a1e123bf8c43a8d0b3edb2ba265a38784d6309e69c5ebb0dde9a32e88008afd8531df5a559e1c4baefb496eeef8f72462ab19deed44bf4724ffefd32f9e238401a133fd7bd67d21c6eae93a9766e332e8a4d018cfac9065afe2a02c8895fa97912707dab9ddcf07730b96f00e0d08d91a95e3f0159844c53cae6664b41ef12b38a959a8508c34785bab92962aa0eebd1a207cc19613a5797a7851f88819b140237d85bb8956f1e60e104a16f3990a2503202b0da8458789d4ad8990509d6e7dfb406d45656277b3815536df894920d922e176c01fac0263ee0b0cf340cdd1d3d145acc3d79c75099a1c10401387cafffe462fd92ec9db7d249170d7d7eb3d05388e5250a2ce56bdcdfa07a63774d28d00787fdaa2a7aaf9b1e9d4e74acb9125ea9f751095b8eb0b1d8a0cd74dba870d4c9d85878ada1d3a5194e5dae802434af42fe39e49d28bce0474caf2d52b0c8d359847d7d387dd63c4a4737a6dc5cc8ffc7a9358a364c54acbedf593272c1cf037b405bec85b51d6bf21ae516bbf6610ea2eb3bfb1a3fe4d0c23223bf7286cd82a0dabfc7cc646839a82a6cb376bcd32cfdf1e9f349d9bda01ad231e4fb711c5fee9caebdfe8390ac5966a5f79e26afa2201fbbaa565b7a50b3423327f3b24300a3b7f73371ff99b0d38629f1faf74a8d0517d6bc0074f576d3570fda7354f75ce6478af93817f977c2e9c1756bfed9ef2ba1ba1db4b5d7ee36d8ea946e2631006843d292d7815d55ef87474b0f7e6f4e352798e5d9167da6b775758b908ee495cab14aa82c63d56155ce82f7386827e79c7255513d5a011d939da4971dcfe64a5554bc5075d52654dfb1b7df8cb4d26ac47d4409c0e15e9a1a0cf15df104c51662d19fd1e8f15a2346e1c7d94b12aa122160e5b5ce4a600d208909c4a62e3c9bc030ca00470ea234cfbf751da1aac6d7a5d0b27d2fae70c6d83bd3e311b9db5d79ff8ee4cc4034bbca1daacb34a4fa3ed05c383c8aff0ac155c87796d82bc859006f21053ea2bf3547199d75070665dda63e3d0006c985447a0ce8c3f0d6c8fc94d12137f6680cacfbe2ef817597673f2541f020685688ea8c6448fb161e4f1be1dc8c3e662d5322c6dfede47b55f5e5074caa28ca52b962b94d7fdbed0d008d55a13993b5ff455e6786a97268bdcc08e086feb46f8d0d872259dfcb73e8580c4a9a1531fee52c5a24a10b235aee236f2f8a5ee935d1b206055a253f1cb594e9f2b2176e84708c6d275881ae1703636f0dc3daeb50a9a322d404669381bbf773ea79e9935791ff894b7e3799f8d", 0x1000, 0x200000000}, {&(0x7f0000000240)="ee9717eecc7de6a8e206c235deafb05dacb1e1fd2a03feab9a306af89c53110fce39b23502d9d03b8757f3c48bdf1a86afcec3aef238d492a6b343c6a3b352", 0x3f, 0xffff}, {&(0x7f0000000280)="906a855f609646ef32d7ee6b06f70d3f3b6ee8ed47b11a408178f2dd7eb0281e745cbd3fffea3f8f2d241325be721b5c07f3b9d86d299d08e066509f7d196be6699ad0e802c2854139", 0x49, 0x4}], 0x1000000, &(0x7f00000003c0)={[], [{@func={'func', 0x3d, 'FILE_MMAP'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fowner_lt={'fowner<', r0}}, {@smackfshat={'smackfshat', 0x3d, 'md5sum})'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@smackfshat={'smackfshat', 0x3d, '}'}}, {@context={'context', 0x3d, 'user_u'}}, {@dont_measure='dont_measure'}]})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
connect$netlink(r1, &(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x8000}, 0xc)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r2, 0xc0286415, &(0x7f0000000480)={&(0x7f0000ffb000/0x4000)=nil, 0x8, 0x3, 0x4, &(0x7f0000ffd000/0x3000)=nil, 0xff})
syz_mount_image$minix(&(0x7f0000000040)='minix\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x4, &(0x7f0000001540)=[{0x0, 0x0, 0x800}, {&(0x7f00000004c0)="2a745c5e8ec71f0b2bf3824e3ffb4f38061c970b1b", 0x15, 0x101}, {&(0x7f0000000500)="1721c48c201a5e20a11354377d14479f9e03767c270b7c6cbdf2fc68d586a9e455a63e0d1c6d0d35ecfb98e8ddd7ead2390239c238591d56d229f87845b7499e848f3b33880a816cc303921bdff1a09a21160c9150cf8745ba8fdb739d2aa515d0c240d4171ad71241971c3d0462953d313f3f02f1580a76382ace263209b0e333fbf944b2946bd69ae5d1c1724299dc8714ad4ac1fc7a290f3b287b5886ecf5830b7b7a7f0496aa11ceafba5c44c32baf81ae09b3cf5344d993fb47d1e80200c928ad6d626529bf2c9ebb3e4d3a7d8cba5d445c9ccf21a8d7ed9a148e56836194dc56b9e46326f45612592490bd2d7f5d118f717d7e3617f97347c654e7f3ca4d04ef6c05d950af8f2282bbece4b2a1f89bdce3588ced67608126b2ec66ef7a9e30539713e05b019753ee6630aa492287ac2fe2fb49e21840903366f1b1e9f7cc878379f6f70ca9a477bdd9580a6b1d01409fb72eafa586ecd6a848402a27f9afa20b52aa924a6f7ff42fa054a498f86124ca52d52d030764d6ee0386bbf2759efb782776c378c312f58a5d0d47a9f3a087a2b0108ba6dbf7af35f60dbe3e12859cbb33f9546b70736136ae489b10b20f2496d94687cdac6604b5aaf708244583ff9733e973831174fd6ef5c1f0cdb9b9b24afb600e97a8919e646e5da2d42622a37e6ec3f045476ed245eec973d78f492c6718b643bb24bf465d13b4661d0ca5e5b6f63e390e7e328c649c45d6b3b49ec9a1bb8535c43856b5dc67fe65edc65030dd0ada79fdb942a7984b1d3fbb4c4595d6dcbbda1b32769ef0b85c1672b937b2218b418a1002246c83b5b531ac3830d3a41a851144e5d4dfaae420be52823ec6ccc0d18cd04799400d255c88c9c6fd251f325d27ff08617c5d0426fe88ee9fa032e7c0e262ef02fcbfcbdb708e2c78d8beb181941a4bec0b6dd01457e52d82dcbb2bba91f86ade89cb15e8ad585f29922d0c03809a26ff4ed4d3d8edb1e0754ff9adf41e9a0f438242b90d8d465685c302898cf3eabb3b4224a0fe71d401b5b2f7fc90cce4318d6360d7b1f77e5c3bcfee406a3d1a5483964d9e74b6685a9bc4a7e61d4ceeccf26e01ba577792cd8d53ef69c5917ee8112ed3358547d77cdd4b370420aef5f1d611f32aa17cf2a724958c79dafb21d5a7ddbb26a1a1a04f289b4fba40e2ce7145d0c381768a96d0cbc6239e0977a20a766c32d89da9fbfa3d1f3faaf4d6c1d308569a97c8d35f4b1e1aaa244cbff330c8c0f2f98c4c0268f750bd3212b928965b50e28daf6f20109ace832e31a2fba3803663b07dc4685ab4fb52b4a88e3ebec2aae5c5da8074e76d2293e9db6017e44187d10c3f10a7070234e5d89f4eef191b2eee297771e613053fa1cedaf825fee53286c9740002e451feea784c04b7fdb1c6a032e7a86574885762078837a8dbe1c35a6d95ef0a04f8f703e794d6ad8db6ba4596398468777f319eed6deaf854d1a719f9c37cbd15cc2586d8dc48a3f2e6802395265200902f27469712b856878f3b8050cc76a3144ba304506a1f4390a7eccb84997831ea7c90b405fefb068eb8a3e477e793963bb581bd62d818f5d597da0877af505e99c4dedbc4dfb80f1788e4be99fdb69ab07bfb25849e4a7836d7610b1038479847fecd2d780d2dec9f354c093ea4222958c2bb5ac4b841a51f0f03ec18e12afd982d5916d7c6ed73129d6d8e06832d03b3ae3ae26576aba7b1254fac2d9409d6a42d216643ff9e56519578331527005f85b4372762b13de828faa5fe613a022d7abc0faf6b0c674fa3091e96b589cdd6e85144831d9980a18665add8421aed4e3397250306682ffdaddc8b8d1e83eb65dec678de930c08fa3cd61460278609d243d8ceae12ccc704de350b202207fa54b6422624d764f7eae3eaef1231484bd2dee339e36f8d8474c627f58a403a02d3ccae2476d152ecc8f8fcba5d3bef7960248ea4eb82f4560107036b108ebf86cc3be5fbe3fb72d5aae5287c0f5f16ef5dbf450875ff80bf1f1f139287adb1d996c1e34d886d5bdc9f316ff8cd7fc83af2f41fe65a643b5a4c1b8b42dc89c2dc243ab86c030aad88c07b69380457d9e37921ce585f2f246adc70711749387a9771cdf5eb5479fc2735b1a27705e3844811fa5337655804ace0685e5e567b25a25ce1760fc458f94b25124eeee47135feb5440be42d5e7db164e30d36b91852c1f550677cfea254584818dccab4058f69ff6a1d6847b98b3106df6f5cddd52889ed2341c346fb1783c4b5a5d63d08cb6d6fdc0da52eac0e0cd3cca7445da8205250cad5e62078453b112b806c8bc4c5a37952fd4d12e4bc4b4099a015b320b8ad8f2c4a157dc8cb9749e887270036e1c017fc632b93f5b4c85c3a21a9cddcd6b903a9624958df1fc34fc60cdf172126e2c4135297528768616a57d45370b5135f75a776dc49337c312fe3f694ba8bd92076e9199330e3c3bc9f496027d2010d7494f41cf3dcfd799ca0b4d17c28827f13df6f9b236461a7e9c66afdabb6a905aea0d4b6adfb1d9aaacbf06b4b7738a5223b893b8ce68a456d5dc37fdcf5689f39b1637eed49a30925628932ba644e2129662372cebffd41aaaade9010e0dc06efeeb3a245cbf8f6735a01856dbe18d75504aa33f12f53626727cdd33c8bc6d5a155c02190c3c82db0923879808777956f86e7f0d9ec89a743e8edb60e8a0eb02a8140cadce01eecb68717ae003d3a298af068fbf8284a8fcf767ef3a84a083135765a238803f7ed9fac462a34da1528a898e7e245b8e663938a76bb961f5223f9ae7238c869a473305a6611328f5f2f7484044c615f3d897e39334f06227911a65c5be5fc8fa3b86da2c8c57086e8f16b33d9fd92f25cbc99bcb447592ad95b16d4c2bc2491bf3d461a3663cb2b7fe3f8a2bfbb10113778e6c5563248d43915ca5cf3f63e96941205e9c7fc8433cf4b185a80bbdd1d6e0de695d3a17bf3dfe592f75c0ec747bc24765c4c5696f3652418e942ea079ecfa5d7dbb95fdbe9e3ba34377ab9f849289f887976bcb8adc1c58ae560a54eef41799193a06f3298d9398bc0ed64ee7c41e1ef5cc5b86b141a78af959fa912956b50f396f7748bd565c417ae322c42f440ce53851b5530b01575a01284ff52351103c06b538b87dcfa6778736dcd03befe2175bf0be3475be4f69d4babbf4bad25efb4cafa7cc552470dbfa1ce19ca2a2ad5d366c05a4f3d043929a3c08778f2436c14a7c471924c5ca2f4149623567111200c60c8945f7a50bb202a275a0fabfa20a89eef89d3803fdf59a0199c04438e68a8cabcebedd3ae598bb4758727225951b24f4aeece864143df0d777398db970bae9b6750c9fd72f2c502927f7229eea5ebe15af80c3ff913c4ec9fefe625387a70c84704d6148f05f6be7206a0838e95fd4bf953b1204dfa77ee634eeef2f866dc1bc55ad480ba02a0ae32bc23ecbdec8bceecd599471b09676237e5740b8cdeaaf41c6532a3adbbc8c2e2235b9556a7f6215957e0f686b6ca603315c31a62c196f8e4d412fe726aed5f6447ba8c65420a63751a6e560b0f78dd16889f699adc77cc78fbb9007cd1fd279cc74214b9fa4b525968a4576e39b083c6488a70dfe3185bd2f84ca874053adbf6dcdc3cd4a5aa831b5eb3b19e496a9263f0c3b41f2a7b0eb0211933b0b4635dec7bfb42cd0ca1db1ac20e66e555b6e7997216cadac7f37b15ba75b777ac76b90b0966f59730c763e2c07aa35989c788bfb710326735bf224425248c23f1b684a7b0011d9e1f40c7fb8fd80f295a62eab4b19d3496947fc4487d87806b6655f7aa416c5d00dffcafbc404eb3664dfafcbdf903e0113448d82483c9fe6b33f2a94c3e8344b064ba6354f84e165ee1f2427cda6c8335df216cdd1105a2bc119b2b0582040494f3543768176cec38fd2adbc353c3fb6e559ecf1ce02e88cebaa41887281d0bba8d726e4104d11ec494803053debb82e30d7f67a78919b9cc0e4c3483187d9b739f4e6ce759d54710ed79a8a9fa9adb5e4a65b66763ba98a83b951552ae9de9a4d4f5758b767360406f553277b7a52618a073623669ff12a00ef8766f11645a36ef6fb8eda807d25a6bc00ddc617b7815a4908ff7413bca5e79b4eee2ce620b530fd3aeab18a6646b7d91cf21acf48f8646eafcb2e8628769b50ed871dbd3f78648e4c9b31604c8c44b73cc6b421c0368ae7a6300863dc1a52b4f8d7c3023f285fd15a3d131c3c211302092983264bcbe202c02672a0cde1c549f65491c5dfb19322b1abf8e31529c33ffff7af474fd6b700f19923c9826efd8ac5c98e73f81e8fa238ba5b5274a92351cdbfdfc34aaea64828fd373a87eda8d576253ae741229d92ed8bf88809f70976e7f494633df5d0a983241f95847b1fe4dddef6386ff1d69addad0d5b9c6a82019ac9df21838c51ca06e704476f0323e97f1f9b9cc5f2064f2cccbdbc16d4c5091bfbef982443d4f4b41b139507bd89447b7e9b99e4f1ec027aceeabf3da14c80b17dea6838136ce1d83d0c54b5718cfda7e4b1ceec19c282204bec14f48dc209ca74b87a5aebe7ac4f98329ce7b743b047ed6d137b4342f125d247a29964a6db40e448d628a27451f5ac8f5bde6b4c8b5c742995002dbfee82891403a35387e3e5416e751f39099f67398460f9db9f22aa941e65174dc671fcc5ae0effe74e9d46a569cc851b530d2470e6eb3937d84df691a8140e40ea4c8d78722890660cccfd33cc032a9f14b450ce9c42a3cb00cc374024e4ac7d3b141004aade69045dbda1131b35ff554bc39c9bbff5e87804c38a1d4bbfdd2c6388ae17241633b84b26eead0b43caf6d9fcb9a56e4958e7c988515d83c95f5e48cbc329b86806169513df1b18394fc9983768e10a8449b15aade5ec57c8f27552b43a8f943258cc66d015235f04207620f8a586ebed3ef56d4960cb9afe2dc9d2e32b1a18bfb28e73448e1e051494d58c5be099e5f458810ff5b96dda698b699fbf4cb726f5a29634598d6743629d648c6fa9b10f4c7a4eb4757b02feaded83c7462aa899c0ed3e82cbf95ec5deab92357cb205298a1952ac376519a798e4d4ecbd4a378d130c5c49d17779c7e3dff053ba730029301a55b003219f099bb4cdb1c66049b1b17c76fb00c3d68764bb637e3cbd33de2d4d568f13872f9713447ef7747de7ee349f0bd9d28369d0965e73749c85e551ac03dc8db14c29944c766889c778a22d6830525eb18cf5b0b1cf3007dbffd2cf3ce315fb62f2c543882b265475d4764c96eecbb2f567c50ddb45543f699b4ed703358cb5d5ffa0c0250636b55dc56332f2c2040e89355053bf4202be86fe3eaf206d4bd2feb319a7ea1680d8072adb592395a511c16393d6127ce84b77fc490bec672f83ec4e3f363f8c5fe6acab95c5f3ca3c487efa238d5989d52006ee6d35818820fedab956724111ee935b4ef9a7c2fec02dfd2badefd03b6936d259d9936b8e48e79655911ec8118feed6338703cc939249a544900428d4ce5d28fff4baab8d0b99a594d23baea281e57af26b42de149bf3d5c8e0ec1c2e978c2bf564c3276c7759c0742b7dded748cff204f81df21210a98af5182cbedb8b1cea8614f4c133412e85f1a1da6d2f0a4427e09ab1283130c39c760dfb42dd66e9f101946c250ef39f4d02b384eb07a8eced70cf650abb80b3a482faf48b1bd0236ef323ac9bea8b9c5fe6b919b31d8ace81b0a6a6b537025fa209db42f7b3beb830f8256f92d4f04307adcb5cd897df9c8607808b64b8de0f990fad4", 0x1000, 0x1f}, {&(0x7f0000001500)="4e93775b93a9521ab136cb84b10f71ce80ffb757ce8be7b0726ae4a83f534fe0053feb5d75b06176b39db28838980cf3", 0x30}], 0x38430e2, 0x0)

21:51:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  638.172853][T12702] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
21:51:15 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x6, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:15 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:15 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:15 executing program 4:
r0 = getuid()
syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x83, 0x6, &(0x7f0000000300)=[{&(0x7f0000000180)="ce", 0x1, 0x2d5e}, {&(0x7f00000001c0)="decdcf4c05dc81a7e553", 0xa, 0x1}, {&(0x7f0000000200)="8d2c0d681bb24d4c200c4293a421a2f555d78e4ec29a67aef4e3bc88e130126601d128c53ce87cad6696e4abb40b2c4e4c8f", 0x32, 0xffffffffffffff80}, {&(0x7f00000015c0)="80899aa926fbd179ba748d9d31051a194867d759435796aa13df51519dd4f4c228ef65be936b6baa2c21118ac00ec01858214c9fd23746f53189a9edc13d3198eeb5a02a25e5a19a4d4a8a1beddafbd37143a3354bfe2c94adff85ca61a6d38c6679c69755c494b6f4241f1ae926562b68d21f72ba1fe0ba65bf5471009a98e921d5195a0775d3551f770178d1ea71ef6013d7f58ccf550ae6d725b5d80c0bf381fc743f2fd39b5e425c503c781c6962cacf1904c2cdea31d3fde8677a18b9e3f18bf49229491e86915e4bf23c0805790b182b6a50f8be00cc2da525372606bae45505c05910ea2c139e3273e354ddd9aaa32681e55b6d1b026efbd2c19e81d3a741003d9a30137ab889e2c4832176ac60ef0c5dba251f10eb35e8115d364a1dbd5617517fd3373b68db053acda7f1639eb524ca1da04e225d3e5872d7a55867d1b7ce7df847365eeb577bd75a40e663c63a2489402fcdd883acc57056c5e08782aeee6f859183c7a429055bb969bf35c3de88262c386557680691f15af9a6b40cf4176db0e81ca96345bbea4d7780dbc9adddc0935eeb4a4c480fa22241b60d735d0badccab5e3483c46057f4d6121d35e81601b3215e704f74f9550657670ca03f6df4c2b7516700aa5e74f5d86cef02f305c234ce662aa4084bef7b8e40e8494d6fac56ae3030190dd700ccf3c12f5aee81093361e9deb23869a54288682683820becd3e72912fddb36692e92ab18adb11fcd0ce635f0fc5f6f36a3a135228ef3219989c88d3ac33981081d9fcaee3f5f4b6c280d22fad6d089fa1e8a30d294b01c259c45668a0bdaebbe08bb510d73fe061b0db1fb9624105333e7110067ed60e44b8511a9874d1049f77671de29ef5a0732c71b3c96a6f57ba330ad2be824299c1c9197e391787a9151ff1a11fed65894eaa5f6dd4e330c337d287e0f6e9169d703a635f93995d663fc7d1e142850169256abf9400c33088fc2fec7637996fb806cc648d753946f8fe37c5c83d0debfb22714a372b626551b5e0e8dc18ec41c4e0d37072385a1a6801cd9ec7ea1fb2142fb7babb916083ec3af0cd7e7432bce2eb1dccfc02b3a0374e2c1acea33f59d87cdbabd18fd0fe642b182e7769da4a24348172b6dc74e4752ab3fa81a413aba5e729248c95a67685eb82f235aae444520a57c133a359809436d4ffb63db75ba320180096068f806acad5c898ff84e733ba14b212cb42007d4d6555dbd6156f9be9f71a42295bc3521a72ec08f9c7f06ac8705fe57a472ac2f484b2210ca9e48f4b9bddfba40d0d1ec68f75782e3b6a5d68c32db55c9a5aee38ebe0fe2d6a9b5f31833730e7ce65a47bac25da597d63f8617e82ec0e4353964482bbefc27571f22aca52b9f40592660e9dd22108fc5f62d6310314cd5fce23f69d58f688b3ba2dce26c23526fcdb048a35d90faf2fe07ce0fa7dae03ddb6996b8851ef51c2b42d0e1d23a3f0fa034597a3928b88b73639249840c2419a86e5a3889efd77990a96578177e5512cf9a36cd3a7f91648faa67b420c279e2683e682aacf153b49dc54e530765f2ed6e02ae86f5b722e75e81a705e9aa1c5d432f70db4008a23caa6d414888801128148f3e78778b804c5577934867fedfe5ce3d3e3f46f8afcefbcb72d59527f92e75fca64ed27bf5a57aba6e90fe236ac61bbb8ff5244865f5e1bcc0e43e2e727ad9f8e2cb9fbe76d0368d01782adcfa5b8d2f52bd2ba18794f1de724e3324c566d9b0dd94f656a62150f43bb44489bd18baea775f04ef21e7e859e0d25aee7f80e1306068e8e5fefaf513a58217655de74631adc5c171b84b08915e7909e7e614466a2c947fe9988b18abaf962aaa8dd47f3017d5d6bdf9974b258aa7edf6c24b6ec4cc69c54b7d9b95dfb79c803a03f6b850b610bab9208d85d1a5e360dad982212cee740293347e83cb772b22c8912cf1e3e46f32e0ea1885e54e62c302a82c4486e0f2c3b6a647dfeeb65873f5475f70663b7d2092ccba07b3e925913059474d2cf66d63a1a7f3141c71efe8cf5d9237b869f54935576b5fadbcef9a5f8c63ccc869ec7fb340b3681c5d0b056be29281adcf37295c20ccc9f42c721d4c71b790aed7807eba3d069b9e65784d8bc9371209f828b60720446945adf894fec98de9a7536eb786d2d78cbfe513aeafb7242ec5be1e77cabba7b0e92bd8f625e243428deb6f2367098e8a8fa946a8c9cc1c4daab357537c10f0ab3b5855c1caebe7fadf1af5f8e74dbe8d78899bd839cbbf2dae2da2f82ed7b93e72c123c0d2a9d1a701f314a0b4ab1f9454e14cbe4017b4ecb7e47393f7b060c154ad496662d832614a5d1e98eb6b5d7b172fd26ee71b519a9fbf6ae19b3037f04466cdd6c80817f9a73476fdb2f75b656e680ae70a12c286b656a25fb65644b963707955dbbdcb94e63f5ead6b1db5ec06b3a59ab6bdcf923ca4aaf522f0eb20a965e68c1694f722c02546c3a9a875445c3c9471fc323ff5cfee1e792d8939d20e73fba046ba3e34b957caa4abac9bfed8d5ac1cffc4e549799d78b71c7bb4934da324412029901d10905dddee9af235b16155b4f1816f73944a1710aafcfa6dfddddd6b6e30a5cc2a3fa9aef99d60e4e6f09cde7fe2a5d2723f1ee419ce35176e4ae38957b9adef8d161688f628cccce4f5d9891db9f00254c7b58659ffb4b1f2ceea34a4555d1f184c635c2c82c90c71ead7f4f3365762792034dc9182b68306bf1cc930328a15660884b55f37c616a7e1e607dabfc067b0b8ee2f1d3f7c2d0a52c8e5c08d34ee742a59369335da10318e9341e708aeae7956723e9884a29a3a6976a842e20156732f67609b69d0d9d702d8dbd476045e5d3e46d99064b0282e81cdc4cb437f6ceb3c51bf20219e5544fd5ccbfdd8f1f79daea100fb160b49bbc76f0ba86291adb3661c2cf7d0e4d1f159a88f24b3ab3eec48babafdbb64e662247fa226a8111e4a15c9d14eb19798d3752a6935a643afc553f5b0cf3e06a591df849ba80ccc4d25e1f7a4b7f05bf4fd81f892417ce873adac8ee0449ed8b5f8bcebfe6b61fc7deec4ea1d8fe88a435a3976b400c0a308d2709fdf6d1c2e0564c6aca1dfdb31367c6e191c2950102f0da1975695ef5f38430900b38c187538d8cba1b8b1ac66c15bc459a2da3dd3d10f571009fc7579ecd2e8be50e7f3f62ebd7bf4f5191969f90c98ef5daaf6ffbac90dd75dc4937ca015dd110391d25a143fa4d9a1e3eb6fac92d43bf8d0ecc91f903869d8d78dc936c28e9b071564db01c6bd533788c96dd836fc5b0d1db00212fc606125c978f5ce515d5b3f1ce3f18e36d7e5be231bd56b64330c636273ffc023f6957bd4659de10c688ef65b8784a50cce16712373dafc0790f7a15c6b3dde7b3efc83608d5646ea9e9814206c84a89721c219bcd299f9040a897d7b36d38a174d71dc7fdbd490c805d595198a55872138a4e4e4a68dce477b1f997ccd0014f501a42c8485ada4759b5232eb5e677e79f02bef1042deed4e5992f7dc59e4592eb154bf72a1aebb89114bb2a28feec69ff98cb45e5a9492393644ead3b0ff6819956fe82c707ce219417481e0617a0579e6d7078f4ea9e3a89a93703a57e902f526acb461a4532065810358374d19d471591d2a660b7b3d611cc52f3df0740c8f59fe3a3f3778e62ea83af491c04b3d7b7209a408cacf68feb9bef7a8ecbcc8900fb3ba34287933aaab0c9cc7139c2d42f1bb60be54d1891d5e28ae18f9ddc9a368991449156b78aba990f2b868b4f8a6ea4aa4e6f23b09ac07ca90e4043d760140b1e6cd67118642bec48738e01d36ae96f0988591fa1ea591d72347b12329fd4ca1d98b285652213d2beed7837392f4799d4d3851d3d3856d400a23465365ff72836d6cf8b68c9add3ad695b50fdc161aafbf206f1f9d7f732eda9a2cd349ff15ae8c7501626703d816b10601b6642ec6374fc35da6f950335e9dd1f09087a7113c6cf7ef86ededa94e2088af90c1cd97df5e60c766aee5bf24de960b1e292c81631a9fdff74e251f6cac23331f3287834f1754a830847f1e06e5ea917a144a53d0cd37856be5460fbc4fca0301fb6d6ab197a5a4d50c07e5a3dd8891322d66acca92ee888a9418b9663e13f3faa486f69f22ddb7eda27407b7aea3bb7bb1590710131ddbc18d660846e773d592744de7fed502a2d375b94e2127fb38a1402d4411c4fe23720787348833abcc562ff713bdc54d65245ee218de88591562eed0f0fdfeda8f97bd711e816076a8efeb86c28c403f06f2ba96245ab60c693f262a88f72f9bf4ffe7a354094765f0b4f481a3fa923303d0a9e32272937f0716ab66d3f2bcd471011c94a36549fc386e0a77d2014cafd6ddd5467fa02a796c09bf72215651000f83efbf3071c66d84d2bd23b836c174347230846a0a3f5d229c38c7f76c7b88d08b4ac6f39fe7466496f4fb215b601be168147fda7ff7a7b305f6211a1e123bf8c43a8d0b3edb2ba265a38784d6309e69c5ebb0dde9a32e88008afd8531df5a559e1c4baefb496eeef8f72462ab19deed44bf4724ffefd32f9e238401a133fd7bd67d21c6eae93a9766e332e8a4d018cfac9065afe2a02c8895fa97912707dab9ddcf07730b96f00e0d08d91a95e3f0159844c53cae6664b41ef12b38a959a8508c34785bab92962aa0eebd1a207cc19613a5797a7851f88819b140237d85bb8956f1e60e104a16f3990a2503202b0da8458789d4ad8990509d6e7dfb406d45656277b3815536df894920d922e176c01fac0263ee0b0cf340cdd1d3d145acc3d79c75099a1c10401387cafffe462fd92ec9db7d249170d7d7eb3d05388e5250a2ce56bdcdfa07a63774d28d00787fdaa2a7aaf9b1e9d4e74acb9125ea9f751095b8eb0b1d8a0cd74dba870d4c9d85878ada1d3a5194e5dae802434af42fe39e49d28bce0474caf2d52b0c8d359847d7d387dd63c4a4737a6dc5cc8ffc7a9358a364c54acbedf593272c1cf037b405bec85b51d6bf21ae516bbf6610ea2eb3bfb1a3fe4d0c23223bf7286cd82a0dabfc7cc646839a82a6cb376bcd32cfdf1e9f349d9bda01ad231e4fb711c5fee9caebdfe8390ac5966a5f79e26afa2201fbbaa565b7a50b3423327f3b24300a3b7f73371ff99b0d38629f1faf74a8d0517d6bc0074f576d3570fda7354f75ce6478af93817f977c2e9c1756bfed9ef2ba1ba1db4b5d7ee36d8ea946e2631006843d292d7815d55ef87474b0f7e6f4e352798e5d9167da6b775758b908ee495cab14aa82c63d56155ce82f7386827e79c7255513d5a011d939da4971dcfe64a5554bc5075d52654dfb1b7df8cb4d26ac47d4409c0e15e9a1a0cf15df104c51662d19fd1e8f15a2346e1c7d94b12aa122160e5b5ce4a600d208909c4a62e3c9bc030ca00470ea234cfbf751da1aac6d7a5d0b27d2fae70c6d83bd3e311b9db5d79ff8ee4cc4034bbca1daacb34a4fa3ed05c383c8aff0ac155c87796d82bc859006f21053ea2bf3547199d75070665dda63e3d0006c985447a0ce8c3f0d6c8fc94d12137f6680cacfbe2ef817597673f2541f020685688ea8c6448fb161e4f1be1dc8c3e662d5322c6dfede47b55f5e5074caa28ca52b962b94d7fdbed0d008d55a13993b5ff455e6786a97268bdcc08e086feb46f8d0d872259dfcb73e8580c4a9a1531fee52c5a24a10b235aee236f2f8a5ee935d1b206055a253f1cb594e9f2b2176e84708c6d275881ae1703636f0dc3daeb50a9a322d404669381bbf773ea79e9935791ff894b7e3799f8d", 0x1000, 0x200000000}, {&(0x7f0000000240)="ee9717eecc7de6a8e206c235deafb05dacb1e1fd2a03feab9a306af89c53110fce39b23502d9d03b8757f3c48bdf1a86afcec3aef238d492a6b343c6a3b352", 0x3f, 0xffff}, {&(0x7f0000000280)="906a855f609646ef32d7ee6b06f70d3f3b6ee8ed47b11a408178f2dd7eb0281e745cbd3fffea3f8f2d241325be721b5c07f3b9d86d299d08e066509f7d196be6699ad0e802c2854139", 0x49, 0x4}], 0x1000000, &(0x7f00000003c0)={[], [{@func={'func', 0x3d, 'FILE_MMAP'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fowner_lt={'fowner<', r0}}, {@smackfshat={'smackfshat', 0x3d, 'md5sum})'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@smackfshat={'smackfshat', 0x3d, '}'}}, {@context={'context', 0x3d, 'user_u'}}, {@dont_measure='dont_measure'}]})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
connect$netlink(r1, &(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x8000}, 0xc)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r2, 0xc0286415, &(0x7f0000000480)={&(0x7f0000ffb000/0x4000)=nil, 0x8, 0x3, 0x4, &(0x7f0000ffd000/0x3000)=nil, 0xff})
syz_mount_image$minix(&(0x7f0000000040)='minix\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x4, &(0x7f0000001540)=[{0x0, 0x0, 0x800}, {&(0x7f00000004c0)="2a745c5e8ec71f0b2bf3824e3ffb4f38061c970b1b", 0x15, 0x101}, {&(0x7f0000000500)="1721c48c201a5e20a11354377d14479f9e03767c270b7c6cbdf2fc68d586a9e455a63e0d1c6d0d35ecfb98e8ddd7ead2390239c238591d56d229f87845b7499e848f3b33880a816cc303921bdff1a09a21160c9150cf8745ba8fdb739d2aa515d0c240d4171ad71241971c3d0462953d313f3f02f1580a76382ace263209b0e333fbf944b2946bd69ae5d1c1724299dc8714ad4ac1fc7a290f3b287b5886ecf5830b7b7a7f0496aa11ceafba5c44c32baf81ae09b3cf5344d993fb47d1e80200c928ad6d626529bf2c9ebb3e4d3a7d8cba5d445c9ccf21a8d7ed9a148e56836194dc56b9e46326f45612592490bd2d7f5d118f717d7e3617f97347c654e7f3ca4d04ef6c05d950af8f2282bbece4b2a1f89bdce3588ced67608126b2ec66ef7a9e30539713e05b019753ee6630aa492287ac2fe2fb49e21840903366f1b1e9f7cc878379f6f70ca9a477bdd9580a6b1d01409fb72eafa586ecd6a848402a27f9afa20b52aa924a6f7ff42fa054a498f86124ca52d52d030764d6ee0386bbf2759efb782776c378c312f58a5d0d47a9f3a087a2b0108ba6dbf7af35f60dbe3e12859cbb33f9546b70736136ae489b10b20f2496d94687cdac6604b5aaf708244583ff9733e973831174fd6ef5c1f0cdb9b9b24afb600e97a8919e646e5da2d42622a37e6ec3f045476ed245eec973d78f492c6718b643bb24bf465d13b4661d0ca5e5b6f63e390e7e328c649c45d6b3b49ec9a1bb8535c43856b5dc67fe65edc65030dd0ada79fdb942a7984b1d3fbb4c4595d6dcbbda1b32769ef0b85c1672b937b2218b418a1002246c83b5b531ac3830d3a41a851144e5d4dfaae420be52823ec6ccc0d18cd04799400d255c88c9c6fd251f325d27ff08617c5d0426fe88ee9fa032e7c0e262ef02fcbfcbdb708e2c78d8beb181941a4bec0b6dd01457e52d82dcbb2bba91f86ade89cb15e8ad585f29922d0c03809a26ff4ed4d3d8edb1e0754ff9adf41e9a0f438242b90d8d465685c302898cf3eabb3b4224a0fe71d401b5b2f7fc90cce4318d6360d7b1f77e5c3bcfee406a3d1a5483964d9e74b6685a9bc4a7e61d4ceeccf26e01ba577792cd8d53ef69c5917ee8112ed3358547d77cdd4b370420aef5f1d611f32aa17cf2a724958c79dafb21d5a7ddbb26a1a1a04f289b4fba40e2ce7145d0c381768a96d0cbc6239e0977a20a766c32d89da9fbfa3d1f3faaf4d6c1d308569a97c8d35f4b1e1aaa244cbff330c8c0f2f98c4c0268f750bd3212b928965b50e28daf6f20109ace832e31a2fba3803663b07dc4685ab4fb52b4a88e3ebec2aae5c5da8074e76d2293e9db6017e44187d10c3f10a7070234e5d89f4eef191b2eee297771e613053fa1cedaf825fee53286c9740002e451feea784c04b7fdb1c6a032e7a86574885762078837a8dbe1c35a6d95ef0a04f8f703e794d6ad8db6ba4596398468777f319eed6deaf854d1a719f9c37cbd15cc2586d8dc48a3f2e6802395265200902f27469712b856878f3b8050cc76a3144ba304506a1f4390a7eccb84997831ea7c90b405fefb068eb8a3e477e793963bb581bd62d818f5d597da0877af505e99c4dedbc4dfb80f1788e4be99fdb69ab07bfb25849e4a7836d7610b1038479847fecd2d780d2dec9f354c093ea4222958c2bb5ac4b841a51f0f03ec18e12afd982d5916d7c6ed73129d6d8e06832d03b3ae3ae26576aba7b1254fac2d9409d6a42d216643ff9e56519578331527005f85b4372762b13de828faa5fe613a022d7abc0faf6b0c674fa3091e96b589cdd6e85144831d9980a18665add8421aed4e3397250306682ffdaddc8b8d1e83eb65dec678de930c08fa3cd61460278609d243d8ceae12ccc704de350b202207fa54b6422624d764f7eae3eaef1231484bd2dee339e36f8d8474c627f58a403a02d3ccae2476d152ecc8f8fcba5d3bef7960248ea4eb82f4560107036b108ebf86cc3be5fbe3fb72d5aae5287c0f5f16ef5dbf450875ff80bf1f1f139287adb1d996c1e34d886d5bdc9f316ff8cd7fc83af2f41fe65a643b5a4c1b8b42dc89c2dc243ab86c030aad88c07b69380457d9e37921ce585f2f246adc70711749387a9771cdf5eb5479fc2735b1a27705e3844811fa5337655804ace0685e5e567b25a25ce1760fc458f94b25124eeee47135feb5440be42d5e7db164e30d36b91852c1f550677cfea254584818dccab4058f69ff6a1d6847b98b3106df6f5cddd52889ed2341c346fb1783c4b5a5d63d08cb6d6fdc0da52eac0e0cd3cca7445da8205250cad5e62078453b112b806c8bc4c5a37952fd4d12e4bc4b4099a015b320b8ad8f2c4a157dc8cb9749e887270036e1c017fc632b93f5b4c85c3a21a9cddcd6b903a9624958df1fc34fc60cdf172126e2c4135297528768616a57d45370b5135f75a776dc49337c312fe3f694ba8bd92076e9199330e3c3bc9f496027d2010d7494f41cf3dcfd799ca0b4d17c28827f13df6f9b236461a7e9c66afdabb6a905aea0d4b6adfb1d9aaacbf06b4b7738a5223b893b8ce68a456d5dc37fdcf5689f39b1637eed49a30925628932ba644e2129662372cebffd41aaaade9010e0dc06efeeb3a245cbf8f6735a01856dbe18d75504aa33f12f53626727cdd33c8bc6d5a155c02190c3c82db0923879808777956f86e7f0d9ec89a743e8edb60e8a0eb02a8140cadce01eecb68717ae003d3a298af068fbf8284a8fcf767ef3a84a083135765a238803f7ed9fac462a34da1528a898e7e245b8e663938a76bb961f5223f9ae7238c869a473305a6611328f5f2f7484044c615f3d897e39334f06227911a65c5be5fc8fa3b86da2c8c57086e8f16b33d9fd92f25cbc99bcb447592ad95b16d4c2bc2491bf3d461a3663cb2b7fe3f8a2bfbb10113778e6c5563248d43915ca5cf3f63e96941205e9c7fc8433cf4b185a80bbdd1d6e0de695d3a17bf3dfe592f75c0ec747bc24765c4c5696f3652418e942ea079ecfa5d7dbb95fdbe9e3ba34377ab9f849289f887976bcb8adc1c58ae560a54eef41799193a06f3298d9398bc0ed64ee7c41e1ef5cc5b86b141a78af959fa912956b50f396f7748bd565c417ae322c42f440ce53851b5530b01575a01284ff52351103c06b538b87dcfa6778736dcd03befe2175bf0be3475be4f69d4babbf4bad25efb4cafa7cc552470dbfa1ce19ca2a2ad5d366c05a4f3d043929a3c08778f2436c14a7c471924c5ca2f4149623567111200c60c8945f7a50bb202a275a0fabfa20a89eef89d3803fdf59a0199c04438e68a8cabcebedd3ae598bb4758727225951b24f4aeece864143df0d777398db970bae9b6750c9fd72f2c502927f7229eea5ebe15af80c3ff913c4ec9fefe625387a70c84704d6148f05f6be7206a0838e95fd4bf953b1204dfa77ee634eeef2f866dc1bc55ad480ba02a0ae32bc23ecbdec8bceecd599471b09676237e5740b8cdeaaf41c6532a3adbbc8c2e2235b9556a7f6215957e0f686b6ca603315c31a62c196f8e4d412fe726aed5f6447ba8c65420a63751a6e560b0f78dd16889f699adc77cc78fbb9007cd1fd279cc74214b9fa4b525968a4576e39b083c6488a70dfe3185bd2f84ca874053adbf6dcdc3cd4a5aa831b5eb3b19e496a9263f0c3b41f2a7b0eb0211933b0b4635dec7bfb42cd0ca1db1ac20e66e555b6e7997216cadac7f37b15ba75b777ac76b90b0966f59730c763e2c07aa35989c788bfb710326735bf224425248c23f1b684a7b0011d9e1f40c7fb8fd80f295a62eab4b19d3496947fc4487d87806b6655f7aa416c5d00dffcafbc404eb3664dfafcbdf903e0113448d82483c9fe6b33f2a94c3e8344b064ba6354f84e165ee1f2427cda6c8335df216cdd1105a2bc119b2b0582040494f3543768176cec38fd2adbc353c3fb6e559ecf1ce02e88cebaa41887281d0bba8d726e4104d11ec494803053debb82e30d7f67a78919b9cc0e4c3483187d9b739f4e6ce759d54710ed79a8a9fa9adb5e4a65b66763ba98a83b951552ae9de9a4d4f5758b767360406f553277b7a52618a073623669ff12a00ef8766f11645a36ef6fb8eda807d25a6bc00ddc617b7815a4908ff7413bca5e79b4eee2ce620b530fd3aeab18a6646b7d91cf21acf48f8646eafcb2e8628769b50ed871dbd3f78648e4c9b31604c8c44b73cc6b421c0368ae7a6300863dc1a52b4f8d7c3023f285fd15a3d131c3c211302092983264bcbe202c02672a0cde1c549f65491c5dfb19322b1abf8e31529c33ffff7af474fd6b700f19923c9826efd8ac5c98e73f81e8fa238ba5b5274a92351cdbfdfc34aaea64828fd373a87eda8d576253ae741229d92ed8bf88809f70976e7f494633df5d0a983241f95847b1fe4dddef6386ff1d69addad0d5b9c6a82019ac9df21838c51ca06e704476f0323e97f1f9b9cc5f2064f2cccbdbc16d4c5091bfbef982443d4f4b41b139507bd89447b7e9b99e4f1ec027aceeabf3da14c80b17dea6838136ce1d83d0c54b5718cfda7e4b1ceec19c282204bec14f48dc209ca74b87a5aebe7ac4f98329ce7b743b047ed6d137b4342f125d247a29964a6db40e448d628a27451f5ac8f5bde6b4c8b5c742995002dbfee82891403a35387e3e5416e751f39099f67398460f9db9f22aa941e65174dc671fcc5ae0effe74e9d46a569cc851b530d2470e6eb3937d84df691a8140e40ea4c8d78722890660cccfd33cc032a9f14b450ce9c42a3cb00cc374024e4ac7d3b141004aade69045dbda1131b35ff554bc39c9bbff5e87804c38a1d4bbfdd2c6388ae17241633b84b26eead0b43caf6d9fcb9a56e4958e7c988515d83c95f5e48cbc329b86806169513df1b18394fc9983768e10a8449b15aade5ec57c8f27552b43a8f943258cc66d015235f04207620f8a586ebed3ef56d4960cb9afe2dc9d2e32b1a18bfb28e73448e1e051494d58c5be099e5f458810ff5b96dda698b699fbf4cb726f5a29634598d6743629d648c6fa9b10f4c7a4eb4757b02feaded83c7462aa899c0ed3e82cbf95ec5deab92357cb205298a1952ac376519a798e4d4ecbd4a378d130c5c49d17779c7e3dff053ba730029301a55b003219f099bb4cdb1c66049b1b17c76fb00c3d68764bb637e3cbd33de2d4d568f13872f9713447ef7747de7ee349f0bd9d28369d0965e73749c85e551ac03dc8db14c29944c766889c778a22d6830525eb18cf5b0b1cf3007dbffd2cf3ce315fb62f2c543882b265475d4764c96eecbb2f567c50ddb45543f699b4ed703358cb5d5ffa0c0250636b55dc56332f2c2040e89355053bf4202be86fe3eaf206d4bd2feb319a7ea1680d8072adb592395a511c16393d6127ce84b77fc490bec672f83ec4e3f363f8c5fe6acab95c5f3ca3c487efa238d5989d52006ee6d35818820fedab956724111ee935b4ef9a7c2fec02dfd2badefd03b6936d259d9936b8e48e79655911ec8118feed6338703cc939249a544900428d4ce5d28fff4baab8d0b99a594d23baea281e57af26b42de149bf3d5c8e0ec1c2e978c2bf564c3276c7759c0742b7dded748cff204f81df21210a98af5182cbedb8b1cea8614f4c133412e85f1a1da6d2f0a4427e09ab1283130c39c760dfb42dd66e9f101946c250ef39f4d02b384eb07a8eced70cf650abb80b3a482faf48b1bd0236ef323ac9bea8b9c5fe6b919b31d8ace81b0a6a6b537025fa209db42f7b3beb830f8256f92d4f04307adcb5cd897df9c8607808b64b8de0f990fad4", 0x1000, 0x1f}, {&(0x7f0000001500)="4e93775b93a9521ab136cb84b10f71ce80ffb757ce8be7b0726ae4a83f534fe0053feb5d75b06176b39db28838980cf3", 0x30}], 0x38430e2, 0x0)

21:51:15 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
syz_mount_image$hfsplus(&(0x7f0000000080)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="2044008f100927ef652c7061c73e8fb4038e156c13519b3dcb53e6b200677b6b6ba13c72743d3093588064a82165e9733030303030bcda30d695e0c26a287721129613a34c67c90711dacb4ab4c933a0c6a01e53a93575f25a82511b7b68a854e1a71cf5190427e1414c523b6068635f099da2483b9a35751adb1e7de862a0c974dbcb52b690dfa5f5ec552afda826f2e5bca85aea159db08c8fb7e964bbde19627fec7390ef00ef23167c637702a6395f6ea1de7a5713dd034f610235862a8d31af3822ccd09c41b3b77fa0ea792881e09875c8d21de2a8d49e3b2e91c6167e0e16576207ae9afb5c339b3dbdc4e0de9c71cbcf9299353c5f9c4a0df2f6aa04bc6b59eb"])
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x10b502, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x259)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000100)={@mcast1, r4}, 0x14)

21:51:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:16 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x60, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:16 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000012c0)={0x0, <r1=>0x0})
getresuid(0x0, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000001240))
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={r1, r2}, 0xc)
ptrace$peekuser(0x3, r1, 0x2)
ioctl$RFKILL_IOCTL_NOINPUT(r0, 0x5201)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000040)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1f}}}, 0x24)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r7, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0x190, r8, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MEDIA={0x120, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x443}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd7c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb0f3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x37}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf7a3}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}]}, @TIPC_NLA_LINK={0x44, 0x4, [@TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}]}, @TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
sendmmsg(r3, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000001001000001000000770000f200000000a6ff17b91c3b0d873722b41a1100008f2cd6cc62e13f10a5f31a26f4233e3ba1ff40e062a43f80b1baf272a416e63e58afdf284732bd1e1970000000009f313c4957c67a08676517ba1300000000858003ffffffffffffffff3e26b5ca26b5434dbd533925db8b54b33da7b9c7aefca1f9c49c6400000000000000000000000061e2448f23a7e40000000000d5a0a5c33d3cc0b2eeedde5233ac82d4f7de00c26cb542f13b5bc18adcfb59dfb5edff90d0a500a0fafa7af4fea59c878c765f6a084b83a0c37596366d369187f444"], 0x18}}], 0x1, 0x4048000)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x9)
recvmmsg(r3, &(0x7f00000071c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

21:51:16 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:51:16 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:16 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r6 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r6, 0x84, 0x5, &(0x7f0000000440)={r8, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0xb6a, 0x5bf, 0x8, 0x10001, 0x4, 0x100000000, 0x20, 0x6, <r9=>r8}, &(0x7f0000000040)=0x20)
r10 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
r11 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r11, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r12=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r10, 0x84, 0x5, &(0x7f0000000440)={r12, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000080)={r9, 0x940, 0x1000, 0xffff, 0x7f, 0x2, 0x6, 0x3000, {r12, @in={{0x2, 0x4e20, @loopback}}, 0x8, 0x5, 0x5, 0x4, 0x5}}, &(0x7f0000000140)=0xb0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000a80)="ad56b6cc0400fb8b65d8b4ac2ca35c6e", 0x10)
sendmsg$TIPC_CMD_GET_NETID(r1, 0x0, 0x0)

21:51:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:16 executing program 3:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$vsock_dgram(0x28, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000040)=0xc)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0xc2000)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r7 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
ioctl$PPPIOCSCOMPRESS(r7, 0x4010744d)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x13)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r7, 0x84, 0x5, &(0x7f0000000440)={r8, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
getsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={<r9=>r8}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000140)={r9, 0x401, 0x9, [0xff, 0x1000, 0x3, 0x7f, 0x3, 0x7, 0x0, 0x0, 0xffffffff00000000]}, &(0x7f0000000180)=0x1a)
setresuid(r1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)

21:51:16 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x6, 0x400080)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
open(&(0x7f0000000000)='./file0\x00', 0x42, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt$inet_dccp_buf(r1, 0x21, 0xe40769f34aa01613, &(0x7f0000000140)=""/33, &(0x7f0000000180)=0x21)
mount(&(0x7f0000000000)=@md0='/dev/md0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='udf\x00', 0x0, 0x0)

21:51:16 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x0, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:16 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x227, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  639.789152][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=256, location=256
[  639.831947][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=512, location=512
[  639.851155][T12799] UDF-fs: warning (device md0): udf_load_vrs: No anchor found
[  639.862238][T12799] UDF-fs: Scanning with blocksize 512 failed
21:51:17 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x0, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  639.884018][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=256, location=256
[  639.895457][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=512, location=512
[  639.905144][T12799] UDF-fs: warning (device md0): udf_load_vrs: No anchor found
[  639.913102][T12799] UDF-fs: Scanning with blocksize 1024 failed
[  639.920332][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=256, location=256
21:51:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x300, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  639.939542][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=512, location=512
[  639.971177][T12799] UDF-fs: warning (device md0): udf_load_vrs: No anchor found
[  639.979296][T12799] UDF-fs: Scanning with blocksize 2048 failed
[  639.989608][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=256, location=256
[  640.005162][T12799] UDF-fs: error (device md0): udf_read_tagged: read failed, block=512, location=512
[  640.024813][T12799] UDF-fs: warning (device md0): udf_load_vrs: No anchor found
[  640.037424][T12799] UDF-fs: Scanning with blocksize 4096 failed
[  640.050313][T12799] UDF-fs: warning (device md0): udf_fill_super: No partition found (1)
21:51:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x600, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:17 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x300, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:17 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:51:17 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x0, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:24 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000140)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
dup2(r2, r0)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)

21:51:24 executing program 3:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000300)='async\x00', 0x0, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000140), 0x10)
io_setup(0x9, &(0x7f0000000180)=<r5=>0x0)
r6 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x20000, 0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, 0x0, 0x3700}])
ioctl$VIDIOC_OVERLAY(r6, 0x4004560e, &(0x7f00000002c0)=0x4a1)
r7 = dup(r4)
ioctl$DRM_IOCTL_GET_MAP(r7, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ff5000/0x8000)=nil, 0x7, 0x0, 0x40, &(0x7f0000ff7000/0x4000)=nil, 0x4})
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
fsetxattr$trusted_overlay_upper(r8, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f00000001c0)={0x0, 0xfb, 0xff, 0x7dd46fbe502fb3ba, 0x266, "bce9e52060be8d0ef6280f68b193f313", "cef4f5af4e7653016bd7f8290bf35479cbc8bbd1a128a01f491c105eec17016543532266249d8786cd08065e0cea9f5f1919888475e15b134b671c379d164523d6316114a3d40fb48560d4da99a32f18f92e8ab4c9017db9451709df197b4c686fee9127feafbe3e984b9aec7a294d81357172b3941bf56915c50ab3afc115241cb56b64cb51de79480329c4fa7ba9e0228f54ae0aae086cc1f4551bda2b270ff69d360a34ae5d40b52ccea26a8f655485d3242d0fb11ad398fb3c822939af07c00b7cdd6d2ec5297cc51fddb58bab9beaa5901e2ba75aa0b7396f7de72038cec4e440a77ddccca1d456"}, 0xff, 0x2)

21:51:24 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xa00, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:24 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setresuid(0x0, 0xee01, 0x0)
r1 = dup2(r0, r0)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000000), 0x4)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080), &(0x7f0000000280)=0xc)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000040)={0x0, r6, 0xfffffffffffffc01, 0x6, 0x940, 0xffffffffffffcacf})

21:51:24 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0x0, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:24 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:51:24 executing program 4:
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
ioctl$MON_IOCX_GET(r0, 0x80089203, &(0x7f0000000200)={0x0, 0x0})

21:51:24 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe00, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:24 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}}, {{@in=@remote}, 0x0, @in6=@loopback, 0x0, 0xe}}, 0xe8)

21:51:24 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0x0, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:24 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x2e1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
recvmmsg(r1, &(0x7f0000004b40)=[{{&(0x7f0000000b00)=@rc, 0x80, 0x0, 0x0, &(0x7f0000001e40)=""/239, 0xef}}, {{&(0x7f0000003300)=@tipc=@id, 0x80, &(0x7f00000049c0)=[{&(0x7f0000003380)=""/83, 0x53}, {0x0}, {0x0}, {&(0x7f0000004580)=""/203, 0xcb}, {0x0}, {&(0x7f00000048c0)=""/218, 0xda}], 0x6, &(0x7f0000004a40)=""/243, 0xf3}}], 0x20004582, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14)
sendto$inet6(r0, &(0x7f0000000080)="030400000300600000000000fff5", 0xe, 0x0, 0x0, 0x0)

21:51:24 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$IMCTRLREQ(0xffffffffffffffff, 0x80044945, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000c20000/0x1000)=nil, 0x0)
bind$can_raw(0xffffffffffffffff, 0x0, 0x0)
setrlimit(0x0, &(0x7f0000000280))
openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000000))
sysfs$1(0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10002, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000200)='security.capability\x00', 0x0, 0x0, 0x0)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x0)

21:51:33 executing program 5:

21:51:33 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf00, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:33 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0x0, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:33 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:33 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:51:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000000)={{0x6, @rose}, [@default, @rose, @default, @netrom, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose, @default]}, 0x48)

[  656.525813][T12885] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:33 executing program 3:

21:51:33 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x2702, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:34 executing program 3:

21:51:34 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  656.748594][T12894] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:34 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  656.972598][T12908] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:37 executing program 5:

21:51:37 executing program 3:

21:51:37 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x3f00, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:37 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:37 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:37 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)

21:51:38 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:38 executing program 3:

[  660.710716][T12917] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:38 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:38 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x4000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:38 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:38 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x1100082)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7001e0f57c8cf6270b24e415e96042aae51d871554c11cd59cc8fb47081025bad6b39d778066f9d1ac8a570e3a42f70a7c0f30f66157a96aae15813f0dceb297", "a8a4c501e527e6fd3de45387da8a75e8904655361fe06f308fe6033a61edd25c8d51c055faf7f4fdb16e0cdaa4276939a341033400", "2f18ffe4532a434e624ac93616105829576904e70bfeb59800f97c97644ab8a7"})

[  660.922198][T12927] syz-executor.4 (12927) used greatest stack depth: 21800 bytes left
21:51:44 executing program 5:
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
ioctl$MON_IOCX_GET(r0, 0x9201, 0x0)

21:51:44 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r2=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x71, &(0x7f0000000200)={r2}, &(0x7f0000000240)=0x14)

21:51:44 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x6000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:44 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:44 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:44 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)

21:51:44 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:51:44 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:44 executing program 3:
syz_read_part_table(0x0, 0x1, &(0x7f00000005c0)=[{&(0x7f00000004c0)="dd3928d486d69a4ed16c0b3e4b26a813d96043c9c3b42e75ceb07db97713c82bb1d914d4d6a7dcaf4817a5ceb0bca3ad2b1b6ee522c7828f514033347ebf8cbd46fadd37288414fce717fcd6bf0624091b67eb8a6355ff77778369c317605b97515b14f8f4fce21f09b795b3f6fc7e447ccc95054c82516f9bc990c5f9df7f101938d276f465470b64905ed802c553d60ecd3dee99583fa7952a43cc9a9049c87081b6d4691d606afe528cc323cfa034028a9fb8b1589a4711667a3620e7848cdf70a45b8a43cb79a5988eab43e4ab40f5d3", 0xd2, 0x101}])

[  667.100274][T12968] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:44 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x30000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:44 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  667.225441][T12974] Dev loop3: unable to read RDB block 1
[  667.247912][T12974]  loop3: unable to read partition table
[  667.260061][T12974] loop3: partition table beyond EOD, truncated
[  667.283069][T12974] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
21:51:44 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x34000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  667.451445][T12974] Dev loop3: unable to read RDB block 1
[  667.461357][T12974]  loop3: unable to read partition table
[  667.484178][T12974] loop3: partition table beyond EOD, truncated
[  667.535279][T12974] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
21:51:50 executing program 5:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:50 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:50 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:51:50 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10005040)

21:51:50 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x400300, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:50 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  673.205969][T13003] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:50 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:51:50 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:50 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf0ffff, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:50 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x1000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:50 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:51:50 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:58 executing program 5:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:58 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x2000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:58 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:51:58 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:51:58 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:58 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  681.671133][T13044] Dead loop on virtual device ip6_vti0, fix it urgently!
21:51:59 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x3000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:59 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:51:59 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:51:59 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x4000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:51:59 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:51:59 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x6000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:08 executing program 5:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:08 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:08 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:08 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xa000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:08 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:52:08 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
shutdown(0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:08 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
shutdown(0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:08 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:08 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:08 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:08 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
shutdown(0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:08 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:17 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:17 executing program 4:
socket$kcm(0x2b, 0x1, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:17 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:17 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  700.344419][T13119] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:17 executing program 4:
socket$kcm(0x2b, 0x1, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x27020000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  700.554685][T13134] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:17 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:17 executing program 4:
socket$kcm(0x2b, 0x1, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  700.817092][T13150] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x3f000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:26 executing program 4:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:26 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:26 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:52:27 executing program 4:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  709.697809][T13167] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:27 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x40000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:27 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  709.820800][T13173] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:27 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:27 executing program 4:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:27 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  710.021136][T13183] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x60000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:36 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:52:36 executing program 4:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:36 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:36 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:36 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:36 executing program 4:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  719.042703][T13207] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x9effffff, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:36 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  719.192107][T13214] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:36 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:36 executing program 4:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf0ffffff, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  719.403281][T13227] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:45 executing program 5:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040030000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:45 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:45 executing program 4:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:45 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xfcffffff, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:45 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:45 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  728.353476][T13247] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:45 executing program 4:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:45 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xfffff000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:45 executing program 3:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:45 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  728.607374][T13258] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:45 executing program 4:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:46 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xffffff7f, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  728.835026][T13267] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:57 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x34000, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)

21:52:57 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:57 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:57 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:57 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20000)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:52:57 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xffffff9e, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:52:57 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  739.787153][T13284] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:57 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:52:57 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xfffffff0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  739.960501][T13293] Dead loop on virtual device ip6_vti0, fix it urgently!
21:52:57 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:52:57 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:52:57 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  740.166740][T13303] Dead loop on virtual device ip6_vti0, fix it urgently!
21:53:06 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
read(r1, &(0x7f00000001c0)=""/48, 0x5)

21:53:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xfffffffc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:06 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x0, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:06 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:06 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:53:06 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:53:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x3000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:06 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x0, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:06 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:06 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:53:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x40030000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:06 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:14 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))

21:53:14 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x0, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:14 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:53:14 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf0ffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:14 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:14 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:53:14 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:14 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x100000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  757.760006][T13381] Dead loop on virtual device ip6_vti0, fix it urgently!
[  757.812480][T13368] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  757.838991][T13368] CPU: 1 PID: 13368 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  757.848133][T13368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  757.858190][T13368] Call Trace:
[  757.861487][T13368]  dump_stack+0x172/0x1f0
[  757.865828][T13368]  dump_header+0x177/0x1152
[  757.870333][T13368]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  757.876131][T13368]  ? ___ratelimit+0x2c8/0x595
[  757.880807][T13368]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  757.886611][T13368]  ? lockdep_hardirqs_on+0x418/0x5d0
[  757.891896][T13368]  ? trace_hardirqs_on+0x67/0x240
[  757.897011][T13368]  ? pagefault_out_of_memory+0x11c/0x11c
[  757.902657][T13368]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  757.908459][T13368]  ? ___ratelimit+0x60/0x595
[  757.913046][T13368]  ? do_raw_spin_unlock+0x57/0x270
[  757.918160][T13368]  oom_kill_process.cold+0x10/0x15
[  757.923273][T13368]  out_of_memory+0x334/0x1340
[  757.927951][T13368]  ? lock_downgrade+0x920/0x920
[  757.932803][T13368]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  757.938607][T13368]  ? oom_killer_disable+0x280/0x280
[  757.944250][T13368]  mem_cgroup_out_of_memory+0x1d8/0x240
[  757.949814][T13368]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  757.955553][T13368]  ? do_raw_spin_unlock+0x57/0x270
[  757.960674][T13368]  ? _raw_spin_unlock+0x2d/0x50
[  757.965532][T13368]  try_charge+0xf4b/0x1440
[  757.969964][T13368]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  757.975508][T13368]  ? percpu_ref_tryget_live+0x111/0x290
[  757.981058][T13368]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  757.987304][T13368]  ? __kasan_check_read+0x11/0x20
[  757.992332][T13368]  ? get_mem_cgroup_from_mm+0x156/0x320
[  757.997879][T13368]  mem_cgroup_try_charge+0x136/0x590
[  758.003168][T13368]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  758.009409][T13368]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  758.015069][T13368]  __handle_mm_fault+0x1e34/0x3f20
[  758.020187][T13368]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  758.025750][T13368]  ? __kasan_check_read+0x11/0x20
[  758.030789][T13368]  handle_mm_fault+0x1b5/0x6c0
[  758.035557][T13368]  __get_user_pages+0x7d4/0x1b30
[  758.040489][T13368]  ? mark_held_locks+0xf0/0xf0
[  758.045259][T13368]  ? follow_page_mask+0x1cf0/0x1cf0
[  758.050450][T13368]  ? __mm_populate+0x270/0x380
[  758.055218][T13368]  ? __kasan_check_write+0x14/0x20
[  758.060328][T13368]  ? down_read+0x109/0x430
[  758.064744][T13368]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  758.070989][T13368]  populate_vma_page_range+0x20d/0x2a0
[  758.076450][T13368]  __mm_populate+0x204/0x380
[  758.081040][T13368]  ? populate_vma_page_range+0x2a0/0x2a0
[  758.086691][T13368]  ? __kasan_check_write+0x14/0x20
[  758.091808][T13368]  ? up_write+0x155/0x490
[  758.096139][T13368]  ? ns_capable_common+0x93/0x100
[  758.101177][T13368]  __x64_sys_mlockall+0x473/0x520
[  758.106207][T13368]  do_syscall_64+0xfa/0x760
[  758.110739][T13368]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  758.116639][T13368] RIP: 0033:0x4598e9
[  758.120541][T13368] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  758.140145][T13368] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  758.148557][T13368] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  758.156536][T13368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  758.164504][T13368] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  758.172470][T13368] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  758.180434][T13368] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  758.195950][T13368] memory: usage 307200kB, limit 307200kB, failcnt 64
[  758.209047][T13368] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  758.217075][T13368] Memory cgroup stats for /syz1:
[  758.217632][T13368] anon 301932544
[  758.217632][T13368] file 40960
[  758.217632][T13368] kernel_stack 720896
[  758.217632][T13368] slab 8441856
[  758.217632][T13368] sock 4096
[  758.217632][T13368] shmem 0
[  758.217632][T13368] file_mapped 0
[  758.217632][T13368] file_dirty 0
[  758.217632][T13368] file_writeback 0
[  758.217632][T13368] anon_thp 266338304
[  758.217632][T13368] inactive_anon 221253632
[  758.217632][T13368] active_anon 8998912
[  758.217632][T13368] inactive_file 0
[  758.217632][T13368] active_file 0
[  758.217632][T13368] unevictable 71749632
[  758.217632][T13368] slab_reclaimable 2568192
[  758.217632][T13368] slab_unreclaimable 5873664
[  758.217632][T13368] pgfault 25377
[  758.217632][T13368] pgmajfault 0
[  758.217632][T13368] workingset_refault 0
[  758.217632][T13368] workingset_activate 0
[  758.217632][T13368] workingset_nodereclaim 0
[  758.217632][T13368] pgrefill 36
[  758.217632][T13368] pgscan 35
[  758.217632][T13368] pgsteal 0
[  758.314824][T13368] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13356,uid=0
21:53:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x200000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  758.366537][T13368] Memory cgroup out of memory: Killed process 13356 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:53:15 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  758.454610][ T1066] oom_reaper: reaped process 13356 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:53:25 executing program 5:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='mqueue\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000100)='./file0/bus\x00', 0x0)
mq_notify(r0, 0x0)

21:53:25 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x300000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:25 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:25 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:53:25 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  768.067054][T13414] Dead loop on virtual device ip6_vti0, fix it urgently!
[  768.129627][T13410] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  768.140242][T13410] CPU: 1 PID: 13410 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  768.149360][T13410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  768.159417][T13410] Call Trace:
[  768.162722][T13410]  dump_stack+0x172/0x1f0
[  768.167066][T13410]  dump_header+0x177/0x1152
[  768.171578][T13410]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  768.177386][T13410]  ? ___ratelimit+0x2c8/0x595
[  768.182065][T13410]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  768.187903][T13410]  ? lockdep_hardirqs_on+0x418/0x5d0
[  768.193194][T13410]  ? trace_hardirqs_on+0x67/0x240
[  768.198230][T13410]  ? pagefault_out_of_memory+0x11c/0x11c
[  768.203876][T13410]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  768.209685][T13410]  ? ___ratelimit+0x60/0x595
[  768.214278][T13410]  ? do_raw_spin_unlock+0x57/0x270
[  768.219401][T13410]  oom_kill_process.cold+0x10/0x15
[  768.224517][T13410]  out_of_memory+0x334/0x1340
[  768.229222][T13410]  ? lock_downgrade+0x920/0x920
[  768.234082][T13410]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  768.239991][T13410]  ? oom_killer_disable+0x280/0x280
[  768.245204][T13410]  mem_cgroup_out_of_memory+0x1d8/0x240
[  768.250795][T13410]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  768.256434][T13410]  ? do_raw_spin_unlock+0x57/0x270
[  768.261556][T13410]  ? _raw_spin_unlock+0x2d/0x50
[  768.266420][T13410]  try_charge+0xf4b/0x1440
[  768.270849][T13410]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  768.276396][T13410]  ? percpu_ref_tryget_live+0x111/0x290
[  768.281945][T13410]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  768.288191][T13410]  ? __kasan_check_read+0x11/0x20
[  768.293222][T13410]  ? get_mem_cgroup_from_mm+0x156/0x320
[  768.298772][T13410]  mem_cgroup_try_charge+0x136/0x590
[  768.304061][T13410]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  768.310306][T13410]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  768.315947][T13410]  __handle_mm_fault+0x1e34/0x3f20
[  768.321067][T13410]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  768.326631][T13410]  ? __kasan_check_read+0x11/0x20
[  768.331667][T13410]  handle_mm_fault+0x1b5/0x6c0
[  768.336442][T13410]  __get_user_pages+0x7d4/0x1b30
[  768.341552][T13410]  ? mark_held_locks+0xf0/0xf0
[  768.346336][T13410]  ? follow_page_mask+0x1cf0/0x1cf0
[  768.351536][T13410]  ? __mm_populate+0x270/0x380
[  768.356307][T13410]  ? __kasan_check_write+0x14/0x20
[  768.361418][T13410]  ? down_read+0x109/0x430
[  768.365838][T13410]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  768.372078][T13410]  populate_vma_page_range+0x20d/0x2a0
[  768.377548][T13410]  __mm_populate+0x204/0x380
[  768.382147][T13410]  ? populate_vma_page_range+0x2a0/0x2a0
[  768.387782][T13410]  ? __kasan_check_write+0x14/0x20
[  768.392897][T13410]  ? up_write+0x155/0x490
[  768.397227][T13410]  ? ns_capable_common+0x93/0x100
[  768.402261][T13410]  __x64_sys_mlockall+0x473/0x520
[  768.407291][T13410]  do_syscall_64+0xfa/0x760
[  768.411804][T13410]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  768.417694][T13410] RIP: 0033:0x4598e9
[  768.421597][T13410] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  768.441202][T13410] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  768.449619][T13410] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  768.457594][T13410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  768.465572][T13410] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  768.473541][T13410] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  768.481514][T13410] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  768.495219][T13410] memory: usage 307200kB, limit 307200kB, failcnt 97
[  768.502015][T13410] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  768.516207][T13410] Memory cgroup stats for /syz1:
[  768.516327][T13410] anon 302424064
[  768.516327][T13410] file 40960
[  768.516327][T13410] kernel_stack 720896
[  768.516327][T13410] slab 8065024
[  768.516327][T13410] sock 4096
[  768.516327][T13410] shmem 0
[  768.516327][T13410] file_mapped 0
[  768.516327][T13410] file_dirty 0
[  768.516327][T13410] file_writeback 0
[  768.516327][T13410] anon_thp 264241152
[  768.516327][T13410] inactive_anon 223342592
[  768.516327][T13410] active_anon 8982528
[  768.516327][T13410] inactive_file 0
[  768.516327][T13410] active_file 0
[  768.516327][T13410] unevictable 70074368
[  768.516327][T13410] slab_reclaimable 2568192
21:53:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:25 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x400000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  768.516327][T13410] slab_unreclaimable 5496832
[  768.516327][T13410] pgfault 26796
[  768.516327][T13410] pgmajfault 0
[  768.516327][T13410] workingset_refault 0
[  768.516327][T13410] workingset_activate 0
[  768.516327][T13410] workingset_nodereclaim 0
[  768.516327][T13410] pgrefill 36
[  768.516327][T13410] pgscan 35
[  768.516327][T13410] pgsteal 0
[  768.625994][T13410] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13401,uid=0
[  768.661438][T13410] Memory cgroup out of memory: Killed process 13401 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:53:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x600000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:26 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:26 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  768.981170][T13435] Dead loop on virtual device ip6_vti0, fix it urgently!
21:53:36 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-256\x00'}, 0x58)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x6c, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000c80), 0x4924924924921ae, 0x0)

21:53:36 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xa00000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:36 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0b")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:36 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:53:36 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:53:36 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  779.441961][T13454] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  779.455176][T13454] CPU: 0 PID: 13454 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  779.464306][T13454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  779.474373][T13454] Call Trace:
[  779.477680][T13454]  dump_stack+0x172/0x1f0
[  779.482039][T13454]  dump_header+0x177/0x1152
[  779.486557][T13454]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  779.492363][T13454]  ? ___ratelimit+0x2c8/0x595
[  779.497045][T13454]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  779.502871][T13454]  ? lockdep_hardirqs_on+0x418/0x5d0
[  779.508162][T13454]  ? trace_hardirqs_on+0x67/0x240
[  779.515291][T13454]  ? pagefault_out_of_memory+0x11c/0x11c
[  779.520951][T13454]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  779.526767][T13454]  ? ___ratelimit+0x60/0x595
[  779.531347][T13454]  ? do_raw_spin_unlock+0x57/0x270
[  779.536449][T13454]  oom_kill_process.cold+0x10/0x15
[  779.541808][T13454]  out_of_memory+0x334/0x1340
[  779.546469][T13454]  ? lock_downgrade+0x920/0x920
[  779.551318][T13454]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  779.557109][T13454]  ? oom_killer_disable+0x280/0x280
[  779.562299][T13454]  mem_cgroup_out_of_memory+0x1d8/0x240
[  779.567840][T13454]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  779.573462][T13454]  ? do_raw_spin_unlock+0x57/0x270
[  779.578561][T13454]  ? _raw_spin_unlock+0x2d/0x50
[  779.583401][T13454]  try_charge+0xf4b/0x1440
[  779.587817][T13454]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  779.593345][T13454]  ? percpu_ref_tryget_live+0x111/0x290
[  779.598891][T13454]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  779.605124][T13454]  ? __kasan_check_read+0x11/0x20
[  779.610150][T13454]  ? get_mem_cgroup_from_mm+0x156/0x320
[  779.615681][T13454]  mem_cgroup_try_charge+0x136/0x590
[  779.620949][T13454]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  779.627176][T13454]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  779.632795][T13454]  __handle_mm_fault+0x1e34/0x3f20
[  779.637902][T13454]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  779.643440][T13454]  ? __kasan_check_read+0x11/0x20
[  779.648457][T13454]  handle_mm_fault+0x1b5/0x6c0
[  779.653206][T13454]  __get_user_pages+0x7d4/0x1b30
[  779.658214][T13454]  ? mark_held_locks+0xf0/0xf0
[  779.662970][T13454]  ? follow_page_mask+0x1cf0/0x1cf0
[  779.668150][T13454]  ? __mm_populate+0x270/0x380
[  779.672915][T13454]  ? __kasan_check_write+0x14/0x20
[  779.678011][T13454]  ? down_read+0x109/0x430
[  779.682424][T13454]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  779.688651][T13454]  populate_vma_page_range+0x20d/0x2a0
[  779.694096][T13454]  __mm_populate+0x204/0x380
[  779.698671][T13454]  ? populate_vma_page_range+0x2a0/0x2a0
[  779.704287][T13454]  ? __kasan_check_write+0x14/0x20
[  779.709383][T13454]  ? up_write+0x155/0x490
[  779.713713][T13454]  ? ns_capable_common+0x93/0x100
[  779.718755][T13454]  __x64_sys_mlockall+0x473/0x520
[  779.723781][T13454]  do_syscall_64+0xfa/0x760
[  779.728290][T13454]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  779.734188][T13454] RIP: 0033:0x4598e9
[  779.738075][T13454] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  779.757680][T13454] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  779.766079][T13454] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  779.774036][T13454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  779.782003][T13454] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
21:53:37 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  779.790131][T13454] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  779.798086][T13454] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:53:37 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0b")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  779.905825][T13454] memory: usage 307200kB, limit 307200kB, failcnt 116
[  779.912888][T13454] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  779.940205][T13454] Memory cgroup stats for /syz1:
[  779.940443][T13454] anon 302764032
[  779.940443][T13454] file 40960
[  779.940443][T13454] kernel_stack 655360
[  779.940443][T13454] slab 7741440
[  779.940443][T13454] sock 4096
[  779.940443][T13454] shmem 0
[  779.940443][T13454] file_mapped 0
[  779.940443][T13454] file_dirty 0
[  779.940443][T13454] file_writeback 0
[  779.940443][T13454] anon_thp 264241152
[  779.940443][T13454] inactive_anon 223428608
[  779.940443][T13454] active_anon 8978432
[  779.940443][T13454] inactive_file 0
[  779.940443][T13454] active_file 0
[  779.940443][T13454] unevictable 70410240
[  779.940443][T13454] slab_reclaimable 2568192
[  779.940443][T13454] slab_unreclaimable 5173248
21:53:37 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:37 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xe00000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:37 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  779.940443][T13454] pgfault 28215
[  779.940443][T13454] pgmajfault 0
[  779.940443][T13454] workingset_refault 0
[  779.940443][T13454] workingset_activate 0
[  779.940443][T13454] workingset_nodereclaim 0
[  779.940443][T13454] pgrefill 36
[  779.940443][T13454] pgscan 68
[  779.940443][T13454] pgsteal 0
21:53:37 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, 0x0, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  780.121189][T13454] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13439,uid=0
[  780.190873][T13454] Memory cgroup out of memory: Killed process 13439 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:53:47 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'n%0\x01\x00', 0x1132})

21:53:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0b")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:47 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf00000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:47 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, 0x0, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:47 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:53:47 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:53:48 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, 0x0, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:48 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47b")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  790.924215][T13498] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  790.937818][T13498] CPU: 1 PID: 13498 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  790.947081][T13498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  790.957284][T13498] Call Trace:
[  790.961425][T13498]  dump_stack+0x172/0x1f0
[  790.965793][T13498]  dump_header+0x177/0x1152
[  790.970574][T13498]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  790.976393][T13498]  ? ___ratelimit+0x2c8/0x595
[  790.981156][T13498]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  790.986994][T13498]  ? lockdep_hardirqs_on+0x418/0x5d0
[  790.987012][T13498]  ? trace_hardirqs_on+0x67/0x240
[  790.987028][T13498]  ? pagefault_out_of_memory+0x11c/0x11c
[  790.987042][T13498]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  790.987055][T13498]  ? ___ratelimit+0x60/0x595
[  790.987066][T13498]  ? do_raw_spin_unlock+0x57/0x270
[  790.987083][T13498]  oom_kill_process.cold+0x10/0x15
[  790.987101][T13498]  out_of_memory+0x334/0x1340
[  791.028440][T13498]  ? lock_downgrade+0x920/0x920
[  791.033309][T13498]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  791.039141][T13498]  ? oom_killer_disable+0x280/0x280
[  791.039171][T13498]  mem_cgroup_out_of_memory+0x1d8/0x240
[  791.039189][T13498]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  791.055562][T13498]  ? do_raw_spin_unlock+0x57/0x270
[  791.055584][T13498]  ? _raw_spin_unlock+0x2d/0x50
[  791.055605][T13498]  try_charge+0xf4b/0x1440
21:53:48 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  791.055629][T13498]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  791.055653][T13498]  ? percpu_ref_tryget_live+0x111/0x290
[  791.081219][T13498]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  791.087490][T13498]  ? __kasan_check_read+0x11/0x20
[  791.092539][T13498]  ? get_mem_cgroup_from_mm+0x156/0x320
[  791.098115][T13498]  mem_cgroup_try_charge+0x136/0x590
[  791.103423][T13498]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  791.109682][T13498]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  791.109704][T13498]  __handle_mm_fault+0x1e34/0x3f20
[  791.109725][T13498]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  791.120468][T13498]  ? __kasan_check_read+0x11/0x20
[  791.120494][T13498]  handle_mm_fault+0x1b5/0x6c0
[  791.120513][T13498]  __get_user_pages+0x7d4/0x1b30
[  791.140760][T13498]  ? mark_held_locks+0xf0/0xf0
[  791.145545][T13498]  ? follow_page_mask+0x1cf0/0x1cf0
[  791.150906][T13498]  ? __mm_populate+0x270/0x380
[  791.156111][T13498]  ? __kasan_check_write+0x14/0x20
[  791.161242][T13498]  ? down_read+0x109/0x430
[  791.165670][T13498]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  791.171932][T13498]  populate_vma_page_range+0x20d/0x2a0
[  791.177409][T13498]  __mm_populate+0x204/0x380
[  791.182190][T13498]  ? populate_vma_page_range+0x2a0/0x2a0
[  791.187833][T13498]  ? __kasan_check_write+0x14/0x20
[  791.192967][T13498]  ? up_write+0x155/0x490
[  791.197307][T13498]  ? ns_capable_common+0x93/0x100
[  791.202357][T13498]  __x64_sys_mlockall+0x473/0x520
[  791.202378][T13498]  do_syscall_64+0xfa/0x760
[  791.202401][T13498]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  791.211900][T13498] RIP: 0033:0x4598e9
21:53:48 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  791.211917][T13498] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  791.211925][T13498] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  791.211939][T13498] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  791.211947][T13498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  791.211954][T13498] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
21:53:48 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x2702000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:48 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  791.211961][T13498] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  791.211975][T13498] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  791.296249][T13498] memory: usage 307200kB, limit 307200kB, failcnt 143
[  791.346170][T13498] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  791.370072][T13498] Memory cgroup stats for /syz1:
[  791.370191][T13498] anon 303185920
[  791.370191][T13498] file 40960
[  791.370191][T13498] kernel_stack 720896
[  791.370191][T13498] slab 7372800
[  791.370191][T13498] sock 4096
[  791.370191][T13498] shmem 0
[  791.370191][T13498] file_mapped 0
[  791.370191][T13498] file_dirty 0
[  791.370191][T13498] file_writeback 0
[  791.370191][T13498] anon_thp 266338304
[  791.370191][T13498] inactive_anon 223363072
[  791.370191][T13498] active_anon 9003008
[  791.370191][T13498] inactive_file 0
[  791.370191][T13498] active_file 0
[  791.370191][T13498] unevictable 70819840
[  791.370191][T13498] slab_reclaimable 2568192
[  791.370191][T13498] slab_unreclaimable 4804608
[  791.370191][T13498] pgfault 29139
[  791.370191][T13498] pgmajfault 0
[  791.370191][T13498] workingset_refault 0
[  791.370191][T13498] workingset_activate 0
[  791.370191][T13498] workingset_nodereclaim 0
[  791.370191][T13498] pgrefill 36
[  791.370191][T13498] pgscan 68
[  791.370191][T13498] pgsteal 0
[  791.539353][T13498] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13482,uid=0
[  791.596555][T13498] Memory cgroup out of memory: Killed process 13482 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:53:56 executing program 5:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000000), 0x4)

21:53:56 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:53:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x3f00000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:53:56 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47b")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:56 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

21:53:56 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:53:56 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  799.535619][T13540] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  799.546942][T13540] CPU: 1 PID: 13540 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  799.556060][T13540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  799.566125][T13540] Call Trace:
[  799.569432][T13540]  dump_stack+0x172/0x1f0
[  799.573769][T13540]  dump_header+0x177/0x1152
[  799.578272][T13540]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
21:53:56 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47b")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:53:56 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x4000000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  799.584081][T13540]  ? ___ratelimit+0x2c8/0x595
[  799.588771][T13540]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  799.594586][T13540]  ? lockdep_hardirqs_on+0x418/0x5d0
[  799.599876][T13540]  ? trace_hardirqs_on+0x67/0x240
[  799.604902][T13540]  ? pagefault_out_of_memory+0x11c/0x11c
[  799.604921][T13540]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  799.604934][T13540]  ? ___ratelimit+0x60/0x595
[  799.604952][T13540]  ? do_raw_spin_unlock+0x57/0x270
[  799.616364][T13540]  oom_kill_process.cold+0x10/0x15
[  799.626021][T13540]  out_of_memory+0x334/0x1340
[  799.626037][T13540]  ? lock_downgrade+0x920/0x920
[  799.626057][T13540]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  799.626072][T13540]  ? oom_killer_disable+0x280/0x280
[  799.626097][T13540]  mem_cgroup_out_of_memory+0x1d8/0x240
[  799.651642][T13540]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  799.651667][T13540]  ? do_raw_spin_unlock+0x57/0x270
[  799.667933][T13540]  ? _raw_spin_unlock+0x2d/0x50
[  799.672783][T13540]  try_charge+0xf4b/0x1440
[  799.677215][T13540]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  799.682769][T13540]  ? percpu_ref_tryget_live+0x111/0x290
[  799.688358][T13540]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  799.694748][T13540]  ? __kasan_check_read+0x11/0x20
[  799.699785][T13540]  ? get_mem_cgroup_from_mm+0x156/0x320
[  799.705340][T13540]  mem_cgroup_try_charge+0x136/0x590
[  799.710638][T13540]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  799.716895][T13540]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  799.722544][T13540]  __handle_mm_fault+0x1e34/0x3f20
[  799.727673][T13540]  ? vmf_insert_mixed_mkwrite+0x40/0x40
21:53:57 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  799.733441][T13540]  ? __kasan_check_read+0x11/0x20
[  799.738497][T13540]  handle_mm_fault+0x1b5/0x6c0
[  799.743291][T13540]  __get_user_pages+0x7d4/0x1b30
[  799.748253][T13540]  ? mark_held_locks+0xf0/0xf0
[  799.753051][T13540]  ? follow_page_mask+0x1cf0/0x1cf0
[  799.758268][T13540]  ? __mm_populate+0x270/0x380
[  799.763052][T13540]  ? __kasan_check_write+0x14/0x20
[  799.768187][T13540]  ? down_read+0x109/0x430
[  799.772626][T13540]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  799.778891][T13540]  populate_vma_page_range+0x20d/0x2a0
[  799.784375][T13540]  __mm_populate+0x204/0x380
[  799.784392][T13540]  ? populate_vma_page_range+0x2a0/0x2a0
[  799.784407][T13540]  ? __kasan_check_write+0x14/0x20
[  799.784427][T13540]  ? up_write+0x155/0x490
[  799.799748][T13540]  ? ns_capable_common+0x93/0x100
[  799.799774][T13540]  __x64_sys_mlockall+0x473/0x520
[  799.799796][T13540]  do_syscall_64+0xfa/0x760
[  799.818656][T13540]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  799.824563][T13540] RIP: 0033:0x4598e9
21:53:57 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  799.828473][T13540] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  799.848313][T13540] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  799.856882][T13540] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  799.865049][T13540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  799.873174][T13540] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
21:53:57 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  799.881157][T13540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  799.889131][T13540] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  799.916310][T13540] memory: usage 307200kB, limit 307200kB, failcnt 181
[  799.942067][T13540] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  800.016499][T13540] Memory cgroup stats for /syz1:
[  800.016616][T13540] anon 303140864
[  800.016616][T13540] file 40960
[  800.016616][T13540] kernel_stack 720896
[  800.016616][T13540] slab 7479296
[  800.016616][T13540] sock 4096
[  800.016616][T13540] shmem 0
[  800.016616][T13540] file_mapped 0
[  800.016616][T13540] file_dirty 0
[  800.016616][T13540] file_writeback 0
[  800.016616][T13540] anon_thp 264241152
[  800.016616][T13540] inactive_anon 221233152
[  800.016616][T13540] active_anon 9023488
[  800.016616][T13540] inactive_file 0
[  800.016616][T13540] active_file 0
[  800.016616][T13540] unevictable 72847360
[  800.016616][T13540] slab_reclaimable 2568192
[  800.016616][T13540] slab_unreclaimable 4911104
[  800.016616][T13540] pgfault 30987
[  800.016616][T13540] pgmajfault 0
[  800.016616][T13540] workingset_refault 0
[  800.016616][T13540] workingset_activate 0
[  800.016616][T13540] workingset_nodereclaim 0
[  800.016616][T13540] pgrefill 36
[  800.016616][T13540] pgscan 68
[  800.016616][T13540] pgsteal 0
[  800.158080][T13540] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13525,uid=0
[  800.174358][T13540] Memory cgroup out of memory: Killed process 13525 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:54:07 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'n%0\x01\x00', 0x1132})

21:54:07 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf0")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x6000000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:07 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

21:54:07 executing program 2:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000180)=@gcm_128={{}, "463a92342d73f68f", "e8ca4c858b16eda5c8a30fb9e980c03c", "d565ab1b", "3bd5a4956999b1f6"}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x3, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

21:54:07 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:08 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  810.871623][T13577] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  810.915266][T13577] CPU: 1 PID: 13577 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  810.924417][T13577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  810.934484][T13577] Call Trace:
[  810.937785][T13577]  dump_stack+0x172/0x1f0
[  810.942131][T13577]  dump_header+0x177/0x1152
[  810.946643][T13577]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  810.952555][T13577]  ? ___ratelimit+0x2c8/0x595
[  810.957247][T13577]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  810.963067][T13577]  ? lockdep_hardirqs_on+0x418/0x5d0
[  810.968363][T13577]  ? trace_hardirqs_on+0x67/0x240
[  810.973388][T13577]  ? pagefault_out_of_memory+0x11c/0x11c
[  810.973406][T13577]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  810.973423][T13577]  ? ___ratelimit+0x60/0x595
[  810.984840][T13577]  ? do_raw_spin_unlock+0x57/0x270
[  810.984861][T13577]  oom_kill_process.cold+0x10/0x15
[  810.984876][T13577]  out_of_memory+0x334/0x1340
[  810.984891][T13577]  ? lock_downgrade+0x920/0x920
[  810.984910][T13577]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  810.984927][T13577]  ? oom_killer_disable+0x280/0x280
[  810.984950][T13577]  mem_cgroup_out_of_memory+0x1d8/0x240
[  811.025702][T13577]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  811.031357][T13577]  ? do_raw_spin_unlock+0x57/0x270
[  811.036487][T13577]  ? _raw_spin_unlock+0x2d/0x50
[  811.041351][T13577]  try_charge+0xf4b/0x1440
[  811.045785][T13577]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  811.051338][T13577]  ? percpu_ref_tryget_live+0x111/0x290
[  811.056898][T13577]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
21:54:08 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x9effffff00000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:08 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf0")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  811.056915][T13577]  ? __kasan_check_read+0x11/0x20
[  811.056933][T13577]  ? get_mem_cgroup_from_mm+0x156/0x320
[  811.056948][T13577]  mem_cgroup_try_charge+0x136/0x590
[  811.056961][T13577]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  811.056980][T13577]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  811.057000][T13577]  __handle_mm_fault+0x1e34/0x3f20
[  811.057022][T13577]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  811.057047][T13577]  ? __kasan_check_read+0x11/0x20
[  811.102453][T13577]  handle_mm_fault+0x1b5/0x6c0
[  811.112250][T13577]  __get_user_pages+0x7d4/0x1b30
[  811.117201][T13577]  ? mark_held_locks+0xf0/0xf0
[  811.122004][T13577]  ? follow_page_mask+0x1cf0/0x1cf0
[  811.127211][T13577]  ? __mm_populate+0x270/0x380
[  811.131990][T13577]  ? __kasan_check_write+0x14/0x20
[  811.137120][T13577]  ? down_read+0x109/0x430
[  811.141545][T13577]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  811.147796][T13577]  populate_vma_page_range+0x20d/0x2a0
[  811.153264][T13577]  __mm_populate+0x204/0x380
[  811.157879][T13577]  ? populate_vma_page_range+0x2a0/0x2a0
[  811.163539][T13577]  ? __kasan_check_write+0x14/0x20
[  811.168652][T13577]  ? up_write+0x155/0x490
[  811.172989][T13577]  ? ns_capable_common+0x93/0x100
[  811.178051][T13577]  __x64_sys_mlockall+0x473/0x520
[  811.183081][T13577]  do_syscall_64+0xfa/0x760
[  811.187593][T13577]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  811.193494][T13577] RIP: 0033:0x4598e9
21:54:08 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  811.197390][T13577] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  811.217000][T13577] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  811.225420][T13577] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  811.233395][T13577] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  811.241361][T13577] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  811.249327][T13577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  811.249335][T13577] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:54:08 executing program 2:
r0 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3\\\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0)
write(r0, &(0x7f0000000040)="06", 0x1)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x0})

[  811.263905][T13577] memory: usage 307200kB, limit 307200kB, failcnt 221
[  811.279970][T13577] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  811.294078][T13577] Memory cgroup stats for /syz1:
[  811.294194][T13577] anon 302956544
[  811.294194][T13577] file 40960
[  811.294194][T13577] kernel_stack 720896
[  811.294194][T13577] slab 7553024
[  811.294194][T13577] sock 4096
[  811.294194][T13577] shmem 0
[  811.294194][T13577] file_mapped 0
[  811.294194][T13577] file_dirty 0
[  811.294194][T13577] file_writeback 0
[  811.294194][T13577] anon_thp 262144000
[  811.294194][T13577] inactive_anon 221306880
[  811.294194][T13577] active_anon 8966144
[  811.294194][T13577] inactive_file 0
[  811.294194][T13577] active_file 0
[  811.294194][T13577] unevictable 72712192
[  811.294194][T13577] slab_reclaimable 2568192
[  811.294194][T13577] slab_unreclaimable 4984832
[  811.294194][T13577] pgfault 32835
[  811.294194][T13577] pgmajfault 0
21:54:08 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)

[  811.294194][T13577] workingset_refault 0
[  811.294194][T13577] workingset_activate 0
[  811.294194][T13577] workingset_nodereclaim 0
[  811.294194][T13577] pgrefill 36
[  811.294194][T13577] pgscan 68
[  811.294194][T13577] pgsteal 0
[  811.427656][T13577] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13566,uid=0
[  811.452186][T13577] Memory cgroup out of memory: Killed process 13566 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  811.508939][ T1066] oom_reaper: reaped process 13566 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:54:15 executing program 5:
r0 = socket$pptp(0x18, 0x1, 0x2)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
connect$pptp(r0, &(0x7f0000000300), 0x1e)

21:54:15 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, 0x0, 0x0)

21:54:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf0")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xf0ffffff00000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:15 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f00000000c0)="0f20d86635200000000f22d826d33566b91109000066b80060000066ba000000000f306766c74424000d0000006766c7442402f60000006766c744240600000000670f0114246766c74424003f8c00006766c7442402e4d400006766c744240600000000670f011424660f38827500b8dd000f00d80f21f30f01c3ddc3", 0x7d}], 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:54:15 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, 0x0, 0x0)

[  818.206707][T13617] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  818.253790][T13617] CPU: 1 PID: 13617 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  818.262942][T13617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  818.272996][T13617] Call Trace:
[  818.276293][T13617]  dump_stack+0x172/0x1f0
[  818.280637][T13617]  dump_header+0x177/0x1152
[  818.285151][T13617]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  818.290958][T13617]  ? ___ratelimit+0x2c8/0x595
[  818.295679][T13617]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  818.301499][T13617]  ? lockdep_hardirqs_on+0x418/0x5d0
[  818.306798][T13617]  ? trace_hardirqs_on+0x67/0x240
[  818.311835][T13617]  ? pagefault_out_of_memory+0x11c/0x11c
[  818.317478][T13617]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  818.323294][T13617]  ? ___ratelimit+0x60/0x595
[  818.327891][T13617]  ? do_raw_spin_unlock+0x57/0x270
[  818.333015][T13617]  oom_kill_process.cold+0x10/0x15
[  818.340568][T13617]  out_of_memory+0x334/0x1340
[  818.345260][T13617]  ? lock_downgrade+0x920/0x920
[  818.350121][T13617]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  818.355937][T13617]  ? oom_killer_disable+0x280/0x280
[  818.361157][T13617]  mem_cgroup_out_of_memory+0x1d8/0x240
[  818.366711][T13617]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  818.372359][T13617]  ? do_raw_spin_unlock+0x57/0x270
[  818.377475][T13617]  ? _raw_spin_unlock+0x2d/0x50
[  818.382337][T13617]  try_charge+0xf4b/0x1440
[  818.386776][T13617]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  818.392332][T13617]  ? percpu_ref_tryget_live+0x111/0x290
[  818.397906][T13617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.404146][T13617]  ? __kasan_check_read+0x11/0x20
[  818.404166][T13617]  ? get_mem_cgroup_from_mm+0x156/0x320
[  818.404182][T13617]  mem_cgroup_try_charge+0x136/0x590
[  818.404195][T13617]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  818.404213][T13617]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  818.420028][T13617]  __handle_mm_fault+0x1e34/0x3f20
[  818.420051][T13617]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  818.420079][T13617]  ? __kasan_check_read+0x11/0x20
[  818.442639][T13617]  handle_mm_fault+0x1b5/0x6c0
21:54:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xfcffffff00000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:15 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, 0x0, 0x0)

21:54:15 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x1c)

21:54:15 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x1c)

[  818.442660][T13617]  __get_user_pages+0x7d4/0x1b30
[  818.442680][T13617]  ? mark_held_locks+0xf0/0xf0
[  818.457395][T13617]  ? follow_page_mask+0x1cf0/0x1cf0
[  818.457412][T13617]  ? __mm_populate+0x270/0x380
[  818.472115][T13617]  ? __kasan_check_write+0x14/0x20
[  818.477249][T13617]  ? down_read+0x109/0x430
[  818.481679][T13617]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  818.487935][T13617]  populate_vma_page_range+0x20d/0x2a0
[  818.493400][T13617]  __mm_populate+0x204/0x380
[  818.498001][T13617]  ? populate_vma_page_range+0x2a0/0x2a0
21:54:15 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xe}, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x1c)

[  818.503642][T13617]  ? __kasan_check_write+0x14/0x20
[  818.508765][T13617]  ? up_write+0x155/0x490
[  818.513098][T13617]  ? ns_capable_common+0x93/0x100
[  818.518131][T13617]  __x64_sys_mlockall+0x473/0x520
[  818.523163][T13617]  do_syscall_64+0xfa/0x760
[  818.527681][T13617]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  818.533576][T13617] RIP: 0033:0x4598e9
[  818.537480][T13617] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  818.557093][T13617] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  818.565520][T13617] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  818.573494][T13617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  818.581474][T13617] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  818.589456][T13617] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  818.597443][T13617] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  818.624892][T13617] memory: usage 307184kB, limit 307200kB, failcnt 245
[  818.640566][T13617] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  818.701272][T13617] Memory cgroup stats for /syz1:
[  818.701460][T13617] anon 302784512
[  818.701460][T13617] file 40960
[  818.701460][T13617] kernel_stack 655360
[  818.701460][T13617] slab 7553024
[  818.701460][T13617] sock 4096
[  818.701460][T13617] shmem 0
[  818.701460][T13617] file_mapped 0
[  818.701460][T13617] file_dirty 0
[  818.701460][T13617] file_writeback 0
[  818.701460][T13617] anon_thp 262144000
[  818.701460][T13617] inactive_anon 221278208
[  818.701460][T13617] active_anon 8929280
[  818.701460][T13617] inactive_file 0
[  818.701460][T13617] active_file 0
[  818.701460][T13617] unevictable 72577024
[  818.701460][T13617] slab_reclaimable 2568192
[  818.701460][T13617] slab_unreclaimable 4984832
[  818.701460][T13617] pgfault 34683
[  818.701460][T13617] pgmajfault 0
[  818.701460][T13617] workingset_refault 0
[  818.701460][T13617] workingset_activate 0
[  818.701460][T13617] workingset_nodereclaim 0
[  818.701460][T13617] pgrefill 36
[  818.701460][T13617] pgscan 68
[  818.701460][T13617] pgsteal 0
[  818.799305][T13617] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13607,uid=0
[  818.815846][T13617] Memory cgroup out of memory: Killed process 13607 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  818.843364][ T1066] oom_reaper: reaped process 13607 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:54:24 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000040)={0x7b, 0x5, [0x0, 0x0, 0x198], [0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]})

21:54:24 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xffffff7f00000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, 0x0, 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:24 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x2702000000000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:24 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  827.585508][T13659] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  827.612356][T13659] CPU: 0 PID: 13659 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  827.621504][T13659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  827.631570][T13659] Call Trace:
[  827.634877][T13659]  dump_stack+0x172/0x1f0
[  827.639228][T13659]  dump_header+0x177/0x1152
[  827.643757][T13659]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  827.649576][T13659]  ? ___ratelimit+0x2c8/0x595
[  827.654261][T13659]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  827.661985][T13659]  ? lockdep_hardirqs_on+0x418/0x5d0
[  827.667281][T13659]  ? trace_hardirqs_on+0x67/0x240
[  827.672321][T13659]  ? pagefault_out_of_memory+0x11c/0x11c
[  827.677964][T13659]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  827.683780][T13659]  ? ___ratelimit+0x60/0x595
[  827.688372][T13659]  ? do_raw_spin_unlock+0x57/0x270
[  827.693500][T13659]  oom_kill_process.cold+0x10/0x15
[  827.698618][T13659]  out_of_memory+0x334/0x1340
[  827.703303][T13659]  ? lock_downgrade+0x920/0x920
[  827.708160][T13659]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  827.713967][T13659]  ? oom_killer_disable+0x280/0x280
[  827.719180][T13659]  mem_cgroup_out_of_memory+0x1d8/0x240
[  827.724735][T13659]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  827.730560][T13659]  ? do_raw_spin_unlock+0x57/0x270
21:54:24 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, 0x0, 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:24 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xffffffff00000000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  827.735671][T13659]  ? _raw_spin_unlock+0x2d/0x50
[  827.735691][T13659]  try_charge+0xf4b/0x1440
[  827.735714][T13659]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  827.735727][T13659]  ? percpu_ref_tryget_live+0x111/0x290
[  827.735745][T13659]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  827.735763][T13659]  ? __kasan_check_read+0x11/0x20
[  827.762303][T13659]  ? get_mem_cgroup_from_mm+0x156/0x320
[  827.762322][T13659]  mem_cgroup_try_charge+0x136/0x590
[  827.762344][T13659]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  827.784389][T13659]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  827.790036][T13659]  __handle_mm_fault+0x1e34/0x3f20
[  827.795161][T13659]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  827.800742][T13659]  ? __kasan_check_read+0x11/0x20
[  827.805791][T13659]  handle_mm_fault+0x1b5/0x6c0
[  827.810566][T13659]  __get_user_pages+0x7d4/0x1b30
[  827.815514][T13659]  ? mark_held_locks+0xf0/0xf0
[  827.820385][T13659]  ? follow_page_mask+0x1cf0/0x1cf0
[  827.825594][T13659]  ? __mm_populate+0x270/0x380
[  827.830374][T13659]  ? __kasan_check_write+0x14/0x20
[  827.835500][T13659]  ? down_read+0x109/0x430
[  827.839927][T13659]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  827.846189][T13659]  populate_vma_page_range+0x20d/0x2a0
[  827.851671][T13659]  __mm_populate+0x204/0x380
[  827.856281][T13659]  ? populate_vma_page_range+0x2a0/0x2a0
[  827.861927][T13659]  ? __kasan_check_write+0x14/0x20
[  827.867054][T13659]  ? up_write+0x155/0x490
[  827.871395][T13659]  ? ns_capable_common+0x93/0x100
[  827.876453][T13659]  __x64_sys_mlockall+0x473/0x520
[  827.881499][T13659]  do_syscall_64+0xfa/0x760
[  827.886017][T13659]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  827.891905][T13659] RIP: 0033:0x4598e9
[  827.891922][T13659] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  827.891931][T13659] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  827.891945][T13659] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
21:54:25 executing program 4:
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, 0x0}, 0x20)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)
lstat(&(0x7f0000000140)='./file2\x00', &(0x7f00000005c0))
stat(0x0, &(0x7f0000000680))
lstat(&(0x7f0000000700)='./file0\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'n%0\x01\x00', 0x1132})
syz_mount_image$iso9660(&(0x7f00000002c0)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000002bc0)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB="2c646f6e745f686173682c6152e9ef056be8b43bfa5739a92bee707072616973655f747970653d696d617369672c66d7440f42b37c2e376234613600382d256331332d640037662d380036302d30337600353230342c646f6e745f646f6e745f686173682c657569643e000000000000000000a2218c3d87dd116a378eec2995"])
mknod$loop(0x0, 0x0, 0xffffffffffffffff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
syz_mount_image$msdos(&(0x7f0000000240)='msdos\x00', 0x0, 0x6, 0x0, 0x0, 0x4, &(0x7f0000002940)={[{@dots='dots'}, {@nodots='nodots'}]})
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
rename(0x0, 0x0)

[  827.891953][T13659] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  827.891962][T13659] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  827.891970][T13659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  827.891979][T13659] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  827.906417][T13659] memory: usage 307200kB, limit 307200kB, failcnt 270
[  827.973639][T13659] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  828.023686][T13659] Memory cgroup stats for /syz1:
[  828.023801][T13659] anon 302718976
[  828.023801][T13659] file 40960
[  828.023801][T13659] kernel_stack 720896
[  828.023801][T13659] slab 7749632
[  828.023801][T13659] sock 4096
[  828.023801][T13659] shmem 0
[  828.023801][T13659] file_mapped 0
[  828.023801][T13659] file_dirty 0
[  828.023801][T13659] file_writeback 0
[  828.023801][T13659] anon_thp 264241152
[  828.023801][T13659] inactive_anon 221396992
[  828.023801][T13659] active_anon 8998912
[  828.023801][T13659] inactive_file 0
21:54:25 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0xfffffffffffff000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  828.023801][T13659] active_file 0
[  828.023801][T13659] unevictable 72511488
[  828.023801][T13659] slab_reclaimable 2568192
[  828.023801][T13659] slab_unreclaimable 5181440
[  828.023801][T13659] pgfault 36036
[  828.023801][T13659] pgmajfault 0
[  828.023801][T13659] workingset_refault 0
[  828.023801][T13659] workingset_activate 0
[  828.023801][T13659] workingset_nodereclaim 0
[  828.023801][T13659] pgrefill 36
[  828.023801][T13659] pgscan 68
[  828.023801][T13659] pgsteal 0
21:54:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, 0x0, 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  828.172108][T13659] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13646,uid=0
[  828.188842][T13659] Memory cgroup out of memory: Killed process 13646 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:54:25 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:25 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:34 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0)

21:54:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x0, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:34 executing program 4:
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, 0x0, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x200000000000b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b702000003400000bfa300000000000014020000fffeffff7a03f0fff8ffffff79a4f0ff00000000b7060000ffffffffad640500000000006502faff000000002404000001007d60b5030000001000006a0a00fe000000008500000026000000b70000000000004095000000000000001da5ad3548ebb63d18db6a1c72c21c9b767ae5308fbcd5c5e4a5ad1065b572c2c9ff215ac6e0700c2ceaea4c1dc908abb6e7325ec1956bd8660bf36628df4490046261dbb74ea2d1f754c0a15750ab9a78fc00000000247d52d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8eb040c50287c37a7f4182f32333b08c6e497687e30a4daea5cac0ceafdb9a2eeb02a1f5104d16ddba4963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed7afdb00bb1321ea5e82ae5ba2c42a5e2bdfd253d5df768d0cb30a5bb8c13d5b47912e722356893f3205a5f6ef456c0fd38abda032ed720e5dc29c754723a3080e085fb24d6f163185bf6e394609f99c8baa39ada813607a619e2411aeb3d4a4817330302ff67d6f5ef8be3c26a20775730c60df3a48e9c647cf98ded76c7d387537a7ebe706667ea078c8f29a4ce1f86ee833b6c3a17a194bf2ddb5b014c66b3c6f93facd309b5b5faccf76c6cd10f650cb84aadbf6583fbd85d7bee1b6839721a7fd6fb3d4ee82e7a69f3d4964645bef9b34e12a27edd628b7af013f790da50d282f000000000000000ca70de9eafc0c4c2373ebbd8cd330ebf5de1831fad1853ab3610dc1b74209681b4f73cbdccfcbce3a2ba25b4e8fedb6e38f42311ab3581e4e4b13fc4b77add8a596487cf5736ada5457b6cd363a09f2562d3809b989af7db92edaf9de4096ee20a0ea5d93c8b9a3aca793a2907396bf19aee0632e116e0dd52fd776e7707f5b177b3527f1fb9b6222e0578f52305024b22a5b658df8a2a7a3b783dda46e8a720991343d715522e90c8a1b52c153a0e41aacdddb2b066e4e6543f4fcd8f6b96c98f4aa1e1a2b321c9528fcdb7b8d935fb3c482607b895700acbb09000bda28fd33210e7f4808b8e949e1b21bf735d35209c755f6497a69ce9146f171b26dd2519f50ba93d3b1a37d11ed59e600e7d5e7bbf73058ad842eb533d353b85f7cee0ec104db2bb126cf6e067687e1bf9dae8044187027871207b533fcd22e5e88d107b3e0f0998c709aacd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
getdents64(0xffffffffffffffff, 0x0, 0x0)
mlockall(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000011000), 0x3c)

21:54:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:34 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:34 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x0, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  837.080710][T13718] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  837.114562][T13718] CPU: 1 PID: 13718 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  837.123708][T13718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  837.133764][T13718] Call Trace:
[  837.137064][T13718]  dump_stack+0x172/0x1f0
[  837.141406][T13718]  dump_header+0x177/0x1152
[  837.145913][T13718]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  837.151718][T13718]  ? ___ratelimit+0x2c8/0x595
[  837.156396][T13718]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  837.162209][T13718]  ? lockdep_hardirqs_on+0x418/0x5d0
[  837.167501][T13718]  ? trace_hardirqs_on+0x67/0x240
[  837.172536][T13718]  ? pagefault_out_of_memory+0x11c/0x11c
[  837.178173][T13718]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  837.183983][T13718]  ? ___ratelimit+0x60/0x595
[  837.188573][T13718]  ? do_raw_spin_unlock+0x57/0x270
[  837.193694][T13718]  oom_kill_process.cold+0x10/0x15
[  837.198809][T13718]  out_of_memory+0x334/0x1340
[  837.203487][T13718]  ? lock_downgrade+0x920/0x920
[  837.208346][T13718]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  837.214159][T13718]  ? oom_killer_disable+0x280/0x280
[  837.219378][T13718]  mem_cgroup_out_of_memory+0x1d8/0x240
[  837.224929][T13718]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
21:54:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x0, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  837.230573][T13718]  ? do_raw_spin_unlock+0x57/0x270
[  837.235690][T13718]  ? _raw_spin_unlock+0x2d/0x50
[  837.240550][T13718]  try_charge+0xf4b/0x1440
[  837.244982][T13718]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  837.250530][T13718]  ? percpu_ref_tryget_live+0x111/0x290
[  837.256087][T13718]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  837.262332][T13718]  ? __kasan_check_read+0x11/0x20
[  837.267368][T13718]  ? get_mem_cgroup_from_mm+0x156/0x320
[  837.272917][T13718]  mem_cgroup_try_charge+0x136/0x590
[  837.278207][T13718]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  837.284457][T13718]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  837.290096][T13718]  __handle_mm_fault+0x1e34/0x3f20
[  837.295220][T13718]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  837.300787][T13718]  ? __kasan_check_read+0x11/0x20
[  837.305827][T13718]  handle_mm_fault+0x1b5/0x6c0
[  837.310600][T13718]  __get_user_pages+0x7d4/0x1b30
[  837.315540][T13718]  ? mark_held_locks+0xf0/0xf0
[  837.320331][T13718]  ? follow_page_mask+0x1cf0/0x1cf0
[  837.325528][T13718]  ? __mm_populate+0x270/0x380
[  837.330303][T13718]  ? __kasan_check_write+0x14/0x20
[  837.335417][T13718]  ? down_read+0x109/0x430
[  837.339839][T13718]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  837.346087][T13718]  populate_vma_page_range+0x20d/0x2a0
[  837.351556][T13718]  __mm_populate+0x204/0x380
[  837.356153][T13718]  ? populate_vma_page_range+0x2a0/0x2a0
[  837.361790][T13718]  ? __kasan_check_write+0x14/0x20
[  837.366904][T13718]  ? up_write+0x155/0x490
[  837.371235][T13718]  ? ns_capable_common+0x93/0x100
[  837.376277][T13718]  __x64_sys_mlockall+0x473/0x520
[  837.381311][T13718]  do_syscall_64+0xfa/0x760
[  837.385826][T13718]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  837.391717][T13718] RIP: 0033:0x4598e9
[  837.395615][T13718] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  837.415220][T13718] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  837.423643][T13718] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  837.431614][T13718] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  837.439593][T13718] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  837.447570][T13718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  837.455631][T13718] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  837.510058][T13718] memory: usage 307200kB, limit 307200kB, failcnt 314
[  837.516936][T13718] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  837.532879][T13718] Memory cgroup stats for /syz1:
[  837.533000][T13718] anon 302739456
[  837.533000][T13718] file 40960
[  837.533000][T13718] kernel_stack 720896
[  837.533000][T13718] slab 7815168
[  837.533000][T13718] sock 4096
[  837.533000][T13718] shmem 0
21:54:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, 0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  837.533000][T13718] file_mapped 0
[  837.533000][T13718] file_dirty 0
[  837.533000][T13718] file_writeback 0
[  837.533000][T13718] anon_thp 264241152
[  837.533000][T13718] inactive_anon 221331456
[  837.533000][T13718] active_anon 9007104
[  837.533000][T13718] inactive_file 0
[  837.533000][T13718] active_file 0
[  837.533000][T13718] unevictable 72441856
[  837.533000][T13718] slab_reclaimable 2568192
[  837.533000][T13718] slab_unreclaimable 5246976
[  837.533000][T13718] pgfault 37356
[  837.533000][T13718] pgmajfault 0
[  837.533000][T13718] workingset_refault 0
[  837.533000][T13718] workingset_activate 0
[  837.533000][T13718] workingset_nodereclaim 0
[  837.533000][T13718] pgrefill 36
[  837.533000][T13718] pgscan 68
[  837.533000][T13718] pgsteal 0
21:54:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, 0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  837.752939][T13718] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13696,uid=0
[  837.833780][T13718] Memory cgroup out of memory: Killed process 13696 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  837.927939][ T1066] oom_reaper: reaped process 13696 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:54:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21:54:40 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, 0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:40 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:54:40 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1001000008912, &(0x7f0000000300)="11dca50d5e0bcfe47bf070")
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3)
write$binfmt_script(r0, &(0x7f00000009c0)=ANY=[], 0x25f)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac610ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

21:54:40 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:40 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  843.208747][T13762] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  843.258747][T13762] CPU: 1 PID: 13762 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  843.267983][T13762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  843.278040][T13762] Call Trace:
[  843.281339][T13762]  dump_stack+0x172/0x1f0
[  843.285663][T13762]  dump_header+0x177/0x1152
[  843.290153][T13762]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  843.295941][T13762]  ? ___ratelimit+0x2c8/0x595
[  843.300605][T13762]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  843.306398][T13762]  ? lockdep_hardirqs_on+0x418/0x5d0
[  843.311665][T13762]  ? trace_hardirqs_on+0x67/0x240
[  843.316673][T13762]  ? pagefault_out_of_memory+0x11c/0x11c
[  843.322289][T13762]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  843.328084][T13762]  ? ___ratelimit+0x60/0x595
[  843.332657][T13762]  ? do_raw_spin_unlock+0x57/0x270
[  843.337755][T13762]  oom_kill_process.cold+0x10/0x15
[  843.342856][T13762]  out_of_memory+0x334/0x1340
[  843.347515][T13762]  ? lock_downgrade+0x920/0x920
[  843.352350][T13762]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  843.358154][T13762]  ? oom_killer_disable+0x280/0x280
[  843.363342][T13762]  mem_cgroup_out_of_memory+0x1d8/0x240
[  843.368874][T13762]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  843.374492][T13762]  ? do_raw_spin_unlock+0x57/0x270
[  843.379587][T13762]  ? _raw_spin_unlock+0x2d/0x50
[  843.384442][T13762]  try_charge+0xf4b/0x1440
[  843.388859][T13762]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  843.394401][T13762]  ? percpu_ref_tryget_live+0x111/0x290
[  843.399947][T13762]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  843.406184][T13762]  ? __kasan_check_read+0x11/0x20
[  843.411206][T13762]  ? get_mem_cgroup_from_mm+0x156/0x320
[  843.416742][T13762]  mem_cgroup_try_charge+0x136/0x590
[  843.422018][T13762]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  843.428248][T13762]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  843.433868][T13762]  __handle_mm_fault+0x1e34/0x3f20
[  843.438971][T13762]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  843.444527][T13762]  ? __kasan_check_read+0x11/0x20
[  843.449541][T13762]  handle_mm_fault+0x1b5/0x6c0
[  843.454294][T13762]  __get_user_pages+0x7d4/0x1b30
[  843.459216][T13762]  ? mark_held_locks+0xf0/0xf0
[  843.463978][T13762]  ? follow_page_mask+0x1cf0/0x1cf0
[  843.469157][T13762]  ? __mm_populate+0x270/0x380
[  843.473906][T13762]  ? __kasan_check_write+0x14/0x20
[  843.479015][T13762]  ? down_read+0x109/0x430
[  843.483415][T13762]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  843.489640][T13762]  populate_vma_page_range+0x20d/0x2a0
[  843.495096][T13762]  __mm_populate+0x204/0x380
[  843.499669][T13762]  ? populate_vma_page_range+0x2a0/0x2a0
[  843.505295][T13762]  ? __kasan_check_write+0x14/0x20
[  843.510405][T13762]  ? up_write+0x155/0x490
[  843.514720][T13762]  ? ns_capable_common+0x93/0x100
[  843.519734][T13762]  __x64_sys_mlockall+0x473/0x520
[  843.524747][T13762]  do_syscall_64+0xfa/0x760
[  843.529243][T13762]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  843.535117][T13762] RIP: 0033:0x4598e9
[  843.538998][T13762] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:54:40 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  843.558584][T13762] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  843.566976][T13762] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  843.574932][T13762] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  843.582895][T13762] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  843.590849][T13762] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  843.598800][T13762] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  843.641864][T13762] memory: usage 307200kB, limit 307200kB, failcnt 350
[  843.650820][T13762] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  843.665868][T13762] Memory cgroup stats for /syz1:
[  843.665986][T13762] anon 302456832
[  843.665986][T13762] file 40960
[  843.665986][T13762] kernel_stack 655360
[  843.665986][T13762] slab 8048640
[  843.665986][T13762] sock 4096
[  843.665986][T13762] shmem 0
[  843.665986][T13762] file_mapped 0
[  843.665986][T13762] file_dirty 0
[  843.665986][T13762] file_writeback 0
[  843.665986][T13762] anon_thp 264241152
[  843.665986][T13762] inactive_anon 221286400
[  843.665986][T13762] active_anon 8994816
[  843.665986][T13762] inactive_file 0
[  843.665986][T13762] active_file 0
[  843.665986][T13762] unevictable 72171520
[  843.665986][T13762] slab_reclaimable 2568192
[  843.665986][T13762] slab_unreclaimable 5480448
[  843.665986][T13762] pgfault 38610
[  843.665986][T13762] pgmajfault 0
[  843.665986][T13762] workingset_refault 0
[  843.665986][T13762] workingset_activate 0
[  843.665986][T13762] workingset_nodereclaim 0
[  843.665986][T13762] pgrefill 69
[  843.665986][T13762] pgscan 101
[  843.665986][T13762] pgsteal 0
[  843.764712][T13762] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13752,uid=0
21:54:41 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  843.795251][T13762] Memory cgroup out of memory: Killed process 13752 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  843.862168][ T1066] oom_reaper: reaped process 13752 (syz-executor.1), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB
21:54:41 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:41 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000005540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x18, r2, 0x1, 0x0, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0)

21:54:41 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(0x0, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:47 executing program 5:

21:54:47 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:54:47 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:47 executing program 4:

21:54:47 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:47 executing program 4:

21:54:47 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  850.621129][T13811] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  850.653440][T13811] CPU: 0 PID: 13811 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  850.663000][T13811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  850.673067][T13811] Call Trace:
[  850.676382][T13811]  dump_stack+0x172/0x1f0
[  850.680738][T13811]  dump_header+0x177/0x1152
[  850.685261][T13811]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  850.691220][T13811]  ? ___ratelimit+0x2c8/0x595
[  850.696182][T13811]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  850.702242][T13811]  ? lockdep_hardirqs_on+0x418/0x5d0
[  850.708629][T13811]  ? trace_hardirqs_on+0x67/0x240
[  850.713675][T13811]  ? pagefault_out_of_memory+0x11c/0x11c
[  850.719535][T13811]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  850.725892][T13811]  ? ___ratelimit+0x60/0x595
[  850.731606][T13811]  ? do_raw_spin_unlock+0x57/0x270
[  850.736760][T13811]  oom_kill_process.cold+0x10/0x15
[  850.741892][T13811]  out_of_memory+0x334/0x1340
[  850.746599][T13811]  ? lock_downgrade+0x920/0x920
[  850.752779][T13811]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  850.758841][T13811]  ? oom_killer_disable+0x280/0x280
[  850.764469][T13811]  mem_cgroup_out_of_memory+0x1d8/0x240
[  850.770044][T13811]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  850.775706][T13811]  ? do_raw_spin_unlock+0x57/0x270
[  850.781030][T13811]  ? _raw_spin_unlock+0x2d/0x50
[  850.786112][T13811]  try_charge+0xf4b/0x1440
[  850.790575][T13811]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  850.796162][T13811]  ? percpu_ref_tryget_live+0x111/0x290
[  850.801843][T13811]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  850.808234][T13811]  ? __kasan_check_read+0x11/0x20
[  850.813413][T13811]  ? get_mem_cgroup_from_mm+0x156/0x320
21:54:47 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:48 executing program 4:

[  850.818987][T13811]  mem_cgroup_try_charge+0x136/0x590
[  850.824290][T13811]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  850.830673][T13811]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  850.836323][T13811]  __handle_mm_fault+0x1e34/0x3f20
[  850.841447][T13811]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  850.847011][T13811]  ? __kasan_check_read+0x11/0x20
[  850.852046][T13811]  handle_mm_fault+0x1b5/0x6c0
[  850.856814][T13811]  __get_user_pages+0x7d4/0x1b30
[  850.861742][T13811]  ? mark_held_locks+0xf0/0xf0
[  850.866519][T13811]  ? follow_page_mask+0x1cf0/0x1cf0
[  850.871716][T13811]  ? __mm_populate+0x270/0x380
[  850.876495][T13811]  ? __kasan_check_write+0x14/0x20
[  850.881613][T13811]  ? down_read+0x109/0x430
[  850.886036][T13811]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  850.892290][T13811]  populate_vma_page_range+0x20d/0x2a0
[  850.897761][T13811]  __mm_populate+0x204/0x380
[  850.902364][T13811]  ? populate_vma_page_range+0x2a0/0x2a0
[  850.908009][T13811]  ? __kasan_check_write+0x14/0x20
[  850.913215][T13811]  ? up_write+0x155/0x490
[  850.917557][T13811]  ? ns_capable_common+0x93/0x100
[  850.922592][T13811]  __x64_sys_mlockall+0x473/0x520
[  850.927634][T13811]  do_syscall_64+0xfa/0x760
[  850.932151][T13811]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  850.938041][T13811] RIP: 0033:0x4598e9
[  850.938058][T13811] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  850.938066][T13811] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
21:54:48 executing program 4:

[  850.938080][T13811] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  850.938089][T13811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  850.938097][T13811] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  850.938106][T13811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  850.938115][T13811] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  850.966990][T13811] memory: usage 307200kB, limit 307200kB, failcnt 382
[  850.996149][T13811] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  851.028759][T13811] Memory cgroup stats for /syz1:
[  851.028871][T13811] anon 302301184
[  851.028871][T13811] file 40960
[  851.028871][T13811] kernel_stack 655360
[  851.028871][T13811] slab 8183808
[  851.028871][T13811] sock 4096
[  851.028871][T13811] shmem 0
[  851.028871][T13811] file_mapped 0
[  851.028871][T13811] file_dirty 0
[  851.028871][T13811] file_writeback 0
[  851.028871][T13811] anon_thp 264241152
[  851.028871][T13811] inactive_anon 221298688
[  851.028871][T13811] active_anon 8986624
[  851.028871][T13811] inactive_file 0
[  851.028871][T13811] active_file 0
[  851.028871][T13811] unevictable 72036352
[  851.028871][T13811] slab_reclaimable 2568192
[  851.028871][T13811] slab_unreclaimable 5615616
[  851.028871][T13811] pgfault 39930
[  851.028871][T13811] pgmajfault 0
[  851.028871][T13811] workingset_refault 0
[  851.028871][T13811] workingset_activate 0
[  851.028871][T13811] workingset_nodereclaim 0
[  851.028871][T13811] pgrefill 69
[  851.028871][T13811] pgscan 101
[  851.028871][T13811] pgsteal 0
21:54:48 executing program 4:

[  851.124398][T13811] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13799,uid=0
[  851.179913][T13811] Memory cgroup out of memory: Killed process 13799 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  851.229278][ T1066] oom_reaper: reaped process 13799 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:54:53 executing program 5:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x10, 0x0, @in={0x2, 0x0, @empty}}}, 0xa0)

21:54:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:53 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(0x0, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:54:53 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000ff8), 0x8, 0x0)
read(r1, &(0x7f0000000080)=""/128, 0x88308aa)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000ff8), 0x8, 0x0)
read(r2, &(0x7f0000000080)=""/128, 0x88308aa)
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x5dec12a76c9854f7)
syz_open_dev$usbmon(0x0, 0x0, 0x0)

21:54:53 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:54:53 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  856.857216][T13843] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  856.890938][T13843] CPU: 1 PID: 13843 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  856.900719][T13843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  856.910775][T13843] Call Trace:
[  856.914072][T13843]  dump_stack+0x172/0x1f0
[  856.918417][T13843]  dump_header+0x177/0x1152
[  856.922925][T13843]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  856.928729][T13843]  ? ___ratelimit+0x2c8/0x595
[  856.933563][T13843]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  856.939381][T13843]  ? lockdep_hardirqs_on+0x418/0x5d0
[  856.944677][T13843]  ? trace_hardirqs_on+0x67/0x240
[  856.949710][T13843]  ? pagefault_out_of_memory+0x11c/0x11c
[  856.955532][T13843]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  856.961349][T13843]  ? ___ratelimit+0x60/0x595
[  856.965943][T13843]  ? do_raw_spin_unlock+0x57/0x270
[  856.971069][T13843]  oom_kill_process.cold+0x10/0x15
[  856.976190][T13843]  out_of_memory+0x334/0x1340
[  856.980882][T13843]  ? lock_downgrade+0x920/0x920
[  856.985746][T13843]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  856.991570][T13843]  ? oom_killer_disable+0x280/0x280
[  856.996804][T13843]  mem_cgroup_out_of_memory+0x1d8/0x240
[  857.002366][T13843]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  857.008016][T13843]  ? do_raw_spin_unlock+0x57/0x270
[  857.013139][T13843]  ? _raw_spin_unlock+0x2d/0x50
[  857.017997][T13843]  try_charge+0xf4b/0x1440
[  857.022515][T13843]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  857.028057][T13843]  ? percpu_ref_tryget_live+0x111/0x290
[  857.028079][T13843]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  857.028097][T13843]  ? __kasan_check_read+0x11/0x20
[  857.028118][T13843]  ? get_mem_cgroup_from_mm+0x156/0x320
[  857.039888][T13843]  mem_cgroup_try_charge+0x136/0x590
[  857.039907][T13843]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  857.039926][T13843]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  857.039947][T13843]  __handle_mm_fault+0x1e34/0x3f20
[  857.039969][T13843]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  857.039994][T13843]  ? __kasan_check_read+0x11/0x20
[  857.083932][T13843]  handle_mm_fault+0x1b5/0x6c0
[  857.088707][T13843]  __get_user_pages+0x7d4/0x1b30
[  857.093732][T13843]  ? mark_held_locks+0xf0/0xf0
[  857.093761][T13843]  ? follow_page_mask+0x1cf0/0x1cf0
[  857.093774][T13843]  ? __mm_populate+0x270/0x380
[  857.093805][T13843]  ? __kasan_check_write+0x14/0x20
[  857.093825][T13843]  ? down_read+0x109/0x430
[  857.093846][T13843]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  857.103785][T13843]  populate_vma_page_range+0x20d/0x2a0
[  857.103807][T13843]  __mm_populate+0x204/0x380
[  857.103832][T13843]  ? populate_vma_page_range+0x2a0/0x2a0
[  857.103848][T13843]  ? __kasan_check_write+0x14/0x20
[  857.103866][T13843]  ? up_write+0x155/0x490
[  857.149409][T13843]  ? ns_capable_common+0x93/0x100
[  857.154534][T13843]  __x64_sys_mlockall+0x473/0x520
[  857.159568][T13843]  do_syscall_64+0xfa/0x760
[  857.164077][T13843]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  857.169982][T13843] RIP: 0033:0x4598e9
[  857.173884][T13843] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  857.193489][T13843] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
21:54:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:54 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  857.202451][T13843] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  857.210429][T13843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  857.218407][T13843] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  857.226388][T13843] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  857.234368][T13843] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  857.244584][T13843] memory: usage 307200kB, limit 307200kB, failcnt 417
[  857.251372][T13843] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  857.258869][T13843] Memory cgroup stats for /syz1:
[  857.258983][T13843] anon 302018560
[  857.258983][T13843] file 40960
[  857.258983][T13843] kernel_stack 655360
[  857.258983][T13843] slab 8519680
[  857.258983][T13843] sock 4096
[  857.258983][T13843] shmem 0
[  857.258983][T13843] file_mapped 0
[  857.258983][T13843] file_dirty 0
[  857.258983][T13843] file_writeback 0
[  857.258983][T13843] anon_thp 264241152
[  857.258983][T13843] inactive_anon 221433856
[  857.258983][T13843] active_anon 8982528
[  857.258983][T13843] inactive_file 0
21:54:54 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x0, 0x0)

[  857.258983][T13843] active_file 0
[  857.258983][T13843] unevictable 71766016
[  857.258983][T13843] slab_reclaimable 2568192
[  857.258983][T13843] slab_unreclaimable 5951488
[  857.258983][T13843] pgfault 41217
[  857.258983][T13843] pgmajfault 0
[  857.258983][T13843] workingset_refault 0
[  857.258983][T13843] workingset_activate 0
[  857.258983][T13843] workingset_nodereclaim 0
[  857.258983][T13843] pgrefill 69
[  857.258983][T13843] pgscan 101
[  857.258983][T13843] pgsteal 0
[  857.353200][T13843] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13832,uid=0
[  857.373391][T13843] Memory cgroup out of memory: Killed process 13832 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:54:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  857.421192][ T1066] oom_reaper: reaped process 13832 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:54:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:54:54 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x0, 0x0)

21:55:00 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:00 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000040)={0x7b, 0x5, [0x0, 0x0, 0x4b564d04], [0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]})

21:55:00 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x0, 0x0)

21:55:00 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:00 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:00 executing program 5:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="100000400300"/16, 0x10}])

21:55:00 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:00 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x0, &(0x7f0000000440))

21:55:00 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x1e}})

[  863.238503][T13893] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  863.297005][T13893] CPU: 1 PID: 13893 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  863.306155][T13893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  863.316213][T13893] Call Trace:
[  863.319514][T13893]  dump_stack+0x172/0x1f0
[  863.323862][T13893]  dump_header+0x177/0x1152
[  863.328371][T13893]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  863.334171][T13893]  ? ___ratelimit+0x2c8/0x595
[  863.338865][T13893]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  863.344683][T13893]  ? lockdep_hardirqs_on+0x418/0x5d0
[  863.349985][T13893]  ? trace_hardirqs_on+0x67/0x240
[  863.355023][T13893]  ? pagefault_out_of_memory+0x11c/0x11c
[  863.360670][T13893]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  863.366472][T13893]  ? ___ratelimit+0x60/0x595
[  863.371057][T13893]  ? do_raw_spin_unlock+0x57/0x270
[  863.376175][T13893]  oom_kill_process.cold+0x10/0x15
[  863.381293][T13893]  out_of_memory+0x334/0x1340
[  863.385968][T13893]  ? lock_downgrade+0x920/0x920
[  863.390825][T13893]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  863.396642][T13893]  ? oom_killer_disable+0x280/0x280
[  863.401937][T13893]  mem_cgroup_out_of_memory+0x1d8/0x240
[  863.407486][T13893]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  863.413119][T13893]  ? do_raw_spin_unlock+0x57/0x270
[  863.418233][T13893]  ? _raw_spin_unlock+0x2d/0x50
[  863.423092][T13893]  try_charge+0xf4b/0x1440
[  863.427521][T13893]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  863.433065][T13893]  ? percpu_ref_tryget_live+0x111/0x290
[  863.438617][T13893]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  863.444862][T13893]  ? __kasan_check_read+0x11/0x20
[  863.449903][T13893]  ? get_mem_cgroup_from_mm+0x156/0x320
[  863.455450][T13893]  mem_cgroup_try_charge+0x136/0x590
[  863.460750][T13893]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  863.467003][T13893]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  863.472642][T13893]  __handle_mm_fault+0x1e34/0x3f20
[  863.477764][T13893]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  863.483328][T13893]  ? __kasan_check_read+0x11/0x20
[  863.488357][T13893]  handle_mm_fault+0x1b5/0x6c0
[  863.493124][T13893]  __get_user_pages+0x7d4/0x1b30
[  863.498061][T13893]  ? mark_held_locks+0xf0/0xf0
[  863.502842][T13893]  ? follow_page_mask+0x1cf0/0x1cf0
[  863.508037][T13893]  ? __mm_populate+0x270/0x380
[  863.512814][T13893]  ? __kasan_check_write+0x14/0x20
[  863.517928][T13893]  ? down_read+0x109/0x430
[  863.522347][T13893]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  863.528599][T13893]  populate_vma_page_range+0x20d/0x2a0
[  863.534070][T13893]  __mm_populate+0x204/0x380
[  863.538666][T13893]  ? populate_vma_page_range+0x2a0/0x2a0
[  863.544300][T13893]  ? __kasan_check_write+0x14/0x20
[  863.549408][T13893]  ? up_write+0x155/0x490
[  863.553741][T13893]  ? ns_capable_common+0x93/0x100
[  863.558787][T13893]  __x64_sys_mlockall+0x473/0x520
[  863.563825][T13893]  do_syscall_64+0xfa/0x760
[  863.568337][T13893]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  863.574225][T13893] RIP: 0033:0x4598e9
[  863.578119][T13893] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  863.597733][T13893] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  863.606159][T13893] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  863.614135][T13893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  863.622113][T13893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  863.630091][T13893] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  863.638073][T13893] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  863.669418][T13893] memory: usage 307200kB, limit 307200kB, failcnt 453
[  863.683202][T13893] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  863.736040][T13893] Memory cgroup stats for /syz1:
[  863.736142][T13893] anon 301359104
[  863.736142][T13893] file 40960
[  863.736142][T13893] kernel_stack 720896
[  863.736142][T13893] slab 8949760
[  863.736142][T13893] sock 4096
[  863.736142][T13893] shmem 0
[  863.736142][T13893] file_mapped 0
[  863.736142][T13893] file_dirty 0
[  863.736142][T13893] file_writeback 0
[  863.736142][T13893] anon_thp 264241152
[  863.736142][T13893] inactive_anon 221306880
[  863.736142][T13893] active_anon 8978432
[  863.736142][T13893] inactive_file 0
21:55:01 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x0, &(0x7f0000000440))

21:55:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  863.736142][T13893] active_file 0
[  863.736142][T13893] unevictable 71155712
[  863.736142][T13893] slab_reclaimable 2568192
[  863.736142][T13893] slab_unreclaimable 6381568
[  863.736142][T13893] pgfault 42438
[  863.736142][T13893] pgmajfault 0
[  863.736142][T13893] workingset_refault 0
[  863.736142][T13893] workingset_activate 0
[  863.736142][T13893] workingset_nodereclaim 0
[  863.736142][T13893] pgrefill 69
[  863.736142][T13893] pgscan 101
[  863.736142][T13893] pgsteal 0
21:55:01 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  863.982074][T13893] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13871,uid=0
[  864.026384][T13893] Memory cgroup out of memory: Killed process 13871 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:55:01 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:01 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x0, &(0x7f0000000440))

21:55:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:01 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:01 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:06 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:06 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[0x0])

21:55:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:06 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:06 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:06 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:06 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[0x0])

[  869.575059][T13949] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  869.593674][T13949] CPU: 0 PID: 13949 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  869.602813][T13949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  869.612871][T13949] Call Trace:
[  869.616168][T13949]  dump_stack+0x172/0x1f0
[  869.620511][T13949]  dump_header+0x177/0x1152
[  869.625022][T13949]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  869.630829][T13949]  ? ___ratelimit+0x2c8/0x595
[  869.635513][T13949]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  869.643351][T13949]  ? lockdep_hardirqs_on+0x418/0x5d0
[  869.648910][T13949]  ? trace_hardirqs_on+0x67/0x240
[  869.655280][T13949]  ? pagefault_out_of_memory+0x11c/0x11c
[  869.661715][T13949]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  869.667627][T13949]  ? ___ratelimit+0x60/0x595
[  869.672304][T13949]  ? do_raw_spin_unlock+0x57/0x270
[  869.677425][T13949]  oom_kill_process.cold+0x10/0x15
[  869.682553][T13949]  out_of_memory+0x334/0x1340
[  869.687405][T13949]  ? lock_downgrade+0x920/0x920
[  869.692291][T13949]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  869.698201][T13949]  ? oom_killer_disable+0x280/0x280
[  869.705206][T13949]  mem_cgroup_out_of_memory+0x1d8/0x240
[  869.711287][T13949]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  869.717048][T13949]  ? do_raw_spin_unlock+0x57/0x270
[  869.722461][T13949]  ? _raw_spin_unlock+0x2d/0x50
[  869.728018][T13949]  try_charge+0xf4b/0x1440
[  869.732585][T13949]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  869.738135][T13949]  ? percpu_ref_tryget_live+0x111/0x290
[  869.744222][T13949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  869.751024][T13949]  ? __kasan_check_read+0x11/0x20
[  869.756287][T13949]  ? get_mem_cgroup_from_mm+0x156/0x320
[  869.762026][T13949]  mem_cgroup_try_charge+0x136/0x590
[  869.767564][T13949]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
21:55:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  869.775388][T13949]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  869.781468][T13949]  __handle_mm_fault+0x1e34/0x3f20
[  869.786598][T13949]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  869.792164][T13949]  ? __kasan_check_read+0x11/0x20
[  869.797211][T13949]  handle_mm_fault+0x1b5/0x6c0
[  869.802013][T13949]  __get_user_pages+0x7d4/0x1b30
[  869.807685][T13949]  ? mark_held_locks+0xf0/0xf0
[  869.812672][T13949]  ? follow_page_mask+0x1cf0/0x1cf0
[  869.820627][T13949]  ? __mm_populate+0x270/0x380
[  869.826300][T13949]  ? __kasan_check_write+0x14/0x20
[  869.831801][T13949]  ? down_read+0x109/0x430
[  869.836242][T13949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  869.842496][T13949]  populate_vma_page_range+0x20d/0x2a0
[  869.848453][T13949]  __mm_populate+0x204/0x380
[  869.853844][T13949]  ? populate_vma_page_range+0x2a0/0x2a0
[  869.859667][T13949]  ? __kasan_check_write+0x14/0x20
[  869.864805][T13949]  ? up_write+0x155/0x490
[  869.869239][T13949]  ? ns_capable_common+0x93/0x100
[  869.876508][T13949]  __x64_sys_mlockall+0x473/0x520
[  869.882525][T13949]  do_syscall_64+0xfa/0x760
[  869.887151][T13949]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  869.893876][T13949] RIP: 0033:0x4598e9
[  869.898459][T13949] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:55:07 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  869.919356][T13949] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  869.928530][T13949] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  869.939045][T13949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  869.947393][T13949] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  869.955596][T13949] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  869.963700][T13949] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:55:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  870.002600][T13949] memory: usage 307200kB, limit 307200kB, failcnt 478
[  870.009726][T13949] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  870.016788][T13949] Memory cgroup stats for /syz1:
[  870.016890][T13949] anon 301481984
[  870.016890][T13949] file 40960
[  870.016890][T13949] kernel_stack 655360
[  870.016890][T13949] slab 8949760
[  870.016890][T13949] sock 4096
[  870.016890][T13949] shmem 0
[  870.016890][T13949] file_mapped 0
[  870.016890][T13949] file_dirty 0
[  870.016890][T13949] file_writeback 0
[  870.016890][T13949] anon_thp 264241152
[  870.016890][T13949] inactive_anon 221306880
[  870.016890][T13949] active_anon 8978432
[  870.016890][T13949] inactive_file 0
[  870.016890][T13949] active_file 0
[  870.016890][T13949] unevictable 71225344
[  870.016890][T13949] slab_reclaimable 2568192
[  870.016890][T13949] slab_unreclaimable 6381568
[  870.016890][T13949] pgfault 43758
[  870.016890][T13949] pgmajfault 0
[  870.016890][T13949] workingset_refault 0
[  870.016890][T13949] workingset_activate 0
[  870.016890][T13949] workingset_nodereclaim 0
[  870.016890][T13949] pgrefill 69
[  870.016890][T13949] pgscan 101
[  870.016890][T13949] pgsteal 0
[  870.021951][T13949] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13930,uid=0
21:55:07 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[0x0])

[  870.160491][T13949] Memory cgroup out of memory: Killed process 13930 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:55:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:15 executing program 5:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:55:15 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:15 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:15 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  877.841811][T13991] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  877.852543][T13991] CPU: 0 PID: 13991 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  877.861730][T13991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  877.871791][T13991] Call Trace:
[  877.875097][T13991]  dump_stack+0x172/0x1f0
[  877.879438][T13991]  dump_header+0x177/0x1152
[  877.883942][T13991]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  877.889852][T13991]  ? ___ratelimit+0x2c8/0x595
[  877.894537][T13991]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  877.900352][T13991]  ? lockdep_hardirqs_on+0x418/0x5d0
[  877.905647][T13991]  ? trace_hardirqs_on+0x67/0x240
[  877.910698][T13991]  ? pagefault_out_of_memory+0x11c/0x11c
[  877.916334][T13991]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  877.922148][T13991]  ? ___ratelimit+0x60/0x595
[  877.926885][T13991]  ? do_raw_spin_unlock+0x57/0x270
[  877.932009][T13991]  oom_kill_process.cold+0x10/0x15
[  877.937133][T13991]  out_of_memory+0x334/0x1340
[  877.941810][T13991]  ? lock_downgrade+0x920/0x920
[  877.948580][T13991]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  877.954389][T13991]  ? oom_killer_disable+0x280/0x280
[  877.959595][T13991]  mem_cgroup_out_of_memory+0x1d8/0x240
[  877.965145][T13991]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  877.970783][T13991]  ? do_raw_spin_unlock+0x57/0x270
[  877.975906][T13991]  ? _raw_spin_unlock+0x2d/0x50
[  877.980769][T13991]  try_charge+0xf4b/0x1440
[  877.985201][T13991]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  877.990745][T13991]  ? percpu_ref_tryget_live+0x111/0x290
[  877.996291][T13991]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  878.002528][T13991]  ? __kasan_check_read+0x11/0x20
[  878.007574][T13991]  ? get_mem_cgroup_from_mm+0x156/0x320
[  878.013130][T13991]  mem_cgroup_try_charge+0x136/0x590
[  878.018422][T13991]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  878.024673][T13991]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  878.030320][T13991]  __handle_mm_fault+0x1e34/0x3f20
[  878.035447][T13991]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  878.041021][T13991]  ? __kasan_check_read+0x11/0x20
[  878.046234][T13991]  handle_mm_fault+0x1b5/0x6c0
[  878.051020][T13991]  __get_user_pages+0x7d4/0x1b30
[  878.055986][T13991]  ? mark_held_locks+0xf0/0xf0
[  878.060764][T13991]  ? follow_page_mask+0x1cf0/0x1cf0
[  878.065962][T13991]  ? __mm_populate+0x270/0x380
[  878.065986][T13991]  ? __kasan_check_write+0x14/0x20
[  878.066002][T13991]  ? down_read+0x109/0x430
[  878.066027][T13991]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  878.075910][T13991]  populate_vma_page_range+0x20d/0x2a0
[  878.075930][T13991]  __mm_populate+0x204/0x380
[  878.075947][T13991]  ? populate_vma_page_range+0x2a0/0x2a0
[  878.075963][T13991]  ? __kasan_check_write+0x14/0x20
[  878.075978][T13991]  ? up_write+0x155/0x490
[  878.075991][T13991]  ? ns_capable_common+0x93/0x100
[  878.076016][T13991]  __x64_sys_mlockall+0x473/0x520
[  878.122205][T13991]  do_syscall_64+0xfa/0x760
[  878.126811][T13991]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  878.132697][T13991] RIP: 0033:0x4598e9
[  878.132713][T13991] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  878.132725][T13991] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  878.156280][T13991] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  878.156287][T13991] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  878.156293][T13991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  878.156300][T13991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  878.156308][T13991] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  878.201011][T13991] memory: usage 307200kB, limit 307200kB, failcnt 502
[  878.212188][T13991] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  878.226838][T13991] Memory cgroup stats for /syz1:
[  878.226968][T13991] anon 301027328
[  878.226968][T13991] file 40960
[  878.226968][T13991] kernel_stack 720896
[  878.226968][T13991] slab 9072640
[  878.226968][T13991] sock 4096
[  878.226968][T13991] shmem 0
[  878.226968][T13991] file_mapped 0
[  878.226968][T13991] file_dirty 0
[  878.226968][T13991] file_writeback 0
[  878.226968][T13991] anon_thp 264241152
[  878.226968][T13991] inactive_anon 221306880
[  878.226968][T13991] active_anon 8929280
[  878.226968][T13991] inactive_file 0
[  878.226968][T13991] active_file 0
[  878.226968][T13991] unevictable 70778880
[  878.226968][T13991] slab_reclaimable 2433024
[  878.226968][T13991] slab_unreclaimable 6639616
21:55:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  878.226968][T13991] pgfault 45012
[  878.226968][T13991] pgmajfault 0
[  878.226968][T13991] workingset_refault 0
[  878.226968][T13991] workingset_activate 0
[  878.226968][T13991] workingset_nodereclaim 0
[  878.226968][T13991] pgrefill 102
[  878.226968][T13991] pgscan 101
[  878.226968][T13991] pgsteal 0
[  878.325773][T13991] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13977,uid=0
21:55:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  878.354791][T13991] Memory cgroup out of memory: Killed process 13977 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:55:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:55:15 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:55:15 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:16 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:26 executing program 5:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:55:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:26 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:26 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:55:26 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:55:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

21:55:27 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:27 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}])

21:55:33 executing program 5:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:33 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:55:33 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:33 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}])

21:55:33 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:33 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}])

21:55:33 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:33 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:34 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)}])

21:55:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:34 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  897.223346][T14103] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  897.236843][T14103] CPU: 1 PID: 14103 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  897.248519][T14103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  897.258671][T14103] Call Trace:
[  897.261968][T14103]  dump_stack+0x172/0x1f0
[  897.266312][T14103]  dump_header+0x177/0x1152
[  897.270835][T14103]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  897.276676][T14103]  ? ___ratelimit+0x2c8/0x595
[  897.281359][T14103]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  897.287185][T14103]  ? lockdep_hardirqs_on+0x418/0x5d0
[  897.292484][T14103]  ? trace_hardirqs_on+0x67/0x240
[  897.297507][T14103]  ? pagefault_out_of_memory+0x11c/0x11c
[  897.303147][T14103]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  897.309271][T14103]  ? ___ratelimit+0x60/0x595
[  897.313852][T14103]  ? do_raw_spin_unlock+0x57/0x270
[  897.318951][T14103]  oom_kill_process.cold+0x10/0x15
[  897.324176][T14103]  out_of_memory+0x334/0x1340
[  897.328853][T14103]  ? lock_downgrade+0x920/0x920
[  897.333691][T14103]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  897.339605][T14103]  ? oom_killer_disable+0x280/0x280
[  897.344797][T14103]  mem_cgroup_out_of_memory+0x1d8/0x240
[  897.350332][T14103]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  897.355960][T14103]  ? do_raw_spin_unlock+0x57/0x270
[  897.361061][T14103]  ? _raw_spin_unlock+0x2d/0x50
[  897.365986][T14103]  try_charge+0xf4b/0x1440
[  897.370386][T14103]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  897.375909][T14103]  ? percpu_ref_tryget_live+0x111/0x290
[  897.381447][T14103]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  897.387676][T14103]  ? __kasan_check_read+0x11/0x20
[  897.392739][T14103]  ? get_mem_cgroup_from_mm+0x156/0x320
[  897.398271][T14103]  mem_cgroup_try_charge+0x136/0x590
[  897.403546][T14103]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  897.409769][T14103]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  897.415391][T14103]  __handle_mm_fault+0x1e34/0x3f20
[  897.420504][T14103]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  897.426035][T14103]  ? __kasan_check_read+0x11/0x20
[  897.431043][T14103]  handle_mm_fault+0x1b5/0x6c0
[  897.435789][T14103]  __get_user_pages+0x7d4/0x1b30
[  897.440711][T14103]  ? mark_held_locks+0xf0/0xf0
[  897.445473][T14103]  ? follow_page_mask+0x1cf0/0x1cf0
[  897.450649][T14103]  ? __mm_populate+0x270/0x380
[  897.455405][T14103]  ? __kasan_check_write+0x14/0x20
[  897.460495][T14103]  ? down_read+0x109/0x430
[  897.464891][T14103]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  897.471734][T14103]  populate_vma_page_range+0x20d/0x2a0
[  897.477183][T14103]  __mm_populate+0x204/0x380
[  897.481766][T14103]  ? populate_vma_page_range+0x2a0/0x2a0
[  897.487681][T14103]  ? __kasan_check_write+0x14/0x20
[  897.494119][T14103]  ? up_write+0x155/0x490
[  897.499054][T14103]  ? ns_capable_common+0x93/0x100
[  897.504068][T14103]  __x64_sys_mlockall+0x473/0x520
[  897.509165][T14103]  do_syscall_64+0xfa/0x760
[  897.513769][T14103]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  897.519917][T14103] RIP: 0033:0x4598e9
[  897.523796][T14103] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  897.543380][T14103] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  897.551778][T14103] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  897.559728][T14103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  897.567678][T14103] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  897.575634][T14103] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  897.583584][T14103] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  897.593314][T14103] memory: usage 307200kB, limit 307200kB, failcnt 48
[  897.600090][T14103] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  897.607134][T14103] Memory cgroup stats for /syz2:
[  897.607253][T14103] anon 299016192
[  897.607253][T14103] file 0
[  897.607253][T14103] kernel_stack 524288
[  897.607253][T14103] slab 12296192
[  897.607253][T14103] sock 0
[  897.607253][T14103] shmem 0
[  897.607253][T14103] file_mapped 0
[  897.607253][T14103] file_dirty 0
[  897.607253][T14103] file_writeback 0
[  897.607253][T14103] anon_thp 268435456
[  897.607253][T14103] inactive_anon 248422400
[  897.607253][T14103] active_anon 2453504
[  897.607253][T14103] inactive_file 0
[  897.607253][T14103] active_file 0
[  897.607253][T14103] unevictable 48128000
[  897.607253][T14103] slab_reclaimable 3379200
[  897.607253][T14103] slab_unreclaimable 8916992
[  897.607253][T14103] pgfault 28545
[  897.607253][T14103] pgmajfault 0
[  897.607253][T14103] workingset_refault 0
[  897.607253][T14103] workingset_activate 0
[  897.607253][T14103] workingset_nodereclaim 0
[  897.607253][T14103] pgrefill 34
[  897.607253][T14103] pgscan 33
[  897.607253][T14103] pgsteal 0
[  897.607253][T14103] pgactivate 33
[  897.703527][T14103] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14102,uid=0
[  897.719849][T14103] Memory cgroup out of memory: Killed process 14102 (syz-executor.2) total-vm:72576kB, anon-rss:16076kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[  897.738084][ T1066] oom_reaper: reaped process 14102 (syz-executor.2), now anon-rss:16372kB, file-rss:37956kB, shmem-rss:0kB
21:55:42 executing program 5:
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000004000000010000001400010008000b0073697000080002"], 0x3}}, 0x0)
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x38)
ptrace$cont(0x18, r1, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x10d})
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r1, 0x0, 0x0)

21:55:42 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:42 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)}])

21:55:42 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:55:42 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:42 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:43 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:43 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)}])

21:55:43 executing program 1:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  905.983682][T14119] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  906.011530][T14119] CPU: 0 PID: 14119 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  906.020722][T14119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  906.030789][T14119] Call Trace:
[  906.034092][T14119]  dump_stack+0x172/0x1f0
[  906.038427][T14119]  dump_header+0x177/0x1152
[  906.042944][T14119]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  906.048773][T14119]  ? ___ratelimit+0x2c8/0x595
[  906.053469][T14119]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  906.059280][T14119]  ? lockdep_hardirqs_on+0x418/0x5d0
[  906.064574][T14119]  ? trace_hardirqs_on+0x67/0x240
[  906.069603][T14119]  ? pagefault_out_of_memory+0x11c/0x11c
[  906.075242][T14119]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  906.081047][T14119]  ? ___ratelimit+0x60/0x595
[  906.085633][T14119]  ? do_raw_spin_unlock+0x57/0x270
[  906.090768][T14119]  oom_kill_process.cold+0x10/0x15
[  906.096019][T14119]  out_of_memory+0x334/0x1340
[  906.100792][T14119]  ? lock_downgrade+0x920/0x920
[  906.105652][T14119]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  906.111469][T14119]  ? oom_killer_disable+0x280/0x280
[  906.116686][T14119]  mem_cgroup_out_of_memory+0x1d8/0x240
[  906.122281][T14119]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  906.127926][T14119]  ? do_raw_spin_unlock+0x57/0x270
[  906.133049][T14119]  ? _raw_spin_unlock+0x2d/0x50
[  906.137906][T14119]  try_charge+0xf4b/0x1440
[  906.142343][T14119]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  906.147903][T14119]  ? percpu_ref_tryget_live+0x111/0x290
[  906.153471][T14119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  906.159719][T14119]  ? __kasan_check_read+0x11/0x20
[  906.164759][T14119]  ? get_mem_cgroup_from_mm+0x156/0x320
[  906.170313][T14119]  mem_cgroup_try_charge+0x136/0x590
[  906.175598][T14119]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  906.175620][T14119]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  906.175639][T14119]  __handle_mm_fault+0x1e34/0x3f20
[  906.175659][T14119]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  906.175688][T14119]  ? __kasan_check_read+0x11/0x20
[  906.175708][T14119]  handle_mm_fault+0x1b5/0x6c0
[  906.175727][T14119]  __get_user_pages+0x7d4/0x1b30
[  906.175742][T14119]  ? mark_held_locks+0xf0/0xf0
[  906.175765][T14119]  ? follow_page_mask+0x1cf0/0x1cf0
[  906.175777][T14119]  ? __mm_populate+0x270/0x380
[  906.175816][T14119]  ? __kasan_check_write+0x14/0x20
[  906.192775][T14119]  ? down_read+0x109/0x430
[  906.192799][T14119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  906.192821][T14119]  populate_vma_page_range+0x20d/0x2a0
[  906.192842][T14119]  __mm_populate+0x204/0x380
[  906.243440][T14119]  ? populate_vma_page_range+0x2a0/0x2a0
[  906.259069][T14119]  ? __kasan_check_write+0x14/0x20
[  906.264199][T14119]  ? up_write+0x155/0x490
[  906.268535][T14119]  ? ns_capable_common+0x93/0x100
[  906.273565][T14119]  __x64_sys_mlockall+0x473/0x520
[  906.273583][T14119]  do_syscall_64+0xfa/0x760
[  906.273606][T14119]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  906.273617][T14119] RIP: 0033:0x4598e9
[  906.273632][T14119] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  906.273640][T14119] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  906.273656][T14119] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  906.329128][T14119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  906.337109][T14119] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  906.345090][T14119] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  906.353068][T14119] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  906.364301][T14119] memory: usage 307200kB, limit 307200kB, failcnt 88
[  906.371221][T14119] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  906.378718][T14119] Memory cgroup stats for /syz2:
[  906.378839][T14119] anon 300093440
[  906.378839][T14119] file 0
[  906.378839][T14119] kernel_stack 589824
[  906.378839][T14119] slab 11038720
[  906.378839][T14119] sock 0
[  906.378839][T14119] shmem 0
[  906.378839][T14119] file_mapped 0
[  906.378839][T14119] file_dirty 0
[  906.378839][T14119] file_writeback 0
[  906.378839][T14119] anon_thp 268435456
[  906.378839][T14119] inactive_anon 248487936
[  906.378839][T14119] active_anon 2445312
[  906.378839][T14119] inactive_file 0
[  906.378839][T14119] active_file 0
[  906.378839][T14119] unevictable 49213440
21:55:43 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  906.378839][T14119] slab_reclaimable 3244032
[  906.378839][T14119] slab_unreclaimable 7794688
[  906.378839][T14119] pgfault 29403
[  906.378839][T14119] pgmajfault 0
[  906.378839][T14119] workingset_refault 0
[  906.378839][T14119] workingset_activate 0
[  906.378839][T14119] workingset_nodereclaim 0
[  906.378839][T14119] pgrefill 67
[  906.378839][T14119] pgscan 66
[  906.378839][T14119] pgsteal 0
[  906.378839][T14119] pgactivate 33
[  906.475426][T14119] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14117,uid=0
[  906.501338][T14119] Memory cgroup out of memory: Killed process 14117 (syz-executor.2) total-vm:72576kB, anon-rss:17396kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[  906.523693][ T1066] oom_reaper: reaped process 14117 (syz-executor.2), now anon-rss:17440kB, file-rss:37956kB, shmem-rss:0kB
21:55:43 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f495", 0x64}])

[  906.543345][T14133] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  906.563687][T14133] CPU: 0 PID: 14133 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  906.572820][T14133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  906.582876][T14133] Call Trace:
[  906.586172][T14133]  dump_stack+0x172/0x1f0
[  906.590512][T14133]  dump_header+0x177/0x1152
[  906.595026][T14133]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  906.600840][T14133]  ? ___ratelimit+0x2c8/0x595
[  906.605518][T14133]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  906.611336][T14133]  ? lockdep_hardirqs_on+0x418/0x5d0
[  906.616630][T14133]  ? trace_hardirqs_on+0x67/0x240
[  906.621658][T14133]  ? pagefault_out_of_memory+0x11c/0x11c
[  906.627293][T14133]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  906.633098][T14133]  ? ___ratelimit+0x60/0x595
[  906.637684][T14133]  ? do_raw_spin_unlock+0x57/0x270
[  906.642805][T14133]  oom_kill_process.cold+0x10/0x15
[  906.647920][T14133]  out_of_memory+0x334/0x1340
[  906.652603][T14133]  ? lock_downgrade+0x920/0x920
[  906.657459][T14133]  ? oom_killer_disable+0x280/0x280
[  906.662669][T14133]  mem_cgroup_out_of_memory+0x1d8/0x240
[  906.668212][T14133]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  906.673846][T14133]  ? do_raw_spin_unlock+0x57/0x270
[  906.678959][T14133]  ? _raw_spin_unlock+0x2d/0x50
[  906.683819][T14133]  try_charge+0xf4b/0x1440
[  906.688251][T14133]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  906.693791][T14133]  ? percpu_ref_tryget_live+0x111/0x290
[  906.693812][T14133]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  906.693829][T14133]  ? __kasan_check_read+0x11/0x20
[  906.693850][T14133]  ? get_mem_cgroup_from_mm+0x156/0x320
[  906.693867][T14133]  mem_cgroup_try_charge+0x136/0x590
[  906.693883][T14133]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  906.693901][T14133]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  906.693920][T14133]  __handle_mm_fault+0x1e34/0x3f20
[  906.693940][T14133]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  906.710709][T14133]  ? __kasan_check_read+0x11/0x20
[  906.748980][T14133]  handle_mm_fault+0x1b5/0x6c0
[  906.753748][T14133]  __get_user_pages+0x7d4/0x1b30
[  906.758686][T14133]  ? mark_held_locks+0xf0/0xf0
[  906.763463][T14133]  ? follow_page_mask+0x1cf0/0x1cf0
[  906.768662][T14133]  ? __mm_populate+0x270/0x380
[  906.773439][T14133]  ? __kasan_check_write+0x14/0x20
[  906.778549][T14133]  ? down_read+0x109/0x430
[  906.782972][T14133]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  906.789222][T14133]  populate_vma_page_range+0x20d/0x2a0
[  906.794697][T14133]  __mm_populate+0x204/0x380
[  906.799292][T14133]  ? populate_vma_page_range+0x2a0/0x2a0
[  906.804926][T14133]  ? __kasan_check_write+0x14/0x20
[  906.810051][T14133]  ? up_write+0x155/0x490
[  906.814378][T14133]  ? ns_capable_common+0x93/0x100
[  906.819417][T14133]  __x64_sys_mlockall+0x473/0x520
[  906.824444][T14133]  do_syscall_64+0xfa/0x760
[  906.829217][T14133]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  906.835108][T14133] RIP: 0033:0x4598e9
[  906.839005][T14133] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  906.858612][T14133] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  906.867033][T14133] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  906.875010][T14133] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  906.882991][T14133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
21:55:44 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  906.890968][T14133] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  906.898950][T14133] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  906.928659][T14133] memory: usage 307120kB, limit 307200kB, failcnt 544
[  906.935737][T14133] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  906.942717][T14133] Memory cgroup stats for /syz1:
[  906.942854][T14133] anon 299003904
[  906.942854][T14133] file 40960
[  906.942854][T14133] kernel_stack 851968
[  906.942854][T14133] slab 10821632
[  906.942854][T14133] sock 4096
[  906.942854][T14133] shmem 0
[  906.942854][T14133] file_mapped 0
[  906.942854][T14133] file_dirty 0
[  906.942854][T14133] file_writeback 0
[  906.942854][T14133] anon_thp 264241152
[  906.942854][T14133] inactive_anon 206815232
[  906.942854][T14133] active_anon 15622144
[  906.942854][T14133] inactive_file 0
[  906.942854][T14133] active_file 0
[  906.942854][T14133] unevictable 76435456
[  906.942854][T14133] slab_reclaimable 2838528
[  906.942854][T14133] slab_unreclaimable 7983104
[  906.942854][T14133] pgfault 48609
[  906.942854][T14133] pgmajfault 0
[  906.942854][T14133] workingset_refault 0
[  906.942854][T14133] workingset_activate 0
[  906.942854][T14133] workingset_nodereclaim 0
[  906.942854][T14133] pgrefill 135
[  906.942854][T14133] pgscan 134
[  906.942854][T14133] pgsteal 0
[  907.037544][T14133] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14131,uid=0
[  907.054675][T14133] Memory cgroup out of memory: Killed process 14131 (syz-executor.1) total-vm:72708kB, anon-rss:17404kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[  907.074749][ T1066] oom_reaper: reaped process 14131 (syz-executor.1), now anon-rss:17424kB, file-rss:37952kB, shmem-rss:0kB
[  907.176475][T14146] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  907.187587][T14146] CPU: 1 PID: 14146 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  907.196701][T14146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  907.206740][T14146] Call Trace:
[  907.210018][T14146]  dump_stack+0x172/0x1f0
[  907.214504][T14146]  dump_header+0x177/0x1152
[  907.219000][T14146]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  907.224784][T14146]  ? ___ratelimit+0x2c8/0x595
[  907.229445][T14146]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  907.235328][T14146]  ? lockdep_hardirqs_on+0x418/0x5d0
[  907.240610][T14146]  ? trace_hardirqs_on+0x67/0x240
[  907.245618][T14146]  ? pagefault_out_of_memory+0x11c/0x11c
[  907.251234][T14146]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  907.257021][T14146]  ? ___ratelimit+0x60/0x595
[  907.261606][T14146]  ? do_raw_spin_unlock+0x57/0x270
[  907.266700][T14146]  oom_kill_process.cold+0x10/0x15
[  907.271794][T14146]  out_of_memory+0x334/0x1340
[  907.276450][T14146]  ? lock_downgrade+0x920/0x920
[  907.281286][T14146]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  907.287073][T14146]  ? oom_killer_disable+0x280/0x280
[  907.292265][T14146]  mem_cgroup_out_of_memory+0x1d8/0x240
[  907.297966][T14146]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  907.303583][T14146]  ? do_raw_spin_unlock+0x57/0x270
[  907.308677][T14146]  ? _raw_spin_unlock+0x2d/0x50
[  907.313515][T14146]  try_charge+0xf4b/0x1440
[  907.317923][T14146]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  907.323459][T14146]  ? percpu_ref_tryget_live+0x111/0x290
[  907.329001][T14146]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  907.335225][T14146]  ? __kasan_check_read+0x11/0x20
[  907.340236][T14146]  ? get_mem_cgroup_from_mm+0x156/0x320
[  907.345762][T14146]  mem_cgroup_try_charge+0x136/0x590
[  907.351036][T14146]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  907.357265][T14146]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  907.362880][T14146]  __handle_mm_fault+0x1e34/0x3f20
[  907.368012][T14146]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  907.373557][T14146]  ? __kasan_check_read+0x11/0x20
[  907.378568][T14146]  handle_mm_fault+0x1b5/0x6c0
[  907.383412][T14146]  __get_user_pages+0x7d4/0x1b30
[  907.388329][T14146]  ? mark_held_locks+0xf0/0xf0
[  907.393083][T14146]  ? follow_page_mask+0x1cf0/0x1cf0
[  907.398261][T14146]  ? __mm_populate+0x270/0x380
[  907.403008][T14146]  ? __kasan_check_write+0x14/0x20
[  907.408100][T14146]  ? down_read+0x109/0x430
[  907.412500][T14146]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  907.418726][T14146]  populate_vma_page_range+0x20d/0x2a0
[  907.424169][T14146]  __mm_populate+0x204/0x380
[  907.428742][T14146]  ? populate_vma_page_range+0x2a0/0x2a0
[  907.434358][T14146]  ? __kasan_check_write+0x14/0x20
[  907.439448][T14146]  ? up_write+0x155/0x490
[  907.443759][T14146]  ? ns_capable_common+0x93/0x100
[  907.448767][T14146]  __x64_sys_mlockall+0x473/0x520
[  907.453776][T14146]  do_syscall_64+0xfa/0x760
[  907.458273][T14146]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  907.464153][T14146] RIP: 0033:0x4598e9
[  907.468031][T14146] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  907.487613][T14146] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  907.496023][T14146] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  907.503990][T14146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  907.511961][T14146] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  907.519921][T14146] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  907.527986][T14146] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  907.548415][T14146] memory: usage 307200kB, limit 307200kB, failcnt 103
[  907.556336][T14146] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  907.564750][T14146] Memory cgroup stats for /syz2:
[  907.564859][T14146] anon 300093440
[  907.564859][T14146] file 0
[  907.564859][T14146] kernel_stack 589824
[  907.564859][T14146] slab 11038720
[  907.564859][T14146] sock 0
[  907.564859][T14146] shmem 0
[  907.564859][T14146] file_mapped 0
[  907.564859][T14146] file_dirty 0
[  907.564859][T14146] file_writeback 0
[  907.564859][T14146] anon_thp 268435456
[  907.564859][T14146] inactive_anon 248446976
[  907.564859][T14146] active_anon 2445312
[  907.564859][T14146] inactive_file 0
[  907.564859][T14146] active_file 0
[  907.564859][T14146] unevictable 49143808
[  907.564859][T14146] slab_reclaimable 3244032
[  907.564859][T14146] slab_unreclaimable 7794688
[  907.564859][T14146] pgfault 30261
[  907.564859][T14146] pgmajfault 0
[  907.564859][T14146] workingset_refault 0
[  907.564859][T14146] workingset_activate 0
[  907.564859][T14146] workingset_nodereclaim 0
[  907.564859][T14146] pgrefill 67
[  907.564859][T14146] pgscan 66
[  907.564859][T14146] pgsteal 0
[  907.564859][T14146] pgactivate 66
[  907.662898][T14146] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14145,uid=0
[  907.678484][T14146] Memory cgroup out of memory: Killed process 14145 (syz-executor.2) total-vm:72576kB, anon-rss:17396kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[  907.696623][ T1066] oom_reaper: reaped process 14145 (syz-executor.2), now anon-rss:17440kB, file-rss:37956kB, shmem-rss:0kB
21:55:52 executing program 5:

21:55:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:52 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:55:52 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f495", 0x64}])

21:55:52 executing program 1:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:52 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:52 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f495", 0x64}])

21:55:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  915.296497][T14156] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  915.325842][T14156] CPU: 1 PID: 14156 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  915.334993][T14156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  915.345056][T14156] Call Trace:
[  915.348360][T14156]  dump_stack+0x172/0x1f0
[  915.352708][T14156]  dump_header+0x177/0x1152
[  915.357225][T14156]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  915.363031][T14156]  ? ___ratelimit+0x2c8/0x595
[  915.367710][T14156]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  915.373521][T14156]  ? lockdep_hardirqs_on+0x418/0x5d0
[  915.378807][T14156]  ? trace_hardirqs_on+0x67/0x240
[  915.383843][T14156]  ? pagefault_out_of_memory+0x11c/0x11c
[  915.389490][T14156]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  915.395304][T14156]  ? ___ratelimit+0x60/0x595
[  915.399902][T14156]  ? do_raw_spin_unlock+0x57/0x270
[  915.405020][T14156]  oom_kill_process.cold+0x10/0x15
[  915.410137][T14156]  out_of_memory+0x334/0x1340
[  915.414813][T14156]  ? lock_downgrade+0x920/0x920
[  915.419664][T14156]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  915.419684][T14156]  ? oom_killer_disable+0x280/0x280
[  915.419709][T14156]  mem_cgroup_out_of_memory+0x1d8/0x240
[  915.419726][T14156]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  915.441856][T14156]  ? do_raw_spin_unlock+0x57/0x270
21:55:52 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  915.441878][T14156]  ? _raw_spin_unlock+0x2d/0x50
[  915.441899][T14156]  try_charge+0xf4b/0x1440
[  915.441924][T14156]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  915.461801][T14156]  ? percpu_ref_tryget_live+0x111/0x290
[  915.467366][T14156]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  915.473618][T14156]  ? __kasan_check_read+0x11/0x20
[  915.478650][T14156]  ? get_mem_cgroup_from_mm+0x156/0x320
[  915.484205][T14156]  mem_cgroup_try_charge+0x136/0x590
[  915.489499][T14156]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  915.495756][T14156]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  915.495778][T14156]  __handle_mm_fault+0x1e34/0x3f20
[  915.495797][T14156]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  915.495829][T14156]  ? __kasan_check_read+0x11/0x20
[  915.506555][T14156]  handle_mm_fault+0x1b5/0x6c0
[  915.506577][T14156]  __get_user_pages+0x7d4/0x1b30
[  915.506590][T14156]  ? mark_held_locks+0xf0/0xf0
[  915.506613][T14156]  ? follow_page_mask+0x1cf0/0x1cf0
[  915.536749][T14156]  ? __mm_populate+0x270/0x380
[  915.541528][T14156]  ? __kasan_check_write+0x14/0x20
[  915.546652][T14156]  ? down_read+0x109/0x430
[  915.551083][T14156]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  915.557342][T14156]  populate_vma_page_range+0x20d/0x2a0
[  915.562821][T14156]  __mm_populate+0x204/0x380
[  915.567418][T14156]  ? populate_vma_page_range+0x2a0/0x2a0
[  915.573067][T14156]  ? __kasan_check_write+0x14/0x20
[  915.578184][T14156]  ? up_write+0x155/0x490
[  915.582516][T14156]  ? ns_capable_common+0x93/0x100
[  915.587554][T14156]  __x64_sys_mlockall+0x473/0x520
[  915.592582][T14156]  do_syscall_64+0xfa/0x760
[  915.597090][T14156]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  915.602979][T14156] RIP: 0033:0x4598e9
[  915.606877][T14156] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  915.626483][T14156] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  915.634900][T14156] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  915.642872][T14156] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  915.651106][T14156] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  915.659080][T14156] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  915.667052][T14156] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  915.683316][T14156] memory: usage 307200kB, limit 307200kB, failcnt 558
21:55:53 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f2", 0x96}])

21:55:53 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  915.703693][T14156] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  915.716975][T14156] Memory cgroup stats for /syz1:
[  915.717098][T14156] anon 299466752
[  915.717098][T14156] file 40960
[  915.717098][T14156] kernel_stack 720896
[  915.717098][T14156] slab 10567680
[  915.717098][T14156] sock 4096
[  915.717098][T14156] shmem 0
[  915.717098][T14156] file_mapped 0
[  915.717098][T14156] file_dirty 0
[  915.717098][T14156] file_writeback 0
[  915.717098][T14156] anon_thp 266338304
[  915.717098][T14156] inactive_anon 206917632
[  915.717098][T14156] active_anon 15622144
[  915.717098][T14156] inactive_file 0
[  915.717098][T14156] active_file 0
[  915.717098][T14156] unevictable 77213696
[  915.717098][T14156] slab_reclaimable 2838528
[  915.717098][T14156] slab_unreclaimable 7729152
[  915.717098][T14156] pgfault 49335
[  915.717098][T14156] pgmajfault 0
[  915.717098][T14156] workingset_refault 0
[  915.717098][T14156] workingset_activate 0
[  915.717098][T14156] workingset_nodereclaim 0
[  915.717098][T14156] pgrefill 135
[  915.717098][T14156] pgscan 134
[  915.717098][T14156] pgsteal 0
[  915.820093][T14156] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14155,uid=0
21:55:53 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f2", 0x96}])

[  915.879835][T14156] Memory cgroup out of memory: Killed process 14155 (syz-executor.1) total-vm:72576kB, anon-rss:17888kB, file-rss:53368kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
[  915.999343][ T1066] oom_reaper: reaped process 14155 (syz-executor.1), now anon-rss:17900kB, file-rss:54332kB, shmem-rss:0kB
21:55:58 executing program 5:

21:55:58 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:58 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:58 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:55:58 executing program 1:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:55:58 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f2", 0x96}])

21:55:58 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:58 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d8", 0xaf}])

21:55:58 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:55:58 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d8", 0xaf}])

[  921.711999][T14216] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[  921.748299][T14216] CPU: 1 PID: 14216 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  921.757493][T14216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  921.767565][T14216] Call Trace:
[  921.767710][T14216]  dump_stack+0x172/0x1f0
[  921.767732][T14216]  dump_header+0x177/0x1152
[  921.767756][T14216]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  921.767767][T14216]  ? ___ratelimit+0x2c8/0x595
[  921.767789][T14216]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  921.767807][T14216]  ? lockdep_hardirqs_on+0x418/0x5d0
[  921.767823][T14216]  ? trace_hardirqs_on+0x67/0x240
[  921.767840][T14216]  ? pagefault_out_of_memory+0x11c/0x11c
[  921.767856][T14216]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  921.767871][T14216]  ? ___ratelimit+0x60/0x595
[  921.767883][T14216]  ? do_raw_spin_unlock+0x57/0x270
[  921.767902][T14216]  oom_kill_process.cold+0x10/0x15
[  921.767923][T14216]  out_of_memory+0x334/0x1340
[  921.767939][T14216]  ? lock_downgrade+0x920/0x920
[  921.767959][T14216]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  921.767971][T14216]  ? oom_killer_disable+0x280/0x280
[  921.767997][T14216]  mem_cgroup_out_of_memory+0x1d8/0x240
[  921.785944][T14216]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  921.785967][T14216]  ? do_raw_spin_unlock+0x57/0x270
[  921.827865][T14216]  ? _raw_spin_unlock+0x2d/0x50
[  921.827891][T14216]  try_charge+0xf4b/0x1440
[  921.827916][T14216]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  921.827938][T14216]  ? find_held_lock+0x35/0x130
[  921.837724][T14216]  ? get_mem_cgroup_from_mm+0x139/0x320
[  921.837750][T14216]  ? lock_downgrade+0x920/0x920
[  921.837769][T14216]  ? percpu_ref_tryget_live+0x111/0x290
[  921.905724][T14216]  __memcg_kmem_charge_memcg+0x71/0xf0
[  921.911200][T14216]  ? memcg_kmem_put_cache+0x50/0x50
[  921.916419][T14216]  ? get_mem_cgroup_from_mm+0x156/0x320
[  921.921992][T14216]  __memcg_kmem_charge+0x13a/0x3a0
[  921.927129][T14216]  __alloc_pages_nodemask+0x4f7/0x900
[  921.932529][T14216]  ? __alloc_pages_slowpath+0x2540/0x2540
[  921.938285][T14216]  ? mmu_notifier_invalidate_range_start+0x95/0x110
[  921.944901][T14216]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  921.951165][T14216]  alloc_pages_current+0x107/0x210
[  921.957423][T14216]  get_zeroed_page+0x14/0x50
21:55:59 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  921.962019][T14216]  __pud_alloc+0x3b/0x250
[  921.966370][T14216]  pud_alloc+0xde/0x150
[  921.970545][T14216]  copy_page_range+0x37a/0x1ed0
[  921.975424][T14216]  ? dup_mm+0x7cd/0x1430
[  921.979695][T14216]  ? find_held_lock+0x35/0x130
[  921.984492][T14216]  ? pmd_alloc+0x180/0x180
[  921.988941][T14216]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  921.994694][T14216]  ? vma_compute_subtree_gap+0x158/0x230
[  922.000365][T14216]  ? validate_mm_rb+0xa3/0xc0
[  922.005075][T14216]  ? __vma_link_rb+0x5ad/0x770
[  922.009883][T14216]  dup_mm+0xa67/0x1430
[  922.013970][T14216]  ? vm_area_dup+0x170/0x170
[  922.018567][T14216]  ? debug_mutex_init+0x2d/0x60
[  922.023562][T14216]  copy_process+0x2671/0x6830
[  922.028268][T14216]  ? __cleanup_sighand+0x60/0x60
[  922.033250][T14216]  ? __might_fault+0x12b/0x1e0
[  922.038190][T14216]  ? __might_fault+0x12b/0x1e0
[  922.042960][T14216]  _do_fork+0x146/0xfa0
[  922.047109][T14216]  ? copy_init_mm+0x20/0x20
[  922.051608][T14216]  ? __kasan_check_read+0x11/0x20
[  922.056628][T14216]  ? _copy_to_user+0x118/0x160
[  922.061412][T14216]  __x64_sys_clone+0x1ab/0x270
[  922.066164][T14216]  ? __ia32_sys_vfork+0xd0/0xd0
[  922.071011][T14216]  ? do_syscall_64+0x26/0x760
[  922.075698][T14216]  ? lockdep_hardirqs_on+0x418/0x5d0
[  922.080988][T14216]  ? trace_hardirqs_on+0x67/0x240
[  922.086021][T14216]  do_syscall_64+0xfa/0x760
[  922.090540][T14216]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  922.096525][T14216] RIP: 0033:0x4598e9
[  922.100425][T14216] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  922.120143][T14216] RSP: 002b:00007f11e8493c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  922.128719][T14216] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004598e9
[  922.136686][T14216] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000
[  922.144751][T14216] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[  922.152707][T14216] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84946d4
21:55:59 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  922.160666][T14216] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 00000000ffffffff
[  922.170046][T14216] memory: usage 307200kB, limit 307200kB, failcnt 574
[  922.179195][T14216] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  922.186444][T14216] Memory cgroup stats for /syz1:
[  922.186793][T14216] anon 299552768
[  922.186793][T14216] file 40960
[  922.186793][T14216] kernel_stack 786432
[  922.186793][T14216] slab 10166272
[  922.186793][T14216] sock 4096
[  922.186793][T14216] shmem 0
[  922.186793][T14216] file_mapped 0
[  922.186793][T14216] file_dirty 0
[  922.186793][T14216] file_writeback 0
[  922.186793][T14216] anon_thp 266338304
[  922.186793][T14216] inactive_anon 206938112
[  922.186793][T14216] active_anon 15622144
[  922.186793][T14216] inactive_file 0
[  922.186793][T14216] active_file 0
[  922.186793][T14216] unevictable 77250560
[  922.186793][T14216] slab_reclaimable 2838528
[  922.186793][T14216] slab_unreclaimable 7327744
[  922.186793][T14216] pgfault 50127
[  922.186793][T14216] pgmajfault 0
[  922.186793][T14216] workingset_refault 0
[  922.186793][T14216] workingset_activate 0
[  922.186793][T14216] workingset_nodereclaim 0
[  922.186793][T14216] pgrefill 135
[  922.186793][T14216] pgscan 134
[  922.186793][T14216] pgsteal 0
[  922.194748][T14216] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14198,uid=0
[  922.301180][T14216] Memory cgroup out of memory: Killed process 14198 (syz-executor.1) total-vm:72708kB, anon-rss:18140kB, file-rss:53368kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
[  922.471170][T14228] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  922.503960][T14228] CPU: 1 PID: 14228 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  922.513115][T14228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  922.523182][T14228] Call Trace:
[  922.526491][T14228]  dump_stack+0x172/0x1f0
[  922.530859][T14228]  dump_header+0x177/0x1152
[  922.535395][T14228]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  922.541228][T14228]  ? ___ratelimit+0x2c8/0x595
[  922.545925][T14228]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  922.551749][T14228]  ? lockdep_hardirqs_on+0x418/0x5d0
[  922.557057][T14228]  ? trace_hardirqs_on+0x67/0x240
[  922.562262][T14228]  ? pagefault_out_of_memory+0x11c/0x11c
[  922.567953][T14228]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  922.573797][T14228]  ? ___ratelimit+0x60/0x595
[  922.578449][T14228]  ? do_raw_spin_unlock+0x57/0x270
[  922.583579][T14228]  oom_kill_process.cold+0x10/0x15
[  922.588706][T14228]  out_of_memory+0x334/0x1340
[  922.593389][T14228]  ? lock_downgrade+0x920/0x920
[  922.598266][T14228]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  922.604100][T14228]  ? oom_killer_disable+0x280/0x280
[  922.609319][T14228]  mem_cgroup_out_of_memory+0x1d8/0x240
[  922.615402][T14228]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  922.621145][T14228]  ? do_raw_spin_unlock+0x57/0x270
[  922.626284][T14228]  ? _raw_spin_unlock+0x2d/0x50
[  922.631151][T14228]  try_charge+0xf4b/0x1440
[  922.635592][T14228]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  922.641150][T14228]  ? percpu_ref_tryget_live+0x111/0x290
[  922.646719][T14228]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  922.652978][T14228]  ? __kasan_check_read+0x11/0x20
[  922.658125][T14228]  ? get_mem_cgroup_from_mm+0x156/0x320
[  922.663775][T14228]  mem_cgroup_try_charge+0x136/0x590
[  922.669074][T14228]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  922.675354][T14228]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  922.681019][T14228]  __handle_mm_fault+0x1e34/0x3f20
[  922.686167][T14228]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  922.691748][T14228]  ? __kasan_check_read+0x11/0x20
[  922.696815][T14228]  handle_mm_fault+0x1b5/0x6c0
[  922.701619][T14228]  __get_user_pages+0x7d4/0x1b30
[  922.706579][T14228]  ? mark_held_locks+0xf0/0xf0
[  922.711371][T14228]  ? follow_page_mask+0x1cf0/0x1cf0
[  922.716589][T14228]  ? __mm_populate+0x270/0x380
[  922.721368][T14228]  ? __kasan_check_write+0x14/0x20
[  922.726474][T14228]  ? down_read+0x109/0x430
[  922.726491][T14228]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  922.726510][T14228]  populate_vma_page_range+0x20d/0x2a0
[  922.726527][T14228]  __mm_populate+0x204/0x380
[  922.726544][T14228]  ? populate_vma_page_range+0x2a0/0x2a0
[  922.726560][T14228]  ? __kasan_check_write+0x14/0x20
[  922.726575][T14228]  ? up_write+0x155/0x490
[  922.726587][T14228]  ? ns_capable_common+0x93/0x100
[  922.726608][T14228]  __x64_sys_mlockall+0x473/0x520
[  922.726626][T14228]  do_syscall_64+0xfa/0x760
[  922.726643][T14228]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  922.726652][T14228] RIP: 0033:0x4598e9
[  922.726672][T14228] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  922.805730][T14228] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  922.814153][T14228] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  922.822145][T14228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  922.830114][T14228] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  922.838086][T14228] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  922.846067][T14228] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  922.854449][T14228] memory: usage 307200kB, limit 307200kB, failcnt 171
[  922.872603][T14228] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  922.880097][T14228] Memory cgroup stats for /syz2:
[  922.880217][T14228] anon 301359104
[  922.880217][T14228] file 0
[  922.880217][T14228] kernel_stack 589824
[  922.880217][T14228] slab 9355264
[  922.880217][T14228] sock 0
[  922.880217][T14228] shmem 0
[  922.880217][T14228] file_mapped 0
[  922.880217][T14228] file_dirty 0
[  922.880217][T14228] file_writeback 0
[  922.880217][T14228] anon_thp 270532608
[  922.880217][T14228] inactive_anon 267231232
[  922.880217][T14228] active_anon 2539520
[  922.880217][T14228] inactive_file 0
[  922.880217][T14228] active_file 0
[  922.880217][T14228] unevictable 31739904
[  922.880217][T14228] slab_reclaimable 3108864
[  922.880217][T14228] slab_unreclaimable 6246400
[  922.880217][T14228] pgfault 32109
[  922.880217][T14228] pgmajfault 0
[  922.880217][T14228] workingset_refault 0
[  922.880217][T14228] workingset_activate 0
[  922.880217][T14228] workingset_nodereclaim 0
[  922.880217][T14228] pgrefill 100
[  922.880217][T14228] pgscan 99
[  922.880217][T14228] pgsteal 0
[  922.880217][T14228] pgactivate 66
[  922.977604][T14228] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14215,uid=0
[  922.994369][T14228] Memory cgroup out of memory: Killed process 14215 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  923.019460][ T1066] oom_reaper: reaped process 14215 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:56:02 executing program 5:

21:56:02 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d8", 0xaf}])

21:56:02 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:02 executing program 1:
openat$pfkey(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:02 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:02 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  925.562202][T14243] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  925.573829][T14243] CPU: 1 PID: 14243 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  925.582955][T14243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  925.593023][T14243] Call Trace:
[  925.596351][T14243]  dump_stack+0x172/0x1f0
[  925.600702][T14243]  dump_header+0x177/0x1152
[  925.605238][T14243]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  925.611058][T14243]  ? ___ratelimit+0x2c8/0x595
[  925.615738][T14243]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  925.621548][T14243]  ? lockdep_hardirqs_on+0x418/0x5d0
[  925.626837][T14243]  ? trace_hardirqs_on+0x67/0x240
[  925.631877][T14243]  ? pagefault_out_of_memory+0x11c/0x11c
[  925.637519][T14243]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  925.643765][T14243]  ? ___ratelimit+0x60/0x595
[  925.648358][T14243]  ? do_raw_spin_unlock+0x57/0x270
[  925.653473][T14243]  oom_kill_process.cold+0x10/0x15
[  925.658585][T14243]  out_of_memory+0x334/0x1340
[  925.663268][T14243]  ? oom_killer_disable+0x280/0x280
[  925.668477][T14243]  mem_cgroup_out_of_memory+0x1d8/0x240
[  925.674025][T14243]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  925.679665][T14243]  ? _raw_spin_unlock+0x41/0x50
[  925.684523][T14243]  try_charge+0xf4b/0x1440
[  925.688952][T14243]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  925.694495][T14243]  ? percpu_ref_tryget_live+0x111/0x290
[  925.700136][T14243]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  925.706387][T14243]  ? __kasan_check_read+0x11/0x20
[  925.711420][T14243]  ? get_mem_cgroup_from_mm+0x156/0x320
[  925.716981][T14243]  mem_cgroup_try_charge+0x136/0x590
[  925.722271][T14243]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  925.728514][T14243]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  925.734153][T14243]  __handle_mm_fault+0x1e34/0x3f20
[  925.739270][T14243]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  925.744832][T14243]  ? __kasan_check_read+0x11/0x20
[  925.749872][T14243]  handle_mm_fault+0x1b5/0x6c0
[  925.754649][T14243]  __get_user_pages+0x7d4/0x1b30
[  925.759594][T14243]  ? mark_held_locks+0xf0/0xf0
[  925.764371][T14243]  ? follow_page_mask+0x1cf0/0x1cf0
[  925.769569][T14243]  ? __mm_populate+0x270/0x380
[  925.774365][T14243]  ? __kasan_check_write+0x14/0x20
[  925.779480][T14243]  ? down_read+0x109/0x430
[  925.783902][T14243]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  925.790236][T14243]  populate_vma_page_range+0x20d/0x2a0
[  925.795705][T14243]  __mm_populate+0x204/0x380
[  925.800301][T14243]  ? populate_vma_page_range+0x2a0/0x2a0
[  925.805936][T14243]  ? __kasan_check_write+0x14/0x20
[  925.811052][T14243]  ? up_write+0x155/0x490
[  925.815381][T14243]  ? ns_capable_common+0x93/0x100
[  925.820420][T14243]  __x64_sys_mlockall+0x473/0x520
[  925.825453][T14243]  do_syscall_64+0xfa/0x760
[  925.829966][T14243]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  925.835862][T14243] RIP: 0033:0x4598e9
[  925.839762][T14243] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:56:03 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54a", 0xbc}])

21:56:03 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  925.859548][T14243] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  925.867973][T14243] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  925.875946][T14243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  925.883912][T14243] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  925.883920][T14243] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  925.883927][T14243] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  925.888679][T14243] memory: usage 307192kB, limit 307200kB, failcnt 197
[  925.923314][T14243] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  925.930383][T14243] Memory cgroup stats for /syz2:
[  925.930498][T14243] anon 301203456
[  925.930498][T14243] file 0
[  925.930498][T14243] kernel_stack 589824
[  925.930498][T14243] slab 9355264
[  925.930498][T14243] sock 0
[  925.930498][T14243] shmem 0
[  925.930498][T14243] file_mapped 0
[  925.930498][T14243] file_dirty 0
[  925.930498][T14243] file_writeback 0
[  925.930498][T14243] anon_thp 268435456
[  925.930498][T14243] inactive_anon 267173888
[  925.930498][T14243] active_anon 2539520
[  925.930498][T14243] inactive_file 0
[  925.930498][T14243] active_file 0
[  925.930498][T14243] unevictable 31727616
[  925.930498][T14243] slab_reclaimable 3108864
[  925.930498][T14243] slab_unreclaimable 6246400
[  925.930498][T14243] pgfault 33462
[  925.930498][T14243] pgmajfault 0
[  925.930498][T14243] workingset_refault 0
[  925.930498][T14243] workingset_activate 0
[  925.930498][T14243] workingset_nodereclaim 0
[  925.930498][T14243] pgrefill 100
[  925.930498][T14243] pgscan 99
[  925.930498][T14243] pgsteal 0
[  925.930498][T14243] pgactivate 66
21:56:03 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  926.064677][T14243] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14236,uid=0
[  926.085263][T14243] Memory cgroup out of memory: Killed process 14236 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  926.140365][T14256] syz-executor.1 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000
[  926.182431][T14256] CPU: 0 PID: 14256 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  926.191604][T14256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  926.201679][T14256] Call Trace:
[  926.205003][T14256]  dump_stack+0x172/0x1f0
[  926.209371][T14256]  dump_header+0x177/0x1152
[  926.213910][T14256]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  926.219714][T14256]  ? ___ratelimit+0x2c8/0x595
[  926.224387][T14256]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  926.230226][T14256]  ? lockdep_hardirqs_on+0x418/0x5d0
[  926.235511][T14256]  ? trace_hardirqs_on+0x67/0x240
[  926.240527][T14256]  ? pagefault_out_of_memory+0x11c/0x11c
[  926.246167][T14256]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  926.252871][T14256]  ? ___ratelimit+0x60/0x595
[  926.257543][T14256]  ? do_raw_spin_unlock+0x57/0x270
[  926.262692][T14256]  oom_kill_process.cold+0x10/0x15
[  926.267849][T14256]  out_of_memory+0x334/0x1340
[  926.272553][T14256]  ? lock_downgrade+0x920/0x920
[  926.277421][T14256]  ? oom_killer_disable+0x280/0x280
[  926.282655][T14256]  mem_cgroup_out_of_memory+0x1d8/0x240
[  926.288242][T14256]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  926.293879][T14256]  ? do_raw_spin_unlock+0x57/0x270
[  926.298984][T14256]  ? _raw_spin_unlock+0x2d/0x50
[  926.303845][T14256]  try_charge+0xf4b/0x1440
[  926.308293][T14256]  ? __lock_acquire+0x800/0x4a00
[  926.313375][T14256]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  926.318921][T14256]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  926.324924][T14256]  ? cache_grow_begin+0x122/0xd20
[  926.330146][T14256]  ? find_held_lock+0x35/0x130
[  926.335189][T14256]  ? cache_grow_begin+0x122/0xd20
[  926.340223][T14256]  __memcg_kmem_charge_memcg+0x71/0xf0
[  926.345917][T14256]  ? memcg_kmem_put_cache+0x50/0x50
[  926.351154][T14256]  ? __kasan_check_read+0x11/0x20
[  926.356398][T14256]  cache_grow_begin+0x629/0xd20
[  926.361263][T14256]  ? __sanitizer_cov_trace_cmp2+0x11/0x20
[  926.366985][T14256]  ? mempolicy_slab_node+0x139/0x390
[  926.372257][T14256]  fallback_alloc+0x1fd/0x2d0
[  926.376969][T14256]  ____cache_alloc_node+0x1bc/0x1d0
[  926.382207][T14256]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  926.388456][T14256]  kmem_cache_alloc_node_trace+0xec/0x750
[  926.394167][T14256]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  926.400134][T14256]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  926.405931][T14256]  __kmalloc_node+0x3d/0x70
[  926.410425][T14256]  kvmalloc_node+0x68/0x100
[  926.414914][T14256]  alloc_fdtable+0xd6/0x290
[  926.419409][T14256]  dup_fd+0x782/0xb70
[  926.423393][T14256]  copy_process+0x1b8a/0x6830
[  926.428065][T14256]  ? __cleanup_sighand+0x60/0x60
[  926.432989][T14256]  ? __might_fault+0x12b/0x1e0
[  926.437745][T14256]  ? __might_fault+0x12b/0x1e0
[  926.442533][T14256]  _do_fork+0x146/0xfa0
[  926.446712][T14256]  ? copy_init_mm+0x20/0x20
[  926.451229][T14256]  ? __kasan_check_read+0x11/0x20
[  926.456248][T14256]  ? _copy_to_user+0x118/0x160
[  926.461006][T14256]  __x64_sys_clone+0x1ab/0x270
[  926.465758][T14256]  ? __ia32_sys_vfork+0xd0/0xd0
[  926.470604][T14256]  ? do_syscall_64+0x26/0x760
[  926.475270][T14256]  ? lockdep_hardirqs_on+0x418/0x5d0
[  926.480545][T14256]  ? trace_hardirqs_on+0x67/0x240
[  926.485561][T14256]  do_syscall_64+0xfa/0x760
[  926.490095][T14256]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  926.495991][T14256] RIP: 0033:0x4598e9
[  926.499881][T14256] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  926.519504][T14256] RSP: 002b:00007f11e8493c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
21:56:03 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  926.527910][T14256] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004598e9
[  926.535868][T14256] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000
[  926.543825][T14256] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[  926.551785][T14256] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84946d4
[  926.559796][T14256] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 00000000ffffffff
[  926.589043][T14256] memory: usage 307200kB, limit 307200kB, failcnt 613
[  926.602596][T14256] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  926.613001][T14256] Memory cgroup stats for /syz1:
[  926.613370][T14256] anon 299634688
[  926.613370][T14256] file 40960
[  926.613370][T14256] kernel_stack 851968
[  926.613370][T14256] slab 10166272
[  926.613370][T14256] sock 4096
[  926.613370][T14256] shmem 0
[  926.613370][T14256] file_mapped 0
[  926.613370][T14256] file_dirty 0
[  926.613370][T14256] file_writeback 0
[  926.613370][T14256] anon_thp 266338304
[  926.613370][T14256] inactive_anon 206917632
[  926.613370][T14256] active_anon 15622144
[  926.613370][T14256] inactive_file 0
[  926.613370][T14256] active_file 0
[  926.613370][T14256] unevictable 77250560
[  926.613370][T14256] slab_reclaimable 2838528
[  926.613370][T14256] slab_unreclaimable 7327744
[  926.613370][T14256] pgfault 50919
[  926.613370][T14256] pgmajfault 0
[  926.613370][T14256] workingset_refault 0
[  926.613370][T14256] workingset_activate 0
[  926.613370][T14256] workingset_nodereclaim 0
[  926.613370][T14256] pgrefill 135
[  926.613370][T14256] pgscan 200
[  926.613370][T14256] pgsteal 0
[  926.726582][T14256] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14241,uid=0
[  926.754484][T14256] Memory cgroup out of memory: Killed process 14241 (syz-executor.1) total-vm:72840kB, anon-rss:18148kB, file-rss:53368kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
[  926.803968][ T1066] oom_reaper: reaped process 14241 (syz-executor.1), now anon-rss:18140kB, file-rss:53364kB, shmem-rss:0kB
21:56:04 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54a", 0xbc}])

21:56:04 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:06 executing program 5:

21:56:06 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54a", 0xbc}])

21:56:06 executing program 1:
openat$pfkey(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:06 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:06 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:06 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  929.699020][T14292] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  929.722370][T14292] CPU: 1 PID: 14292 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  929.731529][T14292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  929.741889][T14292] Call Trace:
[  929.745223][T14292]  dump_stack+0x172/0x1f0
[  929.749895][T14292]  dump_header+0x177/0x1152
[  929.756875][T14292]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  929.762723][T14292]  ? ___ratelimit+0x2c8/0x595
[  929.768807][T14292]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  929.774652][T14292]  ? lockdep_hardirqs_on+0x418/0x5d0
[  929.779985][T14292]  ? trace_hardirqs_on+0x67/0x240
[  929.785336][T14292]  ? pagefault_out_of_memory+0x11c/0x11c
[  929.791008][T14292]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  929.796940][T14292]  ? ___ratelimit+0x60/0x595
[  929.801562][T14292]  ? do_raw_spin_unlock+0x57/0x270
[  929.806714][T14292]  oom_kill_process.cold+0x10/0x15
[  929.812221][T14292]  out_of_memory+0x334/0x1340
[  929.816961][T14292]  ? lock_downgrade+0x920/0x920
[  929.821833][T14292]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  929.828475][T14292]  ? oom_killer_disable+0x280/0x280
[  929.834469][T14292]  mem_cgroup_out_of_memory+0x1d8/0x240
[  929.840052][T14292]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  929.845876][T14292]  ? do_raw_spin_unlock+0x57/0x270
[  929.851034][T14292]  ? _raw_spin_unlock+0x2d/0x50
[  929.855951][T14292]  try_charge+0xf4b/0x1440
[  929.860425][T14292]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  929.866336][T14292]  ? percpu_ref_tryget_live+0x111/0x290
[  929.872101][T14292]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  929.878424][T14292]  ? __kasan_check_read+0x11/0x20
[  929.883502][T14292]  ? get_mem_cgroup_from_mm+0x156/0x320
[  929.889521][T14292]  mem_cgroup_try_charge+0x136/0x590
[  929.895478][T14292]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  929.902011][T14292]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  929.908171][T14292]  __handle_mm_fault+0x1e34/0x3f20
[  929.913324][T14292]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  929.918926][T14292]  ? __kasan_check_read+0x11/0x20
[  929.924403][T14292]  handle_mm_fault+0x1b5/0x6c0
[  929.929198][T14292]  __get_user_pages+0x7d4/0x1b30
[  929.934535][T14292]  ? mark_held_locks+0xf0/0xf0
[  929.939333][T14292]  ? follow_page_mask+0x1cf0/0x1cf0
[  929.944571][T14292]  ? __mm_populate+0x270/0x380
[  929.949835][T14292]  ? __kasan_check_write+0x14/0x20
[  929.955079][T14292]  ? down_read+0x109/0x430
[  929.959522][T14292]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  929.959546][T14292]  populate_vma_page_range+0x20d/0x2a0
[  929.959566][T14292]  __mm_populate+0x204/0x380
[  929.959582][T14292]  ? populate_vma_page_range+0x2a0/0x2a0
[  929.959602][T14292]  ? __kasan_check_write+0x14/0x20
[  929.971464][T14292]  ? up_write+0x155/0x490
[  929.971479][T14292]  ? ns_capable_common+0x93/0x100
[  929.971500][T14292]  __x64_sys_mlockall+0x473/0x520
[  929.971521][T14292]  do_syscall_64+0xfa/0x760
[  929.971543][T14292]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  929.971554][T14292] RIP: 0033:0x4598e9
[  929.971575][T14292] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  929.991367][T14292] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  929.991383][T14292] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  929.991392][T14292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  929.991400][T14292] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  929.991408][T14292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  929.991422][T14292] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  930.022844][T14292] memory: usage 307200kB, limit 307200kB, failcnt 238
21:56:07 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2", 0xc2}])

[  930.137625][T14292] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  930.151378][T14292] Memory cgroup stats for /syz2:
[  930.151535][T14292] anon 301314048
[  930.151535][T14292] file 0
[  930.151535][T14292] kernel_stack 589824
[  930.151535][T14292] slab 9490432
[  930.151535][T14292] sock 0
[  930.151535][T14292] shmem 0
[  930.151535][T14292] file_mapped 0
[  930.151535][T14292] file_dirty 0
[  930.151535][T14292] file_writeback 0
[  930.151535][T14292] anon_thp 268435456
[  930.151535][T14292] inactive_anon 267165696
[  930.151535][T14292] active_anon 2539520
[  930.151535][T14292] inactive_file 0
[  930.151535][T14292] active_file 0
[  930.151535][T14292] unevictable 31727616
[  930.151535][T14292] slab_reclaimable 3108864
[  930.151535][T14292] slab_unreclaimable 6381568
[  930.151535][T14292] pgfault 34782
[  930.151535][T14292] pgmajfault 0
[  930.151535][T14292] workingset_refault 0
[  930.151535][T14292] workingset_activate 0
[  930.151535][T14292] workingset_nodereclaim 0
21:56:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:07 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  930.151535][T14292] pgrefill 100
[  930.151535][T14292] pgscan 99
[  930.151535][T14292] pgsteal 0
[  930.151535][T14292] pgactivate 66
[  930.167391][T14292] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14260,uid=0
[  930.308236][T14292] Memory cgroup out of memory: Killed process 14260 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  930.370073][T14295] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[  930.370539][ T1066] oom_reaper: reaped process 14260 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:56:07 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2", 0xc2}])

[  930.422897][T14295] CPU: 0 PID: 14295 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  930.432060][T14295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  930.442234][T14295] Call Trace:
[  930.445547][T14295]  dump_stack+0x172/0x1f0
[  930.449906][T14295]  dump_header+0x177/0x1152
[  930.454449][T14295]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  930.460285][T14295]  ? ___ratelimit+0x2c8/0x595
[  930.465099][T14295]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
21:56:07 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  930.470936][T14295]  ? lockdep_hardirqs_on+0x418/0x5d0
[  930.476264][T14295]  ? trace_hardirqs_on+0x67/0x240
[  930.481327][T14295]  ? pagefault_out_of_memory+0x11c/0x11c
[  930.487436][T14295]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  930.493310][T14295]  ? ___ratelimit+0x60/0x595
[  930.497926][T14295]  ? do_raw_spin_unlock+0x57/0x270
[  930.503066][T14295]  oom_kill_process.cold+0x10/0x15
[  930.508219][T14295]  out_of_memory+0x334/0x1340
[  930.512929][T14295]  ? lock_downgrade+0x920/0x920
[  930.517813][T14295]  ? oom_killer_disable+0x280/0x280
[  930.523046][T14295]  mem_cgroup_out_of_memory+0x1d8/0x240
[  930.528618][T14295]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  930.534322][T14295]  ? do_raw_spin_unlock+0x57/0x270
[  930.539471][T14295]  ? _raw_spin_unlock+0x2d/0x50
[  930.544351][T14295]  try_charge+0xf4b/0x1440
[  930.548801][T14295]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  930.554368][T14295]  ? find_held_lock+0x35/0x130
[  930.559431][T14295]  ? get_mem_cgroup_from_mm+0x139/0x320
[  930.565044][T14295]  ? lock_downgrade+0x920/0x920
[  930.569915][T14295]  ? percpu_ref_tryget_live+0x111/0x290
[  930.575490][T14295]  __memcg_kmem_charge_memcg+0x71/0xf0
[  930.580977][T14295]  ? memcg_kmem_put_cache+0x50/0x50
[  930.586330][T14295]  ? get_mem_cgroup_from_mm+0x156/0x320
[  930.591907][T14295]  __memcg_kmem_charge+0x13a/0x3a0
[  930.597057][T14295]  __alloc_pages_nodemask+0x4f7/0x900
[  930.602612][T14295]  ? __lock_acquire+0x16f2/0x4a00
[  930.607672][T14295]  ? __alloc_pages_slowpath+0x2540/0x2540
[  930.613421][T14295]  ? __kasan_check_read+0x11/0x20
[  930.618487][T14295]  ? find_held_lock+0x35/0x130
[  930.623284][T14295]  ? mmu_notifier_invalidate_range_start+0x95/0x110
[  930.629900][T14295]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  930.636174][T14295]  alloc_pages_current+0x107/0x210
[  930.641329][T14295]  pte_alloc_one+0x1b/0x1a0
[  930.646005][T14295]  copy_huge_pmd+0x75/0x620
[  930.650569][T14295]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  930.656828][T14295]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  930.663742][T14295]  copy_page_range+0x775/0x1ed0
[  930.668638][T14295]  ? pmd_alloc+0x180/0x180
[  930.673136][T14295]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  930.678889][T14295]  ? vma_compute_subtree_gap+0x158/0x230
[  930.684554][T14295]  ? validate_mm_rb+0xa3/0xc0
[  930.689273][T14295]  ? __vma_link_rb+0x5ad/0x770
[  930.694078][T14295]  ? anon_vma_fork+0xd4/0x4a0
[  930.698955][T14295]  dup_mm+0xa67/0x1430
[  930.703144][T14295]  ? vm_area_dup+0x170/0x170
[  930.707769][T14295]  ? debug_mutex_init+0x2d/0x60
[  930.712804][T14295]  copy_process+0x2671/0x6830
[  930.717538][T14295]  ? __cleanup_sighand+0x60/0x60
[  930.722510][T14295]  ? __might_fault+0x12b/0x1e0
[  930.727333][T14295]  ? __might_fault+0x12b/0x1e0
[  930.732137][T14295]  _do_fork+0x146/0xfa0
[  930.736352][T14295]  ? copy_init_mm+0x20/0x20
[  930.740898][T14295]  ? __kasan_check_read+0x11/0x20
[  930.745953][T14295]  ? _copy_to_user+0x118/0x160
[  930.750760][T14295]  __x64_sys_clone+0x1ab/0x270
[  930.755568][T14295]  ? __ia32_sys_vfork+0xd0/0xd0
[  930.760476][T14295]  ? do_syscall_64+0x26/0x760
[  930.765193][T14295]  ? lockdep_hardirqs_on+0x418/0x5d0
[  930.770511][T14295]  ? trace_hardirqs_on+0x67/0x240
[  930.775676][T14295]  do_syscall_64+0xfa/0x760
[  930.780219][T14295]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  930.786251][T14295] RIP: 0033:0x4598e9
[  930.790184][T14295] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  930.809810][T14295] RSP: 002b:00007f11e8493c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  930.809826][T14295] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004598e9
[  930.809832][T14295] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000
[  930.809839][T14295] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[  930.809845][T14295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84946d4
[  930.809852][T14295] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 00000000ffffffff
[  930.828217][T14295] memory: usage 307200kB, limit 307200kB, failcnt 656
21:56:08 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  930.901630][T14295] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  930.913042][T14295] Memory cgroup stats for /syz1:
[  930.913170][T14295] anon 299548672
[  930.913170][T14295] file 40960
[  930.913170][T14295] kernel_stack 851968
[  930.913170][T14295] slab 10166272
[  930.913170][T14295] sock 4096
[  930.913170][T14295] shmem 0
[  930.913170][T14295] file_mapped 0
[  930.913170][T14295] file_dirty 0
[  930.913170][T14295] file_writeback 0
[  930.913170][T14295] anon_thp 266338304
[  930.913170][T14295] inactive_anon 206872576
[  930.913170][T14295] active_anon 15622144
[  930.913170][T14295] inactive_file 0
[  930.913170][T14295] active_file 0
[  930.913170][T14295] unevictable 77381632
[  930.913170][T14295] slab_reclaimable 2838528
[  930.913170][T14295] slab_unreclaimable 7327744
[  930.913170][T14295] pgfault 51744
[  930.913170][T14295] pgmajfault 0
[  930.913170][T14295] workingset_refault 0
[  930.913170][T14295] workingset_activate 0
[  930.913170][T14295] workingset_nodereclaim 0
[  930.913170][T14295] pgrefill 135
[  930.913170][T14295] pgscan 200
[  930.913170][T14295] pgsteal 0
[  931.015096][T14295] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14281,uid=0
[  931.036784][T14295] Memory cgroup out of memory: Killed process 14281 (syz-executor.1) total-vm:72708kB, anon-rss:18144kB, file-rss:53400kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
[  931.065404][ T1066] oom_reaper: reaped process 14281 (syz-executor.1), now anon-rss:18188kB, file-rss:54328kB, shmem-rss:0kB
21:56:11 executing program 5:

21:56:11 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2", 0xc2}])

21:56:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:11 executing program 1:
openat$pfkey(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:11 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:11 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  933.856446][T14328] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  933.867179][T14328] CPU: 0 PID: 14328 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  933.876314][T14328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  933.886387][T14328] Call Trace:
[  933.889708][T14328]  dump_stack+0x172/0x1f0
[  933.894053][T14328]  dump_header+0x177/0x1152
[  933.898584][T14328]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  933.904408][T14328]  ? ___ratelimit+0x2c8/0x595
[  933.909091][T14328]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  933.914906][T14328]  ? lockdep_hardirqs_on+0x418/0x5d0
[  933.920193][T14328]  ? trace_hardirqs_on+0x67/0x240
[  933.925221][T14328]  ? pagefault_out_of_memory+0x11c/0x11c
[  933.930856][T14328]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  933.936668][T14328]  ? ___ratelimit+0x60/0x595
[  933.941263][T14328]  ? do_raw_spin_unlock+0x57/0x270
[  933.946385][T14328]  oom_kill_process.cold+0x10/0x15
[  933.951506][T14328]  out_of_memory+0x334/0x1340
[  933.956197][T14328]  ? lock_downgrade+0x920/0x920
[  933.961055][T14328]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  933.966865][T14328]  ? oom_killer_disable+0x280/0x280
[  933.972077][T14328]  mem_cgroup_out_of_memory+0x1d8/0x240
[  933.977623][T14328]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  933.983276][T14328]  ? do_raw_spin_unlock+0x57/0x270
[  933.988399][T14328]  ? _raw_spin_unlock+0x2d/0x50
[  933.993260][T14328]  try_charge+0xf4b/0x1440
[  933.997709][T14328]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  934.003253][T14328]  ? percpu_ref_tryget_live+0x111/0x290
[  934.008816][T14328]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  934.015064][T14328]  ? __kasan_check_read+0x11/0x20
[  934.020087][T14328]  ? get_mem_cgroup_from_mm+0x156/0x320
[  934.025622][T14328]  mem_cgroup_try_charge+0x136/0x590
[  934.030894][T14328]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  934.037128][T14328]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  934.042743][T14328]  __handle_mm_fault+0x1e34/0x3f20
[  934.047851][T14328]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  934.053406][T14328]  ? __kasan_check_read+0x11/0x20
[  934.058449][T14328]  handle_mm_fault+0x1b5/0x6c0
[  934.063204][T14328]  __get_user_pages+0x7d4/0x1b30
[  934.068136][T14328]  ? mark_held_locks+0xf0/0xf0
[  934.072892][T14328]  ? follow_page_mask+0x1cf0/0x1cf0
[  934.078078][T14328]  ? __mm_populate+0x270/0x380
[  934.082847][T14328]  ? __kasan_check_write+0x14/0x20
[  934.087976][T14328]  ? down_read+0x109/0x430
[  934.094042][T14328]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  934.100264][T14328]  populate_vma_page_range+0x20d/0x2a0
[  934.105703][T14328]  __mm_populate+0x204/0x380
[  934.110286][T14328]  ? populate_vma_page_range+0x2a0/0x2a0
[  934.115917][T14328]  ? __kasan_check_write+0x14/0x20
[  934.121024][T14328]  ? up_write+0x155/0x490
[  934.125347][T14328]  ? ns_capable_common+0x93/0x100
[  934.130395][T14328]  __x64_sys_mlockall+0x473/0x520
[  934.135421][T14328]  do_syscall_64+0xfa/0x760
[  934.139943][T14328]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  934.145825][T14328] RIP: 0033:0x4598e9
[  934.149700][T14328] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  934.169340][T14328] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  934.177762][T14328] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  934.185730][T14328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  934.193688][T14328] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  934.201645][T14328] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  934.209602][T14328] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  934.219309][T14328] memory: usage 307200kB, limit 307200kB, failcnt 289
[  934.226428][T14328] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  934.233271][T14328] Memory cgroup stats for /syz2:
[  934.233400][T14328] anon 301076480
[  934.233400][T14328] file 0
[  934.233400][T14328] kernel_stack 589824
[  934.233400][T14328] slab 9490432
[  934.233400][T14328] sock 0
[  934.233400][T14328] shmem 0
[  934.233400][T14328] file_mapped 0
[  934.233400][T14328] file_dirty 0
[  934.233400][T14328] file_writeback 0
[  934.233400][T14328] anon_thp 268435456
[  934.233400][T14328] inactive_anon 267182080
[  934.233400][T14328] active_anon 2539520
[  934.233400][T14328] inactive_file 0
[  934.233400][T14328] active_file 0
[  934.233400][T14328] unevictable 31584256
[  934.233400][T14328] slab_reclaimable 3108864
[  934.233400][T14328] slab_unreclaimable 6381568
[  934.233400][T14328] pgfault 36102
[  934.233400][T14328] pgmajfault 0
[  934.233400][T14328] workingset_refault 0
[  934.233400][T14328] workingset_activate 0
[  934.233400][T14328] workingset_nodereclaim 0
[  934.233400][T14328] pgrefill 100
[  934.233400][T14328] pgscan 132
[  934.233400][T14328] pgsteal 0
[  934.233400][T14328] pgactivate 66
[  934.329580][T14328] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14319,uid=0
[  934.345841][T14328] Memory cgroup out of memory: Killed process 14319 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  934.374489][T14332] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  934.401456][ T1066] oom_reaper: reaped process 14319 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  934.415138][T14332] CPU: 1 PID: 14332 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[  934.424248][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  934.434302][T14332] Call Trace:
[  934.437597][T14332]  dump_stack+0x172/0x1f0
[  934.441931][T14332]  dump_header+0x177/0x1152
[  934.446479][T14332]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  934.452278][T14332]  ? ___ratelimit+0x2c8/0x595
[  934.456953][T14332]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  934.462856][T14332]  ? lockdep_hardirqs_on+0x418/0x5d0
[  934.468150][T14332]  ? trace_hardirqs_on+0x67/0x240
[  934.473173][T14332]  ? pagefault_out_of_memory+0x11c/0x11c
[  934.478802][T14332]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  934.484613][T14332]  ? ___ratelimit+0x60/0x595
[  934.489204][T14332]  ? do_raw_spin_unlock+0x57/0x270
[  934.494325][T14332]  oom_kill_process.cold+0x10/0x15
[  934.499437][T14332]  out_of_memory+0x334/0x1340
[  934.504126][T14332]  ? lock_downgrade+0x920/0x920
21:56:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  934.508992][T14332]  ? oom_killer_disable+0x280/0x280
[  934.514209][T14332]  mem_cgroup_out_of_memory+0x1d8/0x240
[  934.519763][T14332]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  934.525425][T14332]  ? do_raw_spin_unlock+0x57/0x270
[  934.530545][T14332]  ? _raw_spin_unlock+0x2d/0x50
[  934.535413][T14332]  try_charge+0xf4b/0x1440
[  934.539843][T14332]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  934.545392][T14332]  ? percpu_ref_tryget_live+0x111/0x290
[  934.550945][T14332]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  934.557176][T14332]  ? __kasan_check_read+0x11/0x20
[  934.562198][T14332]  ? get_mem_cgroup_from_mm+0x156/0x320
[  934.567750][T14332]  mem_cgroup_try_charge+0x136/0x590
[  934.573028][T14332]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  934.579253][T14332]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  934.584870][T14332]  __handle_mm_fault+0x1e34/0x3f20
[  934.589978][T14332]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  934.595531][T14332]  ? __kasan_check_read+0x11/0x20
[  934.600541][T14332]  handle_mm_fault+0x1b5/0x6c0
[  934.605288][T14332]  __get_user_pages+0x7d4/0x1b30
[  934.610205][T14332]  ? mark_held_locks+0xf0/0xf0
[  934.614969][T14332]  ? follow_page_mask+0x1cf0/0x1cf0
[  934.620163][T14332]  ? __mm_populate+0x270/0x380
[  934.624925][T14332]  ? __kasan_check_write+0x14/0x20
[  934.630016][T14332]  ? down_read+0x109/0x430
[  934.634428][T14332]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  934.640670][T14332]  populate_vma_page_range+0x20d/0x2a0
[  934.646112][T14332]  __mm_populate+0x204/0x380
[  934.650686][T14332]  ? populate_vma_page_range+0x2a0/0x2a0
[  934.656298][T14332]  ? __kasan_check_write+0x14/0x20
[  934.661387][T14332]  ? up_write+0x155/0x490
[  934.665694][T14332]  ? ns_capable_common+0x93/0x100
[  934.670713][T14332]  __x64_sys_mlockall+0x473/0x520
[  934.675731][T14332]  do_syscall_64+0xfa/0x760
[  934.680308][T14332]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  934.686189][T14332] RIP: 0033:0x4598e9
[  934.690064][T14332] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  934.709648][T14332] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  934.718040][T14332] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  934.725997][T14332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  934.733954][T14332] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  934.741949][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[  934.749915][T14332] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:56:12 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634", 0xc5}])

[  934.758589][T14332] memory: usage 307200kB, limit 307200kB, failcnt 19
[  934.767470][T14332] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  934.792894][T14332] Memory cgroup stats for /syz4:
[  934.793006][T14332] anon 301613056
[  934.793006][T14332] file 77824
[  934.793006][T14332] kernel_stack 589824
[  934.793006][T14332] slab 9080832
[  934.793006][T14332] sock 225280
[  934.793006][T14332] shmem 0
[  934.793006][T14332] file_mapped 0
[  934.793006][T14332] file_dirty 0
[  934.793006][T14332] file_writeback 0
[  934.793006][T14332] anon_thp 270532608
[  934.793006][T14332] inactive_anon 254550016
[  934.793006][T14332] active_anon 2330624
[  934.793006][T14332] inactive_file 135168
[  934.793006][T14332] active_file 0
[  934.793006][T14332] unevictable 44810240
[  934.793006][T14332] slab_reclaimable 2838528
[  934.793006][T14332] slab_unreclaimable 6242304
[  934.793006][T14332] pgfault 30591
[  934.793006][T14332] pgmajfault 0
[  934.793006][T14332] workingset_refault 0
[  934.793006][T14332] workingset_activate 0
[  934.793006][T14332] workingset_nodereclaim 0
[  934.793006][T14332] pgrefill 33
[  934.793006][T14332] pgscan 33
[  934.793006][T14332] pgsteal 0
[  934.889344][T14332] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14312,uid=0
21:56:12 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  934.905431][T14332] Memory cgroup out of memory: Killed process 14312 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[  934.931877][ T1066] oom_reaper: reaped process 14312 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  934.943480][T14335] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
21:56:12 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634", 0xc5}])

[  934.978908][T14335] CPU: 1 PID: 14335 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  934.988052][T14335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  934.999584][T14335] Call Trace:
[  935.002885][T14335]  dump_stack+0x172/0x1f0
[  935.007224][T14335]  dump_header+0x177/0x1152
[  935.011729][T14335]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  935.017538][T14335]  ? ___ratelimit+0x2c8/0x595
[  935.022221][T14335]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  935.028043][T14335]  ? lockdep_hardirqs_on+0x418/0x5d0
[  935.033333][T14335]  ? trace_hardirqs_on+0x67/0x240
[  935.038362][T14335]  ? pagefault_out_of_memory+0x11c/0x11c
[  935.044033][T14335]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  935.049846][T14335]  ? ___ratelimit+0x60/0x595
[  935.054439][T14335]  ? do_raw_spin_unlock+0x57/0x270
[  935.059699][T14335]  oom_kill_process.cold+0x10/0x15
[  935.064828][T14335]  out_of_memory+0x334/0x1340
[  935.069510][T14335]  ? lock_downgrade+0x920/0x920
[  935.074360][T14335]  ? oom_killer_disable+0x280/0x280
[  935.079577][T14335]  mem_cgroup_out_of_memory+0x1d8/0x240
[  935.085131][T14335]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  935.090790][T14335]  ? do_raw_spin_unlock+0x57/0x270
[  935.095944][T14335]  ? _raw_spin_unlock+0x2d/0x50
[  935.100796][T14335]  try_charge+0xf4b/0x1440
[  935.105227][T14335]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  935.110778][T14335]  ? find_held_lock+0x35/0x130
[  935.115543][T14335]  ? get_mem_cgroup_from_mm+0x139/0x320
[  935.115564][T14335]  ? lock_downgrade+0x920/0x920
[  935.115577][T14335]  ? percpu_ref_tryget_live+0x111/0x290
[  935.115597][T14335]  __memcg_kmem_charge_memcg+0x71/0xf0
[  935.115613][T14335]  ? memcg_kmem_put_cache+0x50/0x50
[  935.115630][T14335]  ? get_mem_cgroup_from_mm+0x156/0x320
[  935.115648][T14335]  __memcg_kmem_charge+0x13a/0x3a0
[  935.115670][T14335]  __alloc_pages_nodemask+0x4f7/0x900
[  935.131587][T14335]  ? __pmd_alloc+0x377/0x460
[  935.142208][T14335]  ? __alloc_pages_slowpath+0x2540/0x2540
[  935.142230][T14335]  ? rwlock_bug.part.0+0x90/0x90
[  935.142252][T14335]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  935.142277][T14335]  alloc_pages_current+0x107/0x210
[  935.164563][T14335]  pte_alloc_one+0x1b/0x1a0
[  935.164583][T14335]  __pte_alloc+0x20/0x310
[  935.164600][T14335]  copy_page_range+0x14da/0x1ed0
[  935.164628][T14335]  ? find_held_lock+0x35/0x130
[  935.164652][T14335]  ? pmd_alloc+0x180/0x180
[  935.164667][T14335]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  935.164685][T14335]  ? vma_compute_subtree_gap+0x158/0x230
[  935.175327][T14335]  ? validate_mm_rb+0xa3/0xc0
[  935.175346][T14335]  ? __vma_link_rb+0x5ad/0x770
[  935.175371][T14335]  dup_mm+0xa67/0x1430
[  935.175399][T14335]  ? vm_area_dup+0x170/0x170
[  935.175415][T14335]  ? debug_mutex_init+0x2d/0x60
[  935.175436][T14335]  copy_process+0x2671/0x6830
[  935.175467][T14335]  ? __cleanup_sighand+0x60/0x60
[  935.253463][T14335]  ? __might_fault+0x12b/0x1e0
[  935.258232][T14335]  ? __might_fault+0x12b/0x1e0
[  935.263006][T14335]  _do_fork+0x146/0xfa0
[  935.267168][T14335]  ? copy_init_mm+0x20/0x20
[  935.271680][T14335]  ? __kasan_check_read+0x11/0x20
21:56:12 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  935.276706][T14335]  ? _copy_to_user+0x118/0x160
[  935.281489][T14335]  __x64_sys_clone+0x1ab/0x270
[  935.286259][T14335]  ? __ia32_sys_vfork+0xd0/0xd0
[  935.291122][T14335]  ? do_syscall_64+0x26/0x760
[  935.295804][T14335]  ? lockdep_hardirqs_on+0x418/0x5d0
[  935.301099][T14335]  ? trace_hardirqs_on+0x67/0x240
[  935.306136][T14335]  do_syscall_64+0xfa/0x760
[  935.310725][T14335]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  935.316611][T14335] RIP: 0033:0x4598e9
[  935.320512][T14335] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  935.340122][T14335] RSP: 002b:00007f11e8493c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  935.348530][T14335] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004598e9
[  935.348538][T14335] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000
[  935.348546][T14335] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[  935.348554][T14335] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84946d4
[  935.348562][T14335] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 00000000ffffffff
[  935.363856][T14335] memory: usage 307200kB, limit 307200kB, failcnt 696
[  935.395968][T14335] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  935.409774][T14335] Memory cgroup stats for /syz1:
[  935.409897][T14335] anon 299634688
[  935.409897][T14335] file 40960
[  935.409897][T14335] kernel_stack 851968
[  935.409897][T14335] slab 10166272
[  935.409897][T14335] sock 4096
[  935.409897][T14335] shmem 0
[  935.409897][T14335] file_mapped 0
[  935.409897][T14335] file_dirty 0
[  935.409897][T14335] file_writeback 0
[  935.409897][T14335] anon_thp 266338304
[  935.409897][T14335] inactive_anon 206872576
[  935.409897][T14335] active_anon 15622144
[  935.409897][T14335] inactive_file 0
[  935.409897][T14335] active_file 0
[  935.409897][T14335] unevictable 77381632
[  935.409897][T14335] slab_reclaimable 2838528
[  935.409897][T14335] slab_unreclaimable 7327744
[  935.409897][T14335] pgfault 52536
[  935.409897][T14335] pgmajfault 0
[  935.409897][T14335] workingset_refault 0
[  935.409897][T14335] workingset_activate 0
[  935.409897][T14335] workingset_nodereclaim 0
[  935.409897][T14335] pgrefill 168
[  935.409897][T14335] pgscan 200
[  935.409897][T14335] pgsteal 0
21:56:12 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  935.609172][T14335] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14326,uid=0
[  935.643198][T14335] Memory cgroup out of memory: Killed process 14326 (syz-executor.1) total-vm:72708kB, anon-rss:18140kB, file-rss:53368kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
[  935.663987][T14336] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[  935.683755][T14336] CPU: 1 PID: 14336 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  935.692992][T14336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  935.703047][T14336] Call Trace:
[  935.706348][T14336]  dump_stack+0x172/0x1f0
[  935.710684][T14336]  dump_header+0x177/0x1152
[  935.715196][T14336]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  935.721001][T14336]  ? ___ratelimit+0x2c8/0x595
[  935.725677][T14336]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  935.731488][T14336]  ? lockdep_hardirqs_on+0x418/0x5d0
[  935.736771][T14336]  ? trace_hardirqs_on+0x67/0x240
[  935.741892][T14336]  ? pagefault_out_of_memory+0x11c/0x11c
[  935.747528][T14336]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  935.753338][T14336]  ? ___ratelimit+0x60/0x595
[  935.757939][T14336]  ? do_raw_spin_unlock+0x57/0x270
[  935.763055][T14336]  oom_kill_process.cold+0x10/0x15
[  935.768169][T14336]  out_of_memory+0x334/0x1340
[  935.772846][T14336]  ? lock_downgrade+0x920/0x920
[  935.772873][T14336]  ? oom_killer_disable+0x280/0x280
[  935.782926][T14336]  mem_cgroup_out_of_memory+0x1d8/0x240
[  935.788470][T14336]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  935.788492][T14336]  ? do_raw_spin_unlock+0x57/0x270
[  935.788515][T14336]  ? _raw_spin_unlock+0x2d/0x50
[  935.804054][T14336]  try_charge+0xf4b/0x1440
[  935.804080][T14336]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  935.804094][T14336]  ? find_held_lock+0x35/0x130
[  935.804109][T14336]  ? get_mem_cgroup_from_mm+0x139/0x320
[  935.804128][T14336]  ? lock_downgrade+0x920/0x920
[  935.804146][T14336]  ? percpu_ref_tryget_live+0x111/0x290
[  935.814166][T14336]  __memcg_kmem_charge_memcg+0x71/0xf0
[  935.814182][T14336]  ? memcg_kmem_put_cache+0x50/0x50
[  935.814201][T14336]  ? get_mem_cgroup_from_mm+0x156/0x320
[  935.814220][T14336]  __memcg_kmem_charge+0x13a/0x3a0
[  935.814238][T14336]  __alloc_pages_nodemask+0x4f7/0x900
[  935.856146][T14336]  ? __pmd_alloc+0x377/0x460
[  935.866063][T14336]  ? __alloc_pages_slowpath+0x2540/0x2540
[  935.866082][T14336]  ? rwlock_bug.part.0+0x90/0x90
[  935.866103][T14336]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  935.866121][T14336]  alloc_pages_current+0x107/0x210
[  935.866137][T14336]  pte_alloc_one+0x1b/0x1a0
[  935.866152][T14336]  __pte_alloc+0x20/0x310
[  935.866169][T14336]  copy_page_range+0x14da/0x1ed0
[  935.866209][T14336]  ? pmd_alloc+0x180/0x180
[  935.906269][T14336]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  935.912009][T14336]  ? vma_compute_subtree_gap+0x158/0x230
[  935.917657][T14336]  ? validate_mm_rb+0xa3/0xc0
[  935.922339][T14336]  ? __vma_link_rb+0x5ad/0x770
[  935.927102][T14336]  ? anon_vma_fork+0xd4/0x4a0
[  935.931793][T14336]  dup_mm+0xa67/0x1430
[  935.935878][T14336]  ? vm_area_dup+0x170/0x170
[  935.940481][T14336]  ? debug_mutex_init+0x2d/0x60
[  935.945346][T14336]  copy_process+0x2671/0x6830
[  935.950053][T14336]  ? __cleanup_sighand+0x60/0x60
[  935.954995][T14336]  ? __might_fault+0x12b/0x1e0
[  935.959766][T14336]  ? __might_fault+0x12b/0x1e0
[  935.964547][T14336]  _do_fork+0x146/0xfa0
[  935.968709][T14336]  ? copy_init_mm+0x20/0x20
[  935.973224][T14336]  ? __kasan_check_read+0x11/0x20
[  935.978249][T14336]  ? _copy_to_user+0x118/0x160
[  935.983028][T14336]  __x64_sys_clone+0x1ab/0x270
[  935.987808][T14336]  ? __ia32_sys_vfork+0xd0/0xd0
[  935.992659][T14336]  ? do_syscall_64+0x26/0x760
[  935.997320][T14336]  ? lockdep_hardirqs_on+0x418/0x5d0
[  936.002587][T14336]  ? trace_hardirqs_on+0x67/0x240
[  936.007604][T14336]  do_syscall_64+0xfa/0x760
[  936.012096][T14336]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  936.017979][T14336] RIP: 0033:0x4598e9
[  936.021865][T14336] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  936.041548][T14336] RSP: 002b:00007f685c88bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  936.049943][T14336] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004598e9
[  936.057900][T14336] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000
[  936.065853][T14336] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[  936.073803][T14336] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c88c6d4
[  936.081773][T14336] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 00000000ffffffff
[  936.090717][T14336] memory: usage 307032kB, limit 307200kB, failcnt 318
[  936.097587][T14336] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  936.104660][T14336] Memory cgroup stats for /syz2:
[  936.104775][T14336] anon 300875776
[  936.104775][T14336] file 0
[  936.104775][T14336] kernel_stack 655360
[  936.104775][T14336] slab 9490432
[  936.104775][T14336] sock 0
[  936.104775][T14336] shmem 0
[  936.104775][T14336] file_mapped 0
[  936.104775][T14336] file_dirty 0
[  936.104775][T14336] file_writeback 0
[  936.104775][T14336] anon_thp 268435456
[  936.104775][T14336] inactive_anon 248520704
[  936.104775][T14336] active_anon 2539520
[  936.104775][T14336] inactive_file 0
[  936.104775][T14336] active_file 0
[  936.104775][T14336] unevictable 50081792
[  936.104775][T14336] slab_reclaimable 3108864
[  936.104775][T14336] slab_unreclaimable 6381568
[  936.104775][T14336] pgfault 37323
[  936.104775][T14336] pgmajfault 0
[  936.104775][T14336] workingset_refault 0
[  936.104775][T14336] workingset_activate 0
[  936.104775][T14336] workingset_nodereclaim 0
[  936.104775][T14336] pgrefill 133
[  936.104775][T14336] pgscan 132
[  936.104775][T14336] pgsteal 0
[  936.104775][T14336] pgactivate 99
[  936.201826][T14336] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14327,uid=0
[  936.219690][T14336] Memory cgroup out of memory: Killed process 14327 (syz-executor.2) total-vm:72708kB, anon-rss:17936kB, file-rss:53364kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
21:56:17 executing program 5:
shmget(0x2, 0x1000, 0x0, &(0x7f000096d000/0x1000)=nil)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
connect$rxrpc(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x101002, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000002c0)=""/246)
r1 = memfd_create(&(0x7f0000000280)='^\x00', 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
sendfile(r0, r1, 0x0, 0x102002700)

21:56:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634", 0xc5}])

21:56:17 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:17 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:17 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23a", 0xc7}])

21:56:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23a", 0xc7}])

[  940.476451][T14379] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  940.527122][T14379] CPU: 1 PID: 14379 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  940.536279][T14379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  940.546375][T14379] Call Trace:
[  940.549679][T14379]  dump_stack+0x172/0x1f0
[  940.554022][T14379]  dump_header+0x177/0x1152
[  940.558539][T14379]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  940.564348][T14379]  ? ___ratelimit+0x2c8/0x595
[  940.569032][T14379]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  940.574843][T14379]  ? lockdep_hardirqs_on+0x418/0x5d0
[  940.580137][T14379]  ? trace_hardirqs_on+0x67/0x240
[  940.585171][T14379]  ? pagefault_out_of_memory+0x11c/0x11c
[  940.590810][T14379]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  940.596629][T14379]  ? ___ratelimit+0x60/0x595
[  940.601222][T14379]  ? do_raw_spin_unlock+0x57/0x270
[  940.606356][T14379]  oom_kill_process.cold+0x10/0x15
[  940.611468][T14379]  out_of_memory+0x334/0x1340
[  940.616137][T14379]  ? lock_downgrade+0x920/0x920
[  940.616156][T14379]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  940.616171][T14379]  ? oom_killer_disable+0x280/0x280
[  940.616194][T14379]  mem_cgroup_out_of_memory+0x1d8/0x240
[  940.616208][T14379]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  940.616225][T14379]  ? do_raw_spin_unlock+0x57/0x270
[  940.648292][T14379]  ? _raw_spin_unlock+0x2d/0x50
[  940.653159][T14379]  try_charge+0xf4b/0x1440
[  940.657592][T14379]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  940.663137][T14379]  ? percpu_ref_tryget_live+0x111/0x290
[  940.668699][T14379]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  940.674955][T14379]  ? __kasan_check_read+0x11/0x20
[  940.680599][T14379]  ? get_mem_cgroup_from_mm+0x156/0x320
[  940.686153][T14379]  mem_cgroup_try_charge+0x136/0x590
[  940.691445][T14379]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  940.697691][T14379]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  940.703348][T14379]  wp_page_copy+0x41e/0x1590
[  940.707975][T14379]  ? find_held_lock+0x35/0x130
[  940.712750][T14379]  ? pmd_pfn+0x1d0/0x1d0
[  940.717005][T14379]  ? lock_downgrade+0x920/0x920
[  940.721868][T14379]  ? swp_swapcount+0x540/0x540
21:56:17 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:17 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  940.726644][T14379]  ? __kasan_check_read+0x11/0x20
[  940.731688][T14379]  ? do_raw_spin_unlock+0x57/0x270
[  940.736817][T14379]  do_wp_page+0x499/0x14d0
[  940.741251][T14379]  ? finish_mkwrite_fault+0x570/0x570
[  940.746639][T14379]  __handle_mm_fault+0x22f1/0x3f20
[  940.751768][T14379]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  940.757334][T14379]  ? __kasan_check_read+0x11/0x20
[  940.762369][T14379]  handle_mm_fault+0x1b5/0x6c0
[  940.767142][T14379]  __do_page_fault+0x536/0xdd0
[  940.771921][T14379]  do_page_fault+0x38/0x590
[  940.776431][T14379]  page_fault+0x39/0x40
[  940.780578][T14379] RIP: 0033:0x404e59
[  940.784451][T14379] Code: 66 00 39 45 24 0f 84 a6 01 00 00 80 3d 47 b6 66 00 00 74 0e 48 8b 85 90 00 00 00 48 c7 00 00 00 00 00 e8 8a f3 00 00 49 89 c4 <c7> 00 00 00 00 00 49 8b 46 10 48 85 c0 0f 84 3c 01 00 00 48 83 ec
[  940.804044][T14379] RSP: 002b:00007f11e8493c90 EFLAGS: 00010207
[  940.810107][T14379] RAX: 00007f11e84946d4 RBX: 0000000000000003 RCX: 0000000000000003
[  940.818128][T14379] RDX: 00000000000acc42 RSI: 0000000000000000 RDI: 00000000004be22e
[  940.826082][T14379] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  940.834121][T14379] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84946d4
[  940.842078][T14379] R13: 00000000004c282b R14: 00000000004d5eb0 R15: 00000000ffffffff
[  940.869668][T14379] memory: usage 307200kB, limit 307200kB, failcnt 763
[  940.877714][T14379] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  940.891303][T14379] Memory cgroup stats for /syz1:
[  940.891433][T14379] anon 299634688
[  940.891433][T14379] file 40960
[  940.891433][T14379] kernel_stack 786432
[  940.891433][T14379] slab 9797632
[  940.891433][T14379] sock 4096
[  940.891433][T14379] shmem 0
[  940.891433][T14379] file_mapped 0
[  940.891433][T14379] file_dirty 0
[  940.891433][T14379] file_writeback 0
[  940.891433][T14379] anon_thp 266338304
[  940.891433][T14379] inactive_anon 208965632
[  940.891433][T14379] active_anon 15679488
[  940.891433][T14379] inactive_file 0
[  940.891433][T14379] active_file 0
[  940.891433][T14379] unevictable 75284480
[  940.891433][T14379] slab_reclaimable 2838528
[  940.891433][T14379] slab_unreclaimable 6959104
[  940.891433][T14379] pgfault 53361
[  940.891433][T14379] pgmajfault 0
[  940.891433][T14379] workingset_refault 0
[  940.891433][T14379] workingset_activate 0
[  940.891433][T14379] workingset_nodereclaim 0
[  940.891433][T14379] pgrefill 201
[  940.891433][T14379] pgscan 233
[  940.891433][T14379] pgsteal 0
[  940.987044][T14379] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14365,uid=0
[  941.003586][T14379] Memory cgroup out of memory: Killed process 14365 (syz-executor.1) total-vm:72708kB, anon-rss:18200kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
21:56:26 executing program 5:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, 0x0)

21:56:26 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)="10000040050000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23a", 0xc7}])

21:56:26 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:26 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  949.439968][T14412] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  949.482284][T14412] CPU: 1 PID: 14412 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  949.491606][T14412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  949.491614][T14412] Call Trace:
[  949.491641][T14412]  dump_stack+0x172/0x1f0
[  949.491665][T14412]  dump_header+0x177/0x1152
[  949.491689][T14412]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  949.521058][T14412]  ? ___ratelimit+0x2c8/0x595
[  949.521077][T14412]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  949.521098][T14412]  ? lockdep_hardirqs_on+0x418/0x5d0
[  949.521116][T14412]  ? trace_hardirqs_on+0x67/0x240
[  949.521137][T14412]  ? pagefault_out_of_memory+0x11c/0x11c
[  949.521155][T14412]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  949.521171][T14412]  ? ___ratelimit+0x60/0x595
[  949.521185][T14412]  ? do_raw_spin_unlock+0x57/0x270
[  949.521205][T14412]  oom_kill_process.cold+0x10/0x15
[  949.521226][T14412]  out_of_memory+0x334/0x1340
21:56:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000000)={{0x80}, 'port1\x00', 0x97})
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000240)={{0x0, 0x1}, {0x80}})
memfd_create(0x0, 0x0)
read(r1, &(0x7f00000000c0)=""/125, 0x7d)

[  949.521242][T14412]  ? lock_downgrade+0x920/0x920
[  949.521262][T14412]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  949.521282][T14412]  ? oom_killer_disable+0x280/0x280
[  949.567343][T14412]  mem_cgroup_out_of_memory+0x1d8/0x240
[  949.580988][T14412]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  949.581013][T14412]  ? do_raw_spin_unlock+0x57/0x270
[  949.613419][T14412]  ? _raw_spin_unlock+0x2d/0x50
[  949.618293][T14412]  try_charge+0xf4b/0x1440
[  949.622735][T14412]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  949.629437][T14412]  ? percpu_ref_tryget_live+0x111/0x290
[  949.635152][T14412]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  949.642212][T14412]  ? __kasan_check_read+0x11/0x20
[  949.649033][T14412]  ? get_mem_cgroup_from_mm+0x156/0x320
[  949.654613][T14412]  mem_cgroup_try_charge+0x136/0x590
[  949.660065][T14412]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  949.666731][T14412]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  949.673273][T14412]  __handle_mm_fault+0x1e34/0x3f20
21:56:26 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  949.678442][T14412]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  949.684037][T14412]  ? __kasan_check_read+0x11/0x20
[  949.689107][T14412]  handle_mm_fault+0x1b5/0x6c0
[  949.694098][T14412]  __get_user_pages+0x7d4/0x1b30
[  949.699075][T14412]  ? mark_held_locks+0xf0/0xf0
[  949.703871][T14412]  ? follow_page_mask+0x1cf0/0x1cf0
[  949.709315][T14412]  ? __mm_populate+0x270/0x380
[  949.714922][T14412]  ? __kasan_check_write+0x14/0x20
[  949.720195][T14412]  ? down_read+0x109/0x430
[  949.724631][T14412]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
21:56:27 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  949.731008][T14412]  populate_vma_page_range+0x20d/0x2a0
[  949.736553][T14412]  __mm_populate+0x204/0x380
[  949.742741][T14412]  ? populate_vma_page_range+0x2a0/0x2a0
[  949.752229][T14412]  ? __kasan_check_write+0x14/0x20
[  949.758227][T14412]  ? up_write+0x155/0x490
[  949.762572][T14412]  ? ns_capable_common+0x93/0x100
[  949.768244][T14412]  __x64_sys_mlockall+0x473/0x520
[  949.774735][T14412]  do_syscall_64+0xfa/0x760
21:56:27 executing program 3:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0x9, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0xc3, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="10000040060000000000000000000000b22025285db74192e7576d9062ec6e2fa5733f8ff248691861d03a71091d334252afb1af5b8f0274c2ed58338226131291198f3d70dcf797ac42d0eeed042c06b56b89f02f92b12ebe4c45948a362a76def2f4955f100a13131f474b140942110257e173cea102775e1b3873ebf98dac6421f6d449544114b8ce29f4b48d1738b5be127a96f24c9d3c130e1a6c2eb5b3f12eb6a1f5051594545cbb895e65d83c08d2d6cd56694e5a6c00f54aceaf498f57b2a56634a23ae7", 0x40000010}])

[  949.779274][T14412]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  949.785201][T14412] RIP: 0033:0x4598e9
[  949.789109][T14412] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  949.810273][T14412] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  949.810298][T14412] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  949.827102][T14412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  949.835114][T14412] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  949.835124][T14412] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  949.835130][T14412] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:56:27 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  949.900150][T14412] memory: usage 307176kB, limit 307200kB, failcnt 353
[  949.915948][T14412] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  949.922830][T14412] Memory cgroup stats for /syz2:
[  949.922946][T14412] anon 301899776
[  949.922946][T14412] file 0
[  949.922946][T14412] kernel_stack 589824
[  949.922946][T14412] slab 8835072
[  949.922946][T14412] sock 0
[  949.922946][T14412] shmem 0
[  949.922946][T14412] file_mapped 0
[  949.922946][T14412] file_dirty 0
[  949.922946][T14412] file_writeback 0
[  949.922946][T14412] anon_thp 270532608
[  949.922946][T14412] inactive_anon 267165696
[  949.922946][T14412] active_anon 2400256
[  949.922946][T14412] inactive_file 0
[  949.922946][T14412] active_file 0
[  949.922946][T14412] unevictable 32235520
[  949.922946][T14412] slab_reclaimable 3108864
[  949.922946][T14412] slab_unreclaimable 5726208
[  949.922946][T14412] pgfault 38445
[  949.922946][T14412] pgmajfault 0
[  949.922946][T14412] workingset_refault 0
[  949.922946][T14412] workingset_activate 0
[  949.922946][T14412] workingset_nodereclaim 0
[  949.922946][T14412] pgrefill 133
[  949.922946][T14412] pgscan 132
[  949.922946][T14412] pgsteal 0
[  949.922946][T14412] pgactivate 99
[  950.037356][T14412] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14384,uid=0
[  950.078726][T14412] Memory cgroup out of memory: Killed process 14384 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  950.124857][T14414] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  950.138772][ T1066] oom_reaper: reaped process 14384 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  950.163787][T14414] CPU: 1 PID: 14414 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  950.173069][T14414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  950.183476][T14414] Call Trace:
[  950.186795][T14414]  dump_stack+0x172/0x1f0
[  950.192185][T14414]  dump_header+0x177/0x1152
[  950.196821][T14414]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  950.202664][T14414]  ? ___ratelimit+0x2c8/0x595
[  950.207952][T14414]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  950.213903][T14414]  ? lockdep_hardirqs_on+0x418/0x5d0
[  950.219283][T14414]  ? trace_hardirqs_on+0x67/0x240
[  950.224335][T14414]  ? pagefault_out_of_memory+0x11c/0x11c
[  950.229971][T14414]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  950.235778][T14414]  ? ___ratelimit+0x60/0x595
[  950.240368][T14414]  ? do_raw_spin_unlock+0x57/0x270
[  950.245499][T14414]  oom_kill_process.cold+0x10/0x15
[  950.250612][T14414]  out_of_memory+0x334/0x1340
[  950.255285][T14414]  ? lock_downgrade+0x920/0x920
[  950.260140][T14414]  ? oom_killer_disable+0x280/0x280
[  950.265347][T14414]  mem_cgroup_out_of_memory+0x1d8/0x240
[  950.270891][T14414]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  950.276528][T14414]  ? do_raw_spin_unlock+0x57/0x270
[  950.281638][T14414]  ? _raw_spin_unlock+0x2d/0x50
[  950.287083][T14414]  try_charge+0xf4b/0x1440
[  950.291554][T14414]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  950.297142][T14414]  ? percpu_ref_tryget_live+0x111/0x290
[  950.302763][T14414]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  950.309052][T14414]  ? __kasan_check_read+0x11/0x20
[  950.314127][T14414]  ? get_mem_cgroup_from_mm+0x156/0x320
[  950.320050][T14414]  mem_cgroup_try_charge+0x136/0x590
[  950.320074][T14414]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  950.320094][T14414]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  950.320120][T14414]  __handle_mm_fault+0x1e34/0x3f20
[  950.333412][T14414]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  950.333452][T14414]  ? __kasan_check_read+0x11/0x20
[  950.355860][T14414]  handle_mm_fault+0x1b5/0x6c0
[  950.360656][T14414]  __get_user_pages+0x7d4/0x1b30
[  950.365770][T14414]  ? mark_held_locks+0xf0/0xf0
[  950.372365][T14414]  ? follow_page_mask+0x1cf0/0x1cf0
[  950.377884][T14414]  ? __mm_populate+0x270/0x380
[  950.382702][T14414]  ? __kasan_check_write+0x14/0x20
[  950.388751][T14414]  ? down_read+0x109/0x430
[  950.393187][T14414]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  950.399626][T14414]  populate_vma_page_range+0x20d/0x2a0
[  950.406117][T14414]  __mm_populate+0x204/0x380
[  950.406136][T14414]  ? populate_vma_page_range+0x2a0/0x2a0
[  950.406151][T14414]  ? __kasan_check_write+0x14/0x20
[  950.406164][T14414]  ? up_write+0x155/0x490
[  950.406184][T14414]  ? ns_capable_common+0x93/0x100
[  950.432373][T14414]  __x64_sys_mlockall+0x473/0x520
[  950.437429][T14414]  do_syscall_64+0xfa/0x760
[  950.442084][T14414]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  950.448154][T14414] RIP: 0033:0x4598e9
[  950.452468][T14414] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  950.472943][T14414] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  950.482458][T14414] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  950.490544][T14414] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  950.499668][T14414] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  950.507758][T14414] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  950.516290][T14414] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  950.529089][T14414] memory: usage 307056kB, limit 307200kB, failcnt 819
[  950.546927][T14414] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  950.556265][T14414] Memory cgroup stats for /syz1:
[  950.556396][T14414] anon 299905024
[  950.556396][T14414] file 40960
[  950.556396][T14414] kernel_stack 851968
[  950.556396][T14414] slab 9633792
[  950.556396][T14414] sock 4096
[  950.556396][T14414] shmem 0
[  950.556396][T14414] file_mapped 0
[  950.556396][T14414] file_dirty 0
[  950.556396][T14414] file_writeback 0
[  950.556396][T14414] anon_thp 266338304
[  950.556396][T14414] inactive_anon 225542144
[  950.556396][T14414] active_anon 15544320
[  950.556396][T14414] inactive_file 0
[  950.556396][T14414] active_file 0
[  950.556396][T14414] unevictable 59121664
[  950.556396][T14414] slab_reclaimable 2838528
[  950.556396][T14414] slab_unreclaimable 6795264
[  950.556396][T14414] pgfault 53493
[  950.556396][T14414] pgmajfault 0
[  950.556396][T14414] workingset_refault 0
[  950.556396][T14414] workingset_activate 0
[  950.556396][T14414] workingset_nodereclaim 0
[  950.556396][T14414] pgrefill 201
[  950.556396][T14414] pgscan 233
[  950.556396][T14414] pgsteal 0
[  950.658847][T14414] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14382,uid=0
[  950.676336][T14414] Memory cgroup out of memory: Killed process 14382 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  950.705001][ T1066] oom_reaper: reaped process 14382 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:56:33 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000005d00)={&(0x7f0000000080)=@newlink={0x38, 0x12, 0xd0f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, 0x33e0}]}, 0x38}}, 0x0)

21:56:33 executing program 4:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:33 executing program 3:
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x442000, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x800002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f00000000c0)="0f20d86635200000000f22d826d33566b91109000066b80060000066ba000000000f306766c74424000d0000006766c7442402f60000006766c744240600000000670f0114246766c74424003f8c00006766c7442402e4d400006766c744240600000000670f011424660f38827500b8dd000f00d80f21f30f01c3ddc3", 0x7d}], 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

21:56:33 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:33 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:33 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  956.659654][T14456] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  956.699512][T14456] CPU: 0 PID: 14456 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  956.708879][T14456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  956.719253][T14456] Call Trace:
[  956.722554][T14456]  dump_stack+0x172/0x1f0
[  956.726936][T14456]  dump_header+0x177/0x1152
[  956.732805][T14456]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  956.738610][T14456]  ? ___ratelimit+0x2c8/0x595
[  956.743306][T14456]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  956.750895][T14456]  ? lockdep_hardirqs_on+0x418/0x5d0
[  956.756236][T14456]  ? trace_hardirqs_on+0x67/0x240
[  956.762056][T14456]  ? pagefault_out_of_memory+0x11c/0x11c
[  956.767697][T14456]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  956.775874][T14456]  ? ___ratelimit+0x60/0x595
[  956.780852][T14456]  ? do_raw_spin_unlock+0x57/0x270
[  956.786198][T14456]  oom_kill_process.cold+0x10/0x15
[  956.791536][T14456]  out_of_memory+0x334/0x1340
[  956.797879][T14456]  ? lock_downgrade+0x920/0x920
[  956.802860][T14456]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  956.809890][T14456]  ? oom_killer_disable+0x280/0x280
[  956.815114][T14456]  mem_cgroup_out_of_memory+0x1d8/0x240
[  956.820718][T14456]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  956.826394][T14456]  ? do_raw_spin_unlock+0x57/0x270
[  956.831617][T14456]  ? _raw_spin_unlock+0x2d/0x50
[  956.836516][T14456]  try_charge+0xf4b/0x1440
[  956.841355][T14456]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  956.847271][T14456]  ? percpu_ref_tryget_live+0x111/0x290
[  956.854738][T14456]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.861459][T14456]  ? __kasan_check_read+0x11/0x20
[  956.866966][T14456]  ? get_mem_cgroup_from_mm+0x156/0x320
[  956.872980][T14456]  mem_cgroup_try_charge+0x136/0x590
[  956.880552][T14456]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  956.887392][T14456]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  956.893153][T14456]  __handle_mm_fault+0x1e34/0x3f20
[  956.898554][T14456]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  956.904235][T14456]  ? __kasan_check_read+0x11/0x20
[  956.909310][T14456]  handle_mm_fault+0x1b5/0x6c0
[  956.914267][T14456]  __get_user_pages+0x7d4/0x1b30
[  956.919413][T14456]  ? mark_held_locks+0xf0/0xf0
[  956.924214][T14456]  ? follow_page_mask+0x1cf0/0x1cf0
[  956.930274][T14456]  ? __mm_populate+0x270/0x380
[  956.935068][T14456]  ? __kasan_check_write+0x14/0x20
[  956.941601][T14456]  ? down_read+0x109/0x430
[  956.946026][T14456]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.953633][T14456]  populate_vma_page_range+0x20d/0x2a0
[  956.959128][T14456]  __mm_populate+0x204/0x380
[  956.963733][T14456]  ? populate_vma_page_range+0x2a0/0x2a0
[  956.971299][T14456]  ? __kasan_check_write+0x14/0x20
[  956.976581][T14456]  ? up_write+0x155/0x490
[  956.980944][T14456]  ? ns_capable_common+0x93/0x100
[  956.985977][T14456]  __x64_sys_mlockall+0x473/0x520
[  956.991384][T14456]  do_syscall_64+0xfa/0x760
[  956.996485][T14456]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  957.003021][T14456] RIP: 0033:0x4598e9
[  957.007228][T14456] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  957.027599][T14456] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  957.037378][T14456] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  957.045950][T14456] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  957.054800][T14456] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  957.062912][T14456] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  957.070884][T14456] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  957.091055][T14456] memory: usage 307200kB, limit 307200kB, failcnt 386
21:56:34 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  957.123675][T14456] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  957.130599][T14456] Memory cgroup stats for /syz2:
[  957.130728][T14456] anon 302092288
[  957.130728][T14456] file 0
[  957.130728][T14456] kernel_stack 589824
[  957.130728][T14456] slab 8630272
[  957.130728][T14456] sock 0
[  957.130728][T14456] shmem 0
[  957.130728][T14456] file_mapped 0
[  957.130728][T14456] file_dirty 0
[  957.130728][T14456] file_writeback 0
[  957.130728][T14456] anon_thp 268435456
21:56:34 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  957.130728][T14456] inactive_anon 267177984
[  957.130728][T14456] active_anon 2400256
[  957.130728][T14456] inactive_file 0
[  957.130728][T14456] active_file 0
[  957.130728][T14456] unevictable 32313344
[  957.130728][T14456] slab_reclaimable 3108864
[  957.130728][T14456] slab_unreclaimable 5521408
[  957.130728][T14456] pgfault 39831
[  957.130728][T14456] pgmajfault 0
[  957.130728][T14456] workingset_refault 0
[  957.130728][T14456] workingset_activate 0
[  957.130728][T14456] workingset_nodereclaim 0
[  957.130728][T14456] pgrefill 133
[  957.130728][T14456] pgscan 165
[  957.130728][T14456] pgsteal 0
[  957.130728][T14456] pgactivate 99
[  957.238770][T14456] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14441,uid=0
[  957.254855][T14456] Memory cgroup out of memory: Killed process 14441 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  957.284018][T14455] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  957.318896][T14455] CPU: 0 PID: 14455 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  957.328527][T14455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  957.339237][T14455] Call Trace:
[  957.342565][T14455]  dump_stack+0x172/0x1f0
[  957.348890][T14455]  dump_header+0x177/0x1152
[  957.353515][T14455]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  957.360441][T14455]  ? ___ratelimit+0x2c8/0x595
[  957.366488][T14455]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  957.374067][T14455]  ? lockdep_hardirqs_on+0x418/0x5d0
[  957.380577][T14455]  ? trace_hardirqs_on+0x67/0x240
[  957.386291][T14455]  ? pagefault_out_of_memory+0x11c/0x11c
[  957.392984][T14455]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  957.399321][T14455]  ? ___ratelimit+0x60/0x595
[  957.404089][T14455]  ? do_raw_spin_unlock+0x57/0x270
[  957.409550][T14455]  oom_kill_process.cold+0x10/0x15
[  957.414863][T14455]  out_of_memory+0x334/0x1340
[  957.419627][T14455]  ? lock_downgrade+0x920/0x920
[  957.424805][T14455]  ? oom_killer_disable+0x280/0x280
[  957.430234][T14455]  mem_cgroup_out_of_memory+0x1d8/0x240
[  957.436066][T14455]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  957.441718][T14455]  ? do_raw_spin_unlock+0x57/0x270
[  957.446998][T14455]  ? _raw_spin_unlock+0x2d/0x50
[  957.455010][T14455]  try_charge+0xf4b/0x1440
[  957.459584][T14455]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  957.465437][T14455]  ? percpu_ref_tryget_live+0x111/0x290
[  957.471832][T14455]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.478138][T14455]  ? __kasan_check_read+0x11/0x20
[  957.483215][T14455]  ? get_mem_cgroup_from_mm+0x156/0x320
[  957.488784][T14455]  mem_cgroup_try_charge+0x136/0x590
[  957.494107][T14455]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  957.500741][T14455]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  957.506591][T14455]  __handle_mm_fault+0x1e34/0x3f20
[  957.514203][T14455]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  957.519890][T14455]  ? __kasan_check_read+0x11/0x20
[  957.524982][T14455]  handle_mm_fault+0x1b5/0x6c0
[  957.529845][T14455]  __get_user_pages+0x7d4/0x1b30
[  957.534853][T14455]  ? mark_held_locks+0xf0/0xf0
[  957.540193][T14455]  ? follow_page_mask+0x1cf0/0x1cf0
[  957.545906][T14455]  ? __mm_populate+0x270/0x380
[  957.550945][T14455]  ? __kasan_check_write+0x14/0x20
[  957.556255][T14455]  ? down_read+0x109/0x430
[  957.560730][T14455]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.567348][T14455]  populate_vma_page_range+0x20d/0x2a0
[  957.573879][T14455]  __mm_populate+0x204/0x380
[  957.578612][T14455]  ? populate_vma_page_range+0x2a0/0x2a0
[  957.584856][T14455]  ? __kasan_check_write+0x14/0x20
[  957.590382][T14455]  ? up_write+0x155/0x490
[  957.594727][T14455]  ? ns_capable_common+0x93/0x100
[  957.599815][T14455]  __x64_sys_mlockall+0x473/0x520
[  957.604875][T14455]  do_syscall_64+0xfa/0x760
[  957.609389][T14455]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  957.615620][T14455] RIP: 0033:0x4598e9
[  957.619523][T14455] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  957.640943][T14455] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  957.650002][T14455] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  957.658397][T14455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  957.666616][T14455] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  957.674857][T14455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  957.682847][T14455] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  957.700261][ T1066] oom_reaper: reaped process 14441 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:56:35 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  957.763888][T14455] memory: usage 307200kB, limit 307200kB, failcnt 858
[  957.786970][T14455] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  957.840555][T14455] Memory cgroup stats for /syz1:
[  957.840681][T14455] anon 300191744
[  957.840681][T14455] file 40960
[  957.840681][T14455] kernel_stack 786432
[  957.840681][T14455] slab 9633792
[  957.840681][T14455] sock 4096
[  957.840681][T14455] shmem 0
[  957.840681][T14455] file_mapped 0
[  957.840681][T14455] file_dirty 0
[  957.840681][T14455] file_writeback 0
[  957.840681][T14455] anon_thp 264241152
[  957.840681][T14455] inactive_anon 225562624
[  957.840681][T14455] active_anon 15679488
[  957.840681][T14455] inactive_file 0
[  957.840681][T14455] active_file 0
[  957.840681][T14455] unevictable 58990592
[  957.840681][T14455] slab_reclaimable 2838528
[  957.840681][T14455] slab_unreclaimable 6795264
[  957.840681][T14455] pgfault 54945
[  957.840681][T14455] pgmajfault 0
[  957.840681][T14455] workingset_refault 0
[  957.840681][T14455] workingset_activate 0
[  957.840681][T14455] workingset_nodereclaim 0
[  957.840681][T14455] pgrefill 201
[  957.840681][T14455] pgscan 266
[  957.840681][T14455] pgsteal 0
[  958.033983][T14455] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14443,uid=0
21:56:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000040)={0x7b, 0x5, [0xc0000100], [0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]})

[  958.083520][T14455] Memory cgroup out of memory: Killed process 14443 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:56:35 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  958.190030][ T1066] oom_reaper: reaped process 14443 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  958.214936][T14469] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  958.237523][T14469] CPU: 1 PID: 14469 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[  958.247342][T14469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  958.257954][T14469] Call Trace:
[  958.257985][T14469]  dump_stack+0x172/0x1f0
[  958.258004][T14469]  dump_header+0x177/0x1152
[  958.258025][T14469]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  958.258035][T14469]  ? ___ratelimit+0x2c8/0x595
[  958.258047][T14469]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  958.258063][T14469]  ? lockdep_hardirqs_on+0x418/0x5d0
[  958.258077][T14469]  ? trace_hardirqs_on+0x67/0x240
[  958.258096][T14469]  ? pagefault_out_of_memory+0x11c/0x11c
[  958.270957][T14469]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  958.270973][T14469]  ? ___ratelimit+0x60/0x595
[  958.270987][T14469]  ? do_raw_spin_unlock+0x57/0x270
[  958.271014][T14469]  oom_kill_process.cold+0x10/0x15
[  958.325689][T14469]  out_of_memory+0x334/0x1340
[  958.330421][T14469]  ? lock_downgrade+0x920/0x920
[  958.330449][T14469]  ? oom_killer_disable+0x280/0x280
[  958.340962][T14469]  mem_cgroup_out_of_memory+0x1d8/0x240
[  958.346649][T14469]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  958.346668][T14469]  ? do_raw_spin_unlock+0x57/0x270
[  958.346686][T14469]  ? _raw_spin_unlock+0x2d/0x50
[  958.346706][T14469]  try_charge+0xf4b/0x1440
[  958.346728][T14469]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  958.346746][T14469]  ? percpu_ref_tryget_live+0x111/0x290
[  958.379158][T14469]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  958.385443][T14469]  ? __kasan_check_read+0x11/0x20
[  958.390685][T14469]  ? get_mem_cgroup_from_mm+0x156/0x320
[  958.396623][T14469]  mem_cgroup_try_charge+0x136/0x590
[  958.402109][T14469]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  958.409207][T14469]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  958.415277][T14469]  __handle_mm_fault+0x1e34/0x3f20
[  958.420807][T14469]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  958.426574][T14469]  ? __kasan_check_read+0x11/0x20
[  958.432323][T14469]  handle_mm_fault+0x1b5/0x6c0
[  958.437404][T14469]  __get_user_pages+0x7d4/0x1b30
[  958.443500][T14469]  ? mark_held_locks+0xf0/0xf0
[  958.448742][T14469]  ? follow_page_mask+0x1cf0/0x1cf0
[  958.454394][T14469]  ? __mm_populate+0x270/0x380
[  958.459874][T14469]  ? __kasan_check_write+0x14/0x20
[  958.465034][T14469]  ? down_read+0x109/0x430
[  958.470010][T14469]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  958.477400][T14469]  populate_vma_page_range+0x20d/0x2a0
[  958.483340][T14469]  __mm_populate+0x204/0x380
[  958.488192][T14469]  ? populate_vma_page_range+0x2a0/0x2a0
[  958.494215][T14469]  ? __kasan_check_write+0x14/0x20
[  958.499469][T14469]  ? up_write+0x155/0x490
[  958.504120][T14469]  ? ns_capable_common+0x93/0x100
[  958.509352][T14469]  __x64_sys_mlockall+0x473/0x520
[  958.514425][T14469]  do_syscall_64+0xfa/0x760
[  958.519362][T14469]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  958.525434][T14469] RIP: 0033:0x4598e9
21:56:35 executing program 3:

[  958.530013][T14469] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  958.530023][T14469] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  958.530035][T14469] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  958.530129][T14469] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  958.530143][T14469] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  958.530150][T14469] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[  958.530156][T14469] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  958.607471][T14469] memory: usage 307180kB, limit 307200kB, failcnt 43
[  958.632424][T14469] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  958.640129][T14469] Memory cgroup stats for /syz4:
[  958.640249][T14469] anon 298434560
[  958.640249][T14469] file 77824
[  958.640249][T14469] kernel_stack 720896
[  958.640249][T14469] slab 11948032
[  958.640249][T14469] sock 225280
[  958.640249][T14469] shmem 0
[  958.640249][T14469] file_mapped 0
[  958.640249][T14469] file_dirty 0
[  958.640249][T14469] file_writeback 0
[  958.640249][T14469] anon_thp 266338304
[  958.640249][T14469] inactive_anon 238002176
[  958.640249][T14469] active_anon 6819840
[  958.640249][T14469] inactive_file 135168
[  958.640249][T14469] active_file 0
[  958.640249][T14469] unevictable 53587968
[  958.640249][T14469] slab_reclaimable 3379200
[  958.640249][T14469] slab_unreclaimable 8568832
[  958.640249][T14469] pgfault 33891
[  958.640249][T14469] pgmajfault 0
[  958.640249][T14469] workingset_refault 0
[  958.640249][T14469] workingset_activate 0
[  958.640249][T14469] workingset_nodereclaim 0
[  958.640249][T14469] pgrefill 66
[  958.640249][T14469] pgscan 66
[  958.640249][T14469] pgsteal 0
[  958.652856][T14469] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14294,uid=0
[  958.816631][T14469] Memory cgroup out of memory: Killed process 14294 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
21:56:45 executing program 3:

21:56:45 executing program 5:

21:56:45 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:45 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:45 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:45 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:45 executing program 3:

21:56:45 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  968.210210][T14504] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  968.242978][T14504] CPU: 1 PID: 14504 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  968.252275][T14504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.262350][T14504] Call Trace:
[  968.265670][T14504]  dump_stack+0x172/0x1f0
[  968.270043][T14504]  dump_header+0x177/0x1152
[  968.274590][T14504]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  968.280421][T14504]  ? ___ratelimit+0x2c8/0x595
[  968.285121][T14504]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  968.290962][T14504]  ? lockdep_hardirqs_on+0x418/0x5d0
[  968.296285][T14504]  ? trace_hardirqs_on+0x67/0x240
[  968.301344][T14504]  ? pagefault_out_of_memory+0x11c/0x11c
[  968.307007][T14504]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  968.313025][T14504]  ? ___ratelimit+0x60/0x595
[  968.317646][T14504]  ? do_raw_spin_unlock+0x57/0x270
[  968.323316][T14504]  oom_kill_process.cold+0x10/0x15
[  968.328515][T14504]  out_of_memory+0x334/0x1340
[  968.333260][T14504]  ? lock_downgrade+0x920/0x920
[  968.338157][T14504]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  968.343982][T14504]  ? oom_killer_disable+0x280/0x280
[  968.349663][T14504]  mem_cgroup_out_of_memory+0x1d8/0x240
[  968.355251][T14504]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  968.360909][T14504]  ? do_raw_spin_unlock+0x57/0x270
[  968.366053][T14504]  ? _raw_spin_unlock+0x2d/0x50
[  968.370935][T14504]  try_charge+0xf4b/0x1440
[  968.375392][T14504]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  968.380961][T14504]  ? percpu_ref_tryget_live+0x111/0x290
[  968.386658][T14504]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  968.392927][T14504]  ? __kasan_check_read+0x11/0x20
[  968.392953][T14504]  ? get_mem_cgroup_from_mm+0x156/0x320
[  968.392968][T14504]  mem_cgroup_try_charge+0x136/0x590
[  968.392993][T14504]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  968.403589][T14504]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  968.403610][T14504]  __handle_mm_fault+0x1e34/0x3f20
[  968.403629][T14504]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  968.403655][T14504]  ? __kasan_check_read+0x11/0x20
[  968.403678][T14504]  handle_mm_fault+0x1b5/0x6c0
[  968.403701][T14504]  __get_user_pages+0x7d4/0x1b30
[  968.441565][T14504]  ? mark_held_locks+0xf0/0xf0
[  968.441596][T14504]  ? follow_page_mask+0x1cf0/0x1cf0
[  968.441615][T14504]  ? __mm_populate+0x270/0x380
[  968.451463][T14504]  ? __kasan_check_write+0x14/0x20
[  968.451482][T14504]  ? down_read+0x109/0x430
[  968.451499][T14504]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  968.451520][T14504]  populate_vma_page_range+0x20d/0x2a0
[  968.483439][T14504]  __mm_populate+0x204/0x380
[  968.488060][T14504]  ? populate_vma_page_range+0x2a0/0x2a0
[  968.493729][T14504]  ? __kasan_check_write+0x14/0x20
[  968.498862][T14504]  ? up_write+0x155/0x490
[  968.503205][T14504]  ? ns_capable_common+0x93/0x100
[  968.508246][T14504]  __x64_sys_mlockall+0x473/0x520
[  968.513282][T14504]  do_syscall_64+0xfa/0x760
[  968.517813][T14504]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  968.523710][T14504] RIP: 0033:0x4598e9
[  968.527606][T14504] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  968.547481][T14504] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
21:56:45 executing program 3:

21:56:45 executing program 4:
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:45 executing program 3:

[  968.555912][T14504] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  968.563930][T14504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  968.571909][T14504] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  968.579887][T14504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  968.588010][T14504] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  968.633934][T14504] memory: usage 307200kB, limit 307200kB, failcnt 428
[  968.653686][T14504] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  968.663894][T14504] Memory cgroup stats for /syz2:
[  968.664008][T14504] anon 302292992
[  968.664008][T14504] file 0
[  968.664008][T14504] kernel_stack 655360
[  968.664008][T14504] slab 8577024
[  968.664008][T14504] sock 0
[  968.664008][T14504] shmem 0
[  968.664008][T14504] file_mapped 0
[  968.664008][T14504] file_dirty 0
[  968.664008][T14504] file_writeback 0
[  968.664008][T14504] anon_thp 266338304
[  968.664008][T14504] inactive_anon 267231232
[  968.664008][T14504] active_anon 2400256
[  968.664008][T14504] inactive_file 0
[  968.664008][T14504] active_file 0
[  968.664008][T14504] unevictable 32808960
[  968.664008][T14504] slab_reclaimable 3108864
[  968.664008][T14504] slab_unreclaimable 5468160
[  968.664008][T14504] pgfault 41778
21:56:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x5)
ioctl$TCFLSH(r0, 0x8925, 0x0)

21:56:46 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="0f0000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  968.664008][T14504] pgmajfault 0
[  968.664008][T14504] workingset_refault 0
[  968.664008][T14504] workingset_activate 0
[  968.664008][T14504] workingset_nodereclaim 0
[  968.664008][T14504] pgrefill 133
[  968.664008][T14504] pgscan 165
[  968.664008][T14504] pgsteal 0
[  968.664008][T14504] pgactivate 99
[  968.878878][T14526] mkiss: ax0: crc mode is auto.
[  968.976656][T14526] mkiss: ax0: crc mode is auto.
[  969.056044][T14504] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14473,uid=0
[  969.120124][T14504] Memory cgroup out of memory: Killed process 14473 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  969.197493][T14503] syz-executor.1 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000
[  969.245654][T14503] CPU: 0 PID: 14503 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  969.254908][T14503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  969.264983][T14503] Call Trace:
[  969.268296][T14503]  dump_stack+0x172/0x1f0
[  969.272649][T14503]  dump_header+0x177/0x1152
[  969.277200][T14503]  ? pagefault_out_of_memory+0x11c/0x11c
[  969.282853][T14503]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  969.288682][T14503]  ? ___ratelimit+0x60/0x595
[  969.293294][T14503]  ? do_raw_spin_unlock+0x57/0x270
[  969.298435][T14503]  oom_kill_process.cold+0x10/0x15
[  969.303559][T14503]  out_of_memory+0x334/0x1340
[  969.308250][T14503]  ? lock_downgrade+0x920/0x920
[  969.313127][T14503]  ? oom_killer_disable+0x280/0x280
[  969.318359][T14503]  mem_cgroup_out_of_memory+0x1d8/0x240
[  969.323940][T14503]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  969.329668][T14503]  ? do_raw_spin_unlock+0x57/0x270
[  969.334807][T14503]  ? _raw_spin_unlock+0x2d/0x50
[  969.339685][T14503]  try_charge+0xf4b/0x1440
[  969.344136][T14503]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  969.349713][T14503]  ? retint_kernel+0x2b/0x2b
[  969.354327][T14503]  ? trace_hardirqs_on_caller+0x6a/0x240
[  969.359993][T14503]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  969.365481][T14503]  ? __this_cpu_preempt_check+0x3a/0x210
[  969.371140][T14503]  __memcg_kmem_charge_memcg+0x71/0xf0
[  969.376635][T14503]  ? memcg_kmem_put_cache+0x50/0x50
[  969.381872][T14503]  ? __memcg_kmem_charge_memcg+0x16/0xf0
[  969.387535][T14503]  cache_grow_begin+0x629/0xd20
[  969.392493][T14503]  ? __sanitizer_cov_trace_cmp2+0x11/0x20
[  969.398241][T14503]  ? mempolicy_slab_node+0x139/0x390
[  969.403544][T14503]  fallback_alloc+0x1fd/0x2d0
[  969.408312][T14503]  ____cache_alloc_node+0x1bc/0x1d0
[  969.413863][T14503]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  969.420138][T14503]  kmem_cache_alloc_trace+0x21c/0x790
[  969.425555][T14503]  kvm_uevent_notify_change.part.0+0xa6/0x460
[  969.431658][T14503]  kvm_dev_ioctl+0x1088/0x1650
[  969.436455][T14503]  ? kvm_debugfs_release+0x90/0x90
[  969.441598][T14503]  ? kvm_debugfs_release+0x90/0x90
[  969.446741][T14503]  do_vfs_ioctl+0xdb6/0x13e0
[  969.451632][T14503]  ? ioctl_preallocate+0x210/0x210
[  969.456787][T14503]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  969.462280][T14503]  ? __this_cpu_preempt_check+0x3a/0x210
[  969.467949][T14503]  ? retint_kernel+0x2b/0x2b
[  969.472733][T14503]  ? tomoyo_file_ioctl+0x23/0x30
[  969.477831][T14503]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  969.484106][T14503]  ? security_file_ioctl+0x8d/0xc0
[  969.489245][T14503]  ksys_ioctl+0xab/0xd0
[  969.493421][T14503]  __x64_sys_ioctl+0x73/0xb0
[  969.498039][T14503]  do_syscall_64+0xfa/0x760
[  969.502574][T14503]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  969.508607][T14503] RIP: 0033:0x4598e9
[  969.512512][T14503] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  969.532222][T14503] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  969.540660][T14503] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9
[  969.548802][T14503] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  969.556793][T14503] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  969.564786][T14503] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  969.572795][T14503] R13: 00000000004c2841 R14: 00000000004d5ec8 R15: 00000000ffffffff
21:56:47 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  970.183847][T14503] memory: usage 306776kB, limit 307200kB, failcnt 882
[  970.190886][T14503] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  970.305682][T14503] Memory cgroup stats for /syz1:
[  970.306434][T14503] anon 299905024
[  970.306434][T14503] file 40960
[  970.306434][T14503] kernel_stack 851968
[  970.306434][T14503] slab 9367552
[  970.306434][T14503] sock 4096
[  970.306434][T14503] shmem 0
[  970.306434][T14503] file_mapped 0
[  970.306434][T14503] file_dirty 0
[  970.306434][T14503] file_writeback 0
[  970.306434][T14503] anon_thp 264241152
[  970.306434][T14503] inactive_anon 225554432
[  970.306434][T14503] active_anon 15679488
[  970.306434][T14503] inactive_file 0
[  970.306434][T14503] active_file 0
[  970.306434][T14503] unevictable 58658816
[  970.306434][T14503] slab_reclaimable 2568192
[  970.306434][T14503] slab_unreclaimable 6799360
[  970.306434][T14503] pgfault 56166
[  970.306434][T14503] pgmajfault 0
[  970.306434][T14503] workingset_refault 0
[  970.306434][T14503] workingset_activate 0
[  970.306434][T14503] workingset_nodereclaim 0
[  970.306434][T14503] pgrefill 234
[  970.306434][T14503] pgscan 266
[  970.306434][T14503] pgsteal 0
[  970.488607][T14503] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14486,uid=0
[  970.604185][T14503] Memory cgroup out of memory: Killed process 14486 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  970.656610][T14555] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  970.689547][ T1066] oom_reaper: reaped process 14486 (syz-executor.1), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB
[  970.701435][T14555] CPU: 0 PID: 14555 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  970.710568][T14555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  970.720736][T14555] Call Trace:
[  970.724056][T14555]  dump_stack+0x172/0x1f0
[  970.728609][T14555]  dump_header+0x177/0x1152
[  970.733147][T14555]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  970.738984][T14555]  ? ___ratelimit+0x2c8/0x595
[  970.743757][T14555]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  970.749591][T14555]  ? lockdep_hardirqs_on+0x418/0x5d0
[  970.754897][T14555]  ? trace_hardirqs_on+0x67/0x240
[  970.759940][T14555]  ? pagefault_out_of_memory+0x11c/0x11c
[  970.765601][T14555]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  970.771429][T14555]  ? ___ratelimit+0x60/0x595
[  970.776041][T14555]  ? do_raw_spin_unlock+0x57/0x270
[  970.781178][T14555]  oom_kill_process.cold+0x10/0x15
[  970.786306][T14555]  out_of_memory+0x334/0x1340
[  970.791003][T14555]  ? lock_downgrade+0x920/0x920
[  970.796017][T14555]  ? oom_killer_disable+0x280/0x280
[  970.801258][T14555]  mem_cgroup_out_of_memory+0x1d8/0x240
[  970.806825][T14555]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  970.812489][T14555]  ? do_raw_spin_unlock+0x57/0x270
[  970.817629][T14555]  ? _raw_spin_unlock+0x2d/0x50
[  970.822511][T14555]  try_charge+0xf4b/0x1440
[  970.826958][T14555]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  970.832624][T14555]  ? percpu_ref_tryget_live+0x111/0x290
[  970.832649][T14555]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  970.844431][T14555]  ? __kasan_check_read+0x11/0x20
[  970.849486][T14555]  ? get_mem_cgroup_from_mm+0x156/0x320
[  970.855230][T14555]  mem_cgroup_try_charge+0x136/0x590
[  970.860550][T14555]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  970.866943][T14555]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  970.872602][T14555]  __handle_mm_fault+0x1e34/0x3f20
[  970.877762][T14555]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  970.883354][T14555]  ? __kasan_check_read+0x11/0x20
[  970.888413][T14555]  handle_mm_fault+0x1b5/0x6c0
[  970.893199][T14555]  __get_user_pages+0x7d4/0x1b30
[  970.898148][T14555]  ? mark_held_locks+0xf0/0xf0
[  970.902945][T14555]  ? follow_page_mask+0x1cf0/0x1cf0
[  970.908167][T14555]  ? __mm_populate+0x270/0x380
[  970.912962][T14555]  ? __kasan_check_write+0x14/0x20
[  970.918096][T14555]  ? down_read+0x109/0x430
[  970.922526][T14555]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  970.928770][T14555]  populate_vma_page_range+0x20d/0x2a0
[  970.934240][T14555]  __mm_populate+0x204/0x380
[  970.938846][T14555]  ? populate_vma_page_range+0x2a0/0x2a0
[  970.944503][T14555]  ? __kasan_check_write+0x14/0x20
[  970.949744][T14555]  ? up_write+0x155/0x490
[  970.954088][T14555]  ? ns_capable_common+0x93/0x100
[  970.959268][T14555]  __x64_sys_mlockall+0x473/0x520
[  970.964328][T14555]  do_syscall_64+0xfa/0x760
[  970.968853][T14555]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  970.974761][T14555] RIP: 0033:0x4598e9
[  970.978660][T14555] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  970.998377][T14555] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  971.006814][T14555] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  971.014944][T14555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  971.022963][T14555] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  971.030964][T14555] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  971.038958][T14555] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  971.049440][T14555] memory: usage 307076kB, limit 307200kB, failcnt 445
[  971.065368][T14555] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  971.073703][T14555] Memory cgroup stats for /syz2:
[  971.073810][T14555] anon 302497792
[  971.073810][T14555] file 0
[  971.073810][T14555] kernel_stack 589824
[  971.073810][T14555] slab 8441856
[  971.073810][T14555] sock 0
[  971.073810][T14555] shmem 0
[  971.073810][T14555] file_mapped 0
[  971.073810][T14555] file_dirty 0
[  971.073810][T14555] file_writeback 0
[  971.073810][T14555] anon_thp 268435456
[  971.073810][T14555] inactive_anon 267165696
[  971.073810][T14555] active_anon 2400256
[  971.073810][T14555] inactive_file 0
[  971.073810][T14555] active_file 0
[  971.073810][T14555] unevictable 32944128
[  971.073810][T14555] slab_reclaimable 2973696
[  971.073810][T14555] slab_unreclaimable 5468160
[  971.073810][T14555] pgfault 43131
[  971.073810][T14555] pgmajfault 0
[  971.073810][T14555] workingset_refault 0
[  971.073810][T14555] workingset_activate 0
[  971.073810][T14555] workingset_nodereclaim 0
[  971.073810][T14555] pgrefill 133
[  971.073810][T14555] pgscan 165
[  971.073810][T14555] pgsteal 0
[  971.073810][T14555] pgactivate 99
[  971.171035][T14555] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14551,uid=0
[  971.187628][T14555] Memory cgroup out of memory: Killed process 14551 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:56:51 executing program 5:
prctl$PR_SET_TIMERSLACK(0x1d, 0xfffffffffffffffd)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, &(0x7f0000edfff0), 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)

21:56:51 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:56:51 executing program 4:
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:56:51 executing program 3:
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
shmget(0x2, 0x1000, 0x0, &(0x7f000096d000/0x1000)=nil)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$rxrpc(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x101002, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000002c0)=""/246)
r1 = memfd_create(&(0x7f0000000280)='^\x00', 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10)
sendfile(r0, r1, 0x0, 0x102002700)

21:56:51 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:51 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  974.504017][T14573] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  974.521240][T14573] CPU: 1 PID: 14573 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  974.530368][T14573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.530374][T14573] Call Trace:
[  974.530397][T14573]  dump_stack+0x172/0x1f0
[  974.530419][T14573]  dump_header+0x177/0x1152
[  974.530438][T14573]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  974.530450][T14573]  ? ___ratelimit+0x2c8/0x595
[  974.530462][T14573]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  974.530477][T14573]  ? lockdep_hardirqs_on+0x418/0x5d0
[  974.530492][T14573]  ? trace_hardirqs_on+0x67/0x240
[  974.530507][T14573]  ? pagefault_out_of_memory+0x11c/0x11c
[  974.530522][T14573]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  974.530535][T14573]  ? ___ratelimit+0x60/0x595
[  974.530547][T14573]  ? do_raw_spin_unlock+0x57/0x270
[  974.530564][T14573]  oom_kill_process.cold+0x10/0x15
[  974.530579][T14573]  out_of_memory+0x334/0x1340
[  974.530591][T14573]  ? lock_downgrade+0x920/0x920
[  974.530611][T14573]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  974.530627][T14573]  ? oom_killer_disable+0x280/0x280
[  974.530653][T14573]  mem_cgroup_out_of_memory+0x1d8/0x240
[  974.530668][T14573]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  974.530685][T14573]  ? do_raw_spin_unlock+0x57/0x270
[  974.530701][T14573]  ? _raw_spin_unlock+0x2d/0x50
[  974.530724][T14573]  try_charge+0xf4b/0x1440
[  974.544056][T14573]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  974.544071][T14573]  ? percpu_ref_tryget_live+0x111/0x290
[  974.544093][T14573]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  974.544112][T14573]  ? __kasan_check_read+0x11/0x20
[  974.544137][T14573]  ? get_mem_cgroup_from_mm+0x156/0x320
[  974.544152][T14573]  mem_cgroup_try_charge+0x136/0x590
[  974.553152][T14573]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  974.553174][T14573]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  974.553196][T14573]  __handle_mm_fault+0x1e34/0x3f20
21:56:51 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:51 executing program 4:
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  974.553217][T14573]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  974.553252][T14573]  ? __kasan_check_read+0x11/0x20
[  974.569501][T14573]  handle_mm_fault+0x1b5/0x6c0
[  974.569522][T14573]  __get_user_pages+0x7d4/0x1b30
[  974.569542][T14573]  ? mark_held_locks+0xf0/0xf0
[  974.585436][T14573]  ? follow_page_mask+0x1cf0/0x1cf0
[  974.585450][T14573]  ? __mm_populate+0x270/0x380
[  974.585472][T14573]  ? __kasan_check_write+0x14/0x20
[  974.585488][T14573]  ? down_read+0x109/0x430
[  974.585503][T14573]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  974.585521][T14573]  populate_vma_page_range+0x20d/0x2a0
[  974.595986][T14573]  __mm_populate+0x204/0x380
[  974.596005][T14573]  ? populate_vma_page_range+0x2a0/0x2a0
[  974.596023][T14573]  ? __kasan_check_write+0x14/0x20
[  974.679954][T14573]  ? up_write+0x155/0x490
[  974.691441][T14573]  ? ns_capable_common+0x93/0x100
[  974.691467][T14573]  __x64_sys_mlockall+0x473/0x520
[  974.691486][T14573]  do_syscall_64+0xfa/0x760
[  974.691508][T14573]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  974.732360][T14573] RIP: 0033:0x4598e9
[  974.732378][T14573] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  974.732386][T14573] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  974.732401][T14573] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  974.732409][T14573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  974.732416][T14573] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
21:56:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="c00000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  974.732429][T14573] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  974.752882][T14573] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  974.880541][T14573] memory: usage 306864kB, limit 307200kB, failcnt 485
[  974.910498][T14573] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  974.917840][T14573] Memory cgroup stats for /syz2:
[  974.917953][T14573] anon 302497792
[  974.917953][T14573] file 0
[  974.917953][T14573] kernel_stack 589824
[  974.917953][T14573] slab 7983104
[  974.917953][T14573] sock 0
[  974.917953][T14573] shmem 0
[  974.917953][T14573] file_mapped 0
[  974.917953][T14573] file_dirty 0
[  974.917953][T14573] file_writeback 0
[  974.917953][T14573] anon_thp 268435456
[  974.917953][T14573] inactive_anon 267141120
[  974.917953][T14573] active_anon 2400256
[  974.917953][T14573] inactive_file 0
[  974.917953][T14573] active_file 0
[  974.917953][T14573] unevictable 32935936
[  974.917953][T14573] slab_reclaimable 2838528
[  974.917953][T14573] slab_unreclaimable 5144576
[  974.917953][T14573] pgfault 44517
[  974.917953][T14573] pgmajfault 0
[  974.917953][T14573] workingset_refault 0
[  974.917953][T14573] workingset_activate 0
[  974.917953][T14573] workingset_nodereclaim 0
[  974.917953][T14573] pgrefill 133
[  974.917953][T14573] pgscan 165
[  974.917953][T14573] pgsteal 0
21:56:52 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:56:52 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  974.917953][T14573] pgactivate 99
[  974.922974][T14573] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14563,uid=0
[  975.081617][T14573] Memory cgroup out of memory: Killed process 14563 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:56:52 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="c00e00002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  975.234613][ T1066] oom_reaper: reaped process 14563 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  975.265727][T14599] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  975.284387][T14599] CPU: 0 PID: 14599 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  975.293539][T14599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.303701][T14599] Call Trace:
[  975.307011][T14599]  dump_stack+0x172/0x1f0
[  975.311384][T14599]  dump_header+0x177/0x1152
[  975.311402][T14599]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  975.311420][T14599]  ? ___ratelimit+0x2c8/0x595
[  975.326449][T14599]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  975.326467][T14599]  ? lockdep_hardirqs_on+0x418/0x5d0
[  975.326487][T14599]  ? trace_hardirqs_on+0x67/0x240
[  975.342609][T14599]  ? pagefault_out_of_memory+0x11c/0x11c
[  975.348356][T14599]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  975.348375][T14599]  ? ___ratelimit+0x60/0x595
[  975.358784][T14599]  ? do_raw_spin_unlock+0x57/0x270
[  975.363909][T14599]  oom_kill_process.cold+0x10/0x15
[  975.369024][T14599]  out_of_memory+0x334/0x1340
[  975.369040][T14599]  ? lock_downgrade+0x920/0x920
[  975.369060][T14599]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  975.384350][T14599]  ? oom_killer_disable+0x280/0x280
[  975.384375][T14599]  mem_cgroup_out_of_memory+0x1d8/0x240
[  975.384391][T14599]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  975.384410][T14599]  ? do_raw_spin_unlock+0x57/0x270
[  975.384432][T14599]  ? _raw_spin_unlock+0x2d/0x50
[  975.395152][T14599]  try_charge+0xf4b/0x1440
[  975.395177][T14599]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  975.395191][T14599]  ? percpu_ref_tryget_live+0x111/0x290
[  975.395217][T14599]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  975.395233][T14599]  ? __kasan_check_read+0x11/0x20
[  975.395250][T14599]  ? get_mem_cgroup_from_mm+0x156/0x320
[  975.395267][T14599]  mem_cgroup_try_charge+0x136/0x590
[  975.405995][T14599]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  975.406016][T14599]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  975.460687][T14599]  __handle_mm_fault+0x1e34/0x3f20
[  975.465821][T14599]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  975.465850][T14599]  ? __kasan_check_read+0x11/0x20
[  975.465870][T14599]  handle_mm_fault+0x1b5/0x6c0
[  975.465891][T14599]  __get_user_pages+0x7d4/0x1b30
[  975.465908][T14599]  ? mark_held_locks+0xf0/0xf0
[  975.465933][T14599]  ? follow_page_mask+0x1cf0/0x1cf0
[  975.465945][T14599]  ? __mm_populate+0x270/0x380
[  975.465966][T14599]  ? __kasan_check_write+0x14/0x20
[  975.465983][T14599]  ? down_read+0x109/0x430
[  975.466001][T14599]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  975.466020][T14599]  populate_vma_page_range+0x20d/0x2a0
[  975.466040][T14599]  __mm_populate+0x204/0x380
[  975.466059][T14599]  ? populate_vma_page_range+0x2a0/0x2a0
[  975.466074][T14599]  ? __kasan_check_write+0x14/0x20
[  975.466087][T14599]  ? up_write+0x155/0x490
[  975.466101][T14599]  ? ns_capable_common+0x93/0x100
[  975.466122][T14599]  __x64_sys_mlockall+0x473/0x520
[  975.466139][T14599]  do_syscall_64+0xfa/0x760
[  975.466161][T14599]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  975.481505][T14599] RIP: 0033:0x4598e9
[  975.481522][T14599] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  975.481528][T14599] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  975.481541][T14599] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  975.481549][T14599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  975.481557][T14599] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  975.481565][T14599] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  975.481573][T14599] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  975.488292][T14599] memory: usage 307200kB, limit 307200kB, failcnt 908
[  975.527973][T14599] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  975.551025][T14599] Memory cgroup stats for /syz1:
[  975.551137][T14599] anon 301010944
[  975.551137][T14599] file 40960
[  975.551137][T14599] kernel_stack 917504
[  975.551137][T14599] slab 8560640
[  975.551137][T14599] sock 4096
[  975.551137][T14599] shmem 0
[  975.551137][T14599] file_mapped 0
[  975.551137][T14599] file_dirty 0
[  975.551137][T14599] file_writeback 0
[  975.551137][T14599] anon_thp 266338304
[  975.551137][T14599] inactive_anon 206938112
[  975.551137][T14599] active_anon 20123648
[  975.551137][T14599] inactive_file 0
[  975.551137][T14599] active_file 0
[  975.551137][T14599] unevictable 74072064
[  975.551137][T14599] slab_reclaimable 2297856
[  975.551137][T14599] slab_unreclaimable 6262784
[  975.551137][T14599] pgfault 57156
[  975.551137][T14599] pgmajfault 0
[  975.551137][T14599] workingset_refault 0
[  975.551137][T14599] workingset_activate 0
[  975.551137][T14599] workingset_nodereclaim 0
[  975.551137][T14599] pgrefill 267
[  975.551137][T14599] pgscan 266
[  975.551137][T14599] pgsteal 33
[  975.559575][T14599] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=13310,uid=0
[  975.597750][T14599] Memory cgroup out of memory: Killed process 13310 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  975.642752][T14598] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  975.876542][T14598] CPU: 0 PID: 14598 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[  975.885687][T14598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.885693][T14598] Call Trace:
[  975.885718][T14598]  dump_stack+0x172/0x1f0
[  975.885738][T14598]  dump_header+0x177/0x1152
[  975.885754][T14598]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  975.885764][T14598]  ? ___ratelimit+0x2c8/0x595
[  975.885776][T14598]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  975.885793][T14598]  ? lockdep_hardirqs_on+0x418/0x5d0
[  975.885808][T14598]  ? trace_hardirqs_on+0x67/0x240
[  975.885828][T14598]  ? pagefault_out_of_memory+0x11c/0x11c
[  975.903698][T14598]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  975.903716][T14598]  ? ___ratelimit+0x60/0x595
[  975.903729][T14598]  ? do_raw_spin_unlock+0x57/0x270
[  975.903747][T14598]  oom_kill_process.cold+0x10/0x15
[  975.903764][T14598]  out_of_memory+0x334/0x1340
[  975.903780][T14598]  ? lock_downgrade+0x920/0x920
[  975.903800][T14598]  ? oom_killer_disable+0x280/0x280
[  975.924594][T14598]  mem_cgroup_out_of_memory+0x1d8/0x240
[  975.934906][T14598]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  975.934930][T14598]  ? do_raw_spin_unlock+0x57/0x270
[  975.934949][T14598]  ? _raw_spin_unlock+0x2d/0x50
[  975.934964][T14598]  try_charge+0xf4b/0x1440
[  975.934988][T14598]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  975.935001][T14598]  ? percpu_ref_tryget_live+0x111/0x290
[  975.935020][T14598]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  975.935037][T14598]  ? __kasan_check_read+0x11/0x20
[  975.935057][T14598]  ? get_mem_cgroup_from_mm+0x156/0x320
[  975.935075][T14598]  mem_cgroup_try_charge+0x136/0x590
[  975.935090][T14598]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  975.935107][T14598]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  975.935126][T14598]  __handle_mm_fault+0x1e34/0x3f20
[  975.935145][T14598]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  976.057595][T14598]  ? __kasan_check_read+0x11/0x20
[  976.062671][T14598]  handle_mm_fault+0x1b5/0x6c0
[  976.067465][T14598]  __get_user_pages+0x7d4/0x1b30
[  976.072436][T14598]  ? mark_held_locks+0xf0/0xf0
[  976.077237][T14598]  ? follow_page_mask+0x1cf0/0x1cf0
[  976.082442][T14598]  ? __mm_populate+0x270/0x380
[  976.087230][T14598]  ? __kasan_check_write+0x14/0x20
[  976.092367][T14598]  ? down_read+0x109/0x430
[  976.096936][T14598]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  976.103237][T14598]  populate_vma_page_range+0x20d/0x2a0
[  976.109000][T14598]  __mm_populate+0x204/0x380
[  976.113671][T14598]  ? populate_vma_page_range+0x2a0/0x2a0
[  976.119349][T14598]  ? __kasan_check_write+0x14/0x20
[  976.124583][T14598]  ? up_write+0x155/0x490
[  976.128941][T14598]  ? ns_capable_common+0x93/0x100
[  976.134005][T14598]  __x64_sys_mlockall+0x473/0x520
[  976.139072][T14598]  do_syscall_64+0xfa/0x760
[  976.143618][T14598]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  976.149786][T14598] RIP: 0033:0x4598e9
[  976.149807][T14598] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  976.173549][T14598] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  976.173565][T14598] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  976.173572][T14598] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  976.173578][T14598] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  976.173585][T14598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[  976.173591][T14598] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  976.182607][T14598] memory: usage 307200kB, limit 307200kB, failcnt 83
[  976.253837][T14598] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  976.263078][T14598] Memory cgroup stats for /syz4:
[  976.263214][T14598] anon 299474944
[  976.263214][T14598] file 77824
[  976.263214][T14598] kernel_stack 786432
[  976.263214][T14598] slab 10797056
[  976.263214][T14598] sock 225280
[  976.263214][T14598] shmem 0
[  976.263214][T14598] file_mapped 0
[  976.263214][T14598] file_dirty 0
[  976.263214][T14598] file_writeback 0
[  976.263214][T14598] anon_thp 268435456
[  976.263214][T14598] inactive_anon 238133248
[  976.263214][T14598] active_anon 7290880
[  976.263214][T14598] inactive_file 135168
[  976.263214][T14598] active_file 0
[  976.263214][T14598] unevictable 54366208
[  976.263214][T14598] slab_reclaimable 3244032
[  976.263214][T14598] slab_unreclaimable 7553024
[  976.263214][T14598] pgfault 36036
[  976.263214][T14598] pgmajfault 0
[  976.263214][T14598] workingset_refault 0
[  976.263214][T14598] workingset_activate 0
[  976.263214][T14598] workingset_nodereclaim 0
[  976.263214][T14598] pgrefill 101
[  976.263214][T14598] pgscan 99
[  976.263214][T14598] pgsteal 0
[  976.359232][T14598] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14511,uid=0
[  976.375703][T14598] Memory cgroup out of memory: Killed process 14511 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[  976.398477][ T1066] oom_reaper: reaped process 14511 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:57:00 executing program 5:
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, 0x0, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x200000000000b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b702000003400000bfa300000000000014020000fffeffff7a03f0fff8ffffff79a4f0ff00000000b7060000ffffffffad640500000000006502faff000000002404000001007d60b5030000001000006a0a00fe000000008500000026000000b70000000000004095000000000000001da5ad3548ebb63d18db6a1c72c21c9b767ae5308fbcd5c5e4a5ad1065b572c2c9ff215ac6e0700c2ceaea4c1dc908abb6e7325ec1956bd8660bf36628df4490046261dbb74ea2d1f754c0a15750ab9a78fc00000000247d52d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8eb040c50287c37a7f4182f32333b08c6e497687e30a4daea5cac0ceafdb9a2eeb02a1f5104d16ddba4963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed7afdb00bb1321ea5e82ae5ba2c42a5e2bdfd253d5df768d0cb30a5bb8c13d5b47912e722356893f3205a5f6ef456c0fd38abda032ed720e5dc29c754723a3080e085fb24d6f163185bf6e394609f99c8baa39ada813607a619e2411aeb3d4a4817330302ff67d6f5ef8be3c26a20775730c60df3a48e9c647cf98ded76c7d387537a7ebe706667ea078c8f29a4ce1f86ee833b6c3a17a194bf2ddb5b014c66b3c6f93facd309b5b5faccf76c6cd10f650cb84aadbf6583fbd85d7bee1b6839721a7fd6fb3d4ee82e7a69f3d4964645bef9b34e12a27edd628b7af013f790da50d282f000000000000000ca70de9eafc0c4c2373ebbd8cd330ebf5de1831fad1853ab3610dc1b74209681b4f73cbdccfcbce3a2ba25b4e8fedb6e38f42311ab3581e4e4b13fc4b77add8a596487cf5736ada5457b6cd363a09f2562d3809b989af7db92edaf9de4096ee20a0ea5d93c8b9a3aca793a2907396bf19aee0632e116e0dd52fd776e7707f5b177b3527f1fb9b6222e0578f52305024b22a5b658df8a2a7a3b783dda46e8a720991343d715522e90c8a1b52c153a0e41aacdddb2b066e4e6543f4fcd8f6b96c98f4aa1e1a2b321c9528fcdb7b8d935fb3c482607b895700acbb09000bda28fd33210e7f4808b8e949e1b21bf735d35209c755f6497a69ce9146f171b26dd2519f50ba93d3b1a37d11ed59e600e7d5e7bbf73058ad842eb533d353b85f7cee0ec104db2bb126cf6e067687e1bf9dae8044187027871207b533fcd22e5e88d107b3e0f0998c709aacd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
mlockall(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0x13, 0x0, 0x0, 0x0, 0x174}, 0x3c)

21:57:00 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="e03f03002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:57:00 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:00 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:00 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]})
mount(&(0x7f0000000080)=@filename='./file0\x00', 0x0, 0x0, 0x0, &(0x7f0000000100)='\x00')

21:57:00 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  983.703302][T14627] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  983.724760][T14627] CPU: 1 PID: 14627 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  983.733909][T14627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  983.743971][T14627] Call Trace:
[  983.747289][T14627]  dump_stack+0x172/0x1f0
[  983.751873][T14627]  dump_header+0x177/0x1152
[  983.756412][T14627]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  983.762228][T14627]  ? ___ratelimit+0x2c8/0x595
[  983.767009][T14627]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  983.772833][T14627]  ? lockdep_hardirqs_on+0x418/0x5d0
[  983.778130][T14627]  ? trace_hardirqs_on+0x67/0x240
[  983.783167][T14627]  ? pagefault_out_of_memory+0x11c/0x11c
[  983.788807][T14627]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  983.794649][T14627]  ? ___ratelimit+0x60/0x595
[  983.799255][T14627]  ? do_raw_spin_unlock+0x57/0x270
[  983.804386][T14627]  oom_kill_process.cold+0x10/0x15
[  983.809515][T14627]  out_of_memory+0x334/0x1340
[  983.814235][T14627]  ? lock_downgrade+0x920/0x920
[  983.819123][T14627]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[  983.824970][T14627]  ? oom_killer_disable+0x280/0x280
[  983.830191][T14627]  mem_cgroup_out_of_memory+0x1d8/0x240
[  983.835750][T14627]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  983.841394][T14627]  ? do_raw_spin_unlock+0x57/0x270
[  983.846523][T14627]  ? _raw_spin_unlock+0x2d/0x50
[  983.851394][T14627]  try_charge+0xf4b/0x1440
[  983.855829][T14627]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  983.861378][T14627]  ? percpu_ref_tryget_live+0x111/0x290
[  983.866948][T14627]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.873205][T14627]  ? __kasan_check_read+0x11/0x20
[  983.878245][T14627]  ? get_mem_cgroup_from_mm+0x156/0x320
[  983.883800][T14627]  mem_cgroup_try_charge+0x136/0x590
[  983.889099][T14627]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  983.895349][T14627]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  983.901004][T14627]  __handle_mm_fault+0x1e34/0x3f20
[  983.906134][T14627]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  983.911702][T14627]  ? __kasan_check_read+0x11/0x20
[  983.916744][T14627]  handle_mm_fault+0x1b5/0x6c0
[  983.921526][T14627]  __get_user_pages+0x7d4/0x1b30
[  983.926476][T14627]  ? mark_held_locks+0xf0/0xf0
[  983.931262][T14627]  ? follow_page_mask+0x1cf0/0x1cf0
[  983.936465][T14627]  ? __mm_populate+0x270/0x380
[  983.941248][T14627]  ? __kasan_check_write+0x14/0x20
[  983.946372][T14627]  ? down_read+0x109/0x430
[  983.950797][T14627]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.957085][T14627]  populate_vma_page_range+0x20d/0x2a0
[  983.962576][T14627]  __mm_populate+0x204/0x380
[  983.967194][T14627]  ? populate_vma_page_range+0x2a0/0x2a0
[  983.972844][T14627]  ? __kasan_check_write+0x14/0x20
[  983.977986][T14627]  ? up_write+0x155/0x490
[  983.982331][T14627]  ? ns_capable_common+0x93/0x100
[  983.987383][T14627]  __x64_sys_mlockall+0x473/0x520
[  983.992461][T14627]  do_syscall_64+0xfa/0x760
[  983.996995][T14627]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  984.002896][T14627] RIP: 0033:0x4598e9
[  984.006803][T14627] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  984.026545][T14627] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  984.034969][T14627] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  984.042944][T14627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
21:57:01 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  984.050923][T14627] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  984.058901][T14627] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  984.066875][T14627] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  984.082129][T14627] memory: usage 307200kB, limit 307200kB, failcnt 504
[  984.096543][T14627] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  984.110616][T14627] Memory cgroup stats for /syz2:
[  984.110741][T14627] anon 303869952
[  984.110741][T14627] file 0
[  984.110741][T14627] kernel_stack 589824
[  984.110741][T14627] slab 7192576
[  984.110741][T14627] sock 0
[  984.110741][T14627] shmem 0
[  984.110741][T14627] file_mapped 0
[  984.110741][T14627] file_dirty 0
[  984.110741][T14627] file_writeback 0
[  984.110741][T14627] anon_thp 270532608
[  984.110741][T14627] inactive_anon 267137024
[  984.110741][T14627] active_anon 4546560
[  984.110741][T14627] inactive_file 0
[  984.110741][T14627] active_file 0
[  984.110741][T14627] unevictable 32231424
[  984.110741][T14627] slab_reclaimable 2703360
[  984.110741][T14627] slab_unreclaimable 4489216
[  984.110741][T14627] pgfault 45672
[  984.110741][T14627] pgmajfault 0
[  984.110741][T14627] workingset_refault 0
[  984.110741][T14627] workingset_activate 0
[  984.110741][T14627] workingset_nodereclaim 0
[  984.110741][T14627] pgrefill 166
[  984.110741][T14627] pgscan 165
[  984.110741][T14627] pgsteal 0
[  984.110741][T14627] pgactivate 99
21:57:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="640100202a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  984.207449][T14627] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14607,uid=0
[  984.254216][T14627] Memory cgroup out of memory: Killed process 14607 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  984.324545][T14620] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  984.332734][ T1066] oom_reaper: reaped process 14607 (syz-executor.2), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB
[  984.347310][T14620] CPU: 0 PID: 14620 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[  984.356466][T14620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  984.366544][T14620] Call Trace:
[  984.369874][T14620]  dump_stack+0x172/0x1f0
[  984.374242][T14620]  dump_header+0x177/0x1152
[  984.378790][T14620]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  984.384621][T14620]  ? ___ratelimit+0x2c8/0x595
[  984.389327][T14620]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  984.395167][T14620]  ? lockdep_hardirqs_on+0x418/0x5d0
[  984.400489][T14620]  ? trace_hardirqs_on+0x67/0x240
[  984.405548][T14620]  ? pagefault_out_of_memory+0x11c/0x11c
[  984.411368][T14620]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  984.417219][T14620]  ? ___ratelimit+0x60/0x595
[  984.421843][T14620]  ? do_raw_spin_unlock+0x57/0x270
[  984.427000][T14620]  oom_kill_process.cold+0x10/0x15
[  984.432152][T14620]  out_of_memory+0x334/0x1340
[  984.436873][T14620]  ? lock_downgrade+0x920/0x920
[  984.441763][T14620]  ? oom_killer_disable+0x280/0x280
[  984.447002][T14620]  mem_cgroup_out_of_memory+0x1d8/0x240
[  984.452593][T14620]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  984.458477][T14620]  ? do_raw_spin_unlock+0x57/0x270
[  984.463632][T14620]  ? _raw_spin_unlock+0x2d/0x50
[  984.468529][T14620]  try_charge+0xf4b/0x1440
[  984.472992][T14620]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  984.478567][T14620]  ? percpu_ref_tryget_live+0x111/0x290
[  984.484269][T14620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  984.490611][T14620]  ? __kasan_check_read+0x11/0x20
[  984.495687][T14620]  ? get_mem_cgroup_from_mm+0x156/0x320
[  984.501380][T14620]  mem_cgroup_try_charge+0x136/0x590
[  984.506699][T14620]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  984.512979][T14620]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  984.518655][T14620]  __handle_mm_fault+0x1e34/0x3f20
[  984.523805][T14620]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  984.529389][T14620]  ? __kasan_check_read+0x11/0x20
[  984.534446][T14620]  handle_mm_fault+0x1b5/0x6c0
[  984.539238][T14620]  __get_user_pages+0x7d4/0x1b30
[  984.544198][T14620]  ? mark_held_locks+0xf0/0xf0
[  984.549010][T14620]  ? follow_page_mask+0x1cf0/0x1cf0
[  984.554244][T14620]  ? __mm_populate+0x270/0x380
[  984.559046][T14620]  ? __kasan_check_write+0x14/0x20
[  984.564188][T14620]  ? down_read+0x109/0x430
[  984.568630][T14620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  984.574904][T14620]  populate_vma_page_range+0x20d/0x2a0
[  984.580406][T14620]  __mm_populate+0x204/0x380
[  984.585040][T14620]  ? populate_vma_page_range+0x2a0/0x2a0
[  984.590708][T14620]  ? __kasan_check_write+0x14/0x20
[  984.595865][T14620]  ? up_write+0x155/0x490
[  984.600224][T14620]  ? ns_capable_common+0x93/0x100
[  984.605286][T14620]  __x64_sys_mlockall+0x473/0x520
[  984.610350][T14620]  do_syscall_64+0xfa/0x760
[  984.614891][T14620]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  984.620814][T14620] RIP: 0033:0x4598e9
[  984.624727][T14620] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  984.644554][T14620] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  984.653008][T14620] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  984.661446][T14620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
21:57:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="00f0ff7f2a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  984.669579][T14620] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  984.677685][T14620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[  984.685713][T14620] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:57:02 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="effdffff2a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:57:02 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000000f002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:57:02 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240200002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  985.198520][T14620] memory: usage 307200kB, limit 307200kB, failcnt 111
[  985.217953][T14620] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  985.397423][T14620] Memory cgroup stats for /syz4:
[  985.397536][T14620] anon 299847680
[  985.397536][T14620] file 77824
[  985.397536][T14620] kernel_stack 720896
[  985.397536][T14620] slab 10579968
[  985.397536][T14620] sock 225280
[  985.397536][T14620] shmem 0
[  985.397536][T14620] file_mapped 0
[  985.397536][T14620] file_dirty 0
[  985.397536][T14620] file_writeback 0
[  985.397536][T14620] anon_thp 266338304
[  985.397536][T14620] inactive_anon 237920256
[  985.397536][T14620] active_anon 7290880
[  985.397536][T14620] inactive_file 135168
[  985.397536][T14620] active_file 0
[  985.397536][T14620] unevictable 54616064
[  985.397536][T14620] slab_reclaimable 3108864
[  985.397536][T14620] slab_unreclaimable 7471104
[  985.397536][T14620] pgfault 37455
[  985.397536][T14620] pgmajfault 0
[  985.397536][T14620] workingset_refault 0
[  985.397536][T14620] workingset_activate 0
[  985.397536][T14620] workingset_nodereclaim 0
[  985.397536][T14620] pgrefill 101
[  985.397536][T14620] pgscan 99
[  985.397536][T14620] pgsteal 0
[  985.492651][T14620] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14615,uid=0
[  985.508584][T14620] Memory cgroup out of memory: Killed process 14615 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[  985.534210][ T1066] oom_reaper: reaped process 14615 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  985.545588][T14625] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  985.563624][T14625] CPU: 1 PID: 14625 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  985.572876][T14625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  985.582944][T14625] Call Trace:
[  985.586243][T14625]  dump_stack+0x172/0x1f0
[  985.590612][T14625]  dump_header+0x177/0x1152
[  985.595122][T14625]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  985.601070][T14625]  ? ___ratelimit+0x2c8/0x595
[  985.605792][T14625]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  985.611619][T14625]  ? lockdep_hardirqs_on+0x418/0x5d0
[  985.616916][T14625]  ? trace_hardirqs_on+0x67/0x240
[  985.621946][T14625]  ? pagefault_out_of_memory+0x11c/0x11c
[  985.627585][T14625]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  985.633441][T14625]  ? ___ratelimit+0x60/0x595
[  985.638058][T14625]  ? do_raw_spin_unlock+0x57/0x270
[  985.643192][T14625]  oom_kill_process.cold+0x10/0x15
[  985.648320][T14625]  out_of_memory+0x334/0x1340
[  985.648338][T14625]  ? lock_downgrade+0x920/0x920
[  985.648358][T14625]  ? oom_killer_disable+0x280/0x280
[  985.658054][T14625]  mem_cgroup_out_of_memory+0x1d8/0x240
[  985.658071][T14625]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  985.658090][T14625]  ? do_raw_spin_unlock+0x57/0x270
[  985.658109][T14625]  ? _raw_spin_unlock+0x2d/0x50
[  985.658128][T14625]  try_charge+0xf4b/0x1440
[  985.658150][T14625]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  985.658170][T14625]  ? percpu_ref_tryget_live+0x111/0x290
[  985.688881][T14625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.688902][T14625]  ? __kasan_check_read+0x11/0x20
[  985.699973][T14625]  ? get_mem_cgroup_from_mm+0x156/0x320
[  985.699992][T14625]  mem_cgroup_try_charge+0x136/0x590
[  985.700014][T14625]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  985.728309][T14625]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  985.733958][T14625]  __handle_mm_fault+0x1e34/0x3f20
[  985.739102][T14625]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  985.744689][T14625]  ? __kasan_check_read+0x11/0x20
[  985.749743][T14625]  handle_mm_fault+0x1b5/0x6c0
[  985.754618][T14625]  __get_user_pages+0x7d4/0x1b30
[  985.759666][T14625]  ? mark_held_locks+0xf0/0xf0
[  985.764455][T14625]  ? follow_page_mask+0x1cf0/0x1cf0
[  985.769659][T14625]  ? __mm_populate+0x270/0x380
[  985.774791][T14625]  ? __kasan_check_write+0x14/0x20
[  985.779925][T14625]  ? down_read+0x109/0x430
[  985.784379][T14625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.790645][T14625]  populate_vma_page_range+0x20d/0x2a0
[  985.796151][T14625]  __mm_populate+0x204/0x380
[  985.800789][T14625]  ? populate_vma_page_range+0x2a0/0x2a0
[  985.806443][T14625]  ? __kasan_check_write+0x14/0x20
[  985.811584][T14625]  ? up_write+0x155/0x490
[  985.815932][T14625]  ? ns_capable_common+0x93/0x100
[  985.821011][T14625]  __x64_sys_mlockall+0x473/0x520
[  985.826110][T14625]  do_syscall_64+0xfa/0x760
[  985.830645][T14625]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  985.836543][T14625] RIP: 0033:0x4598e9
[  985.840516][T14625] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  985.860221][T14625] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  985.868644][T14625] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  985.877137][T14625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  985.885138][T14625] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  985.893104][T14625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  985.901077][T14625] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  985.909937][T14625] memory: usage 307200kB, limit 307200kB, failcnt 925
[  985.916790][T14625] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  985.923748][T14625] Memory cgroup stats for /syz1:
[  985.923872][T14625] anon 301985792
[  985.923872][T14625] file 40960
[  985.923872][T14625] kernel_stack 851968
[  985.923872][T14625] slab 7659520
[  985.923872][T14625] sock 4096
[  985.923872][T14625] shmem 0
[  985.923872][T14625] file_mapped 0
[  985.923872][T14625] file_dirty 0
[  985.923872][T14625] file_writeback 0
[  985.923872][T14625] anon_thp 266338304
[  985.923872][T14625] inactive_anon 204746752
[  985.923872][T14625] active_anon 20078592
[  985.923872][T14625] inactive_file 0
[  985.923872][T14625] active_file 0
[  985.923872][T14625] unevictable 77250560
[  985.923872][T14625] slab_reclaimable 2297856
[  985.923872][T14625] slab_unreclaimable 5361664
[  985.923872][T14625] pgfault 58245
[  985.923872][T14625] pgmajfault 0
[  985.923872][T14625] workingset_refault 0
[  985.923872][T14625] workingset_activate 0
[  985.923872][T14625] workingset_nodereclaim 0
[  985.923872][T14625] pgrefill 267
[  985.923872][T14625] pgscan 266
[  985.923872][T14625] pgsteal 33
[  986.017685][T14625] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14621,uid=0
[  986.017834][T14625] Memory cgroup out of memory: Killed process 14621 (syz-executor.1) total-vm:72576kB, anon-rss:16080kB, file-rss:37024kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[  986.018290][ T1066] oom_reaper: reaped process 14621 (syz-executor.1), now anon-rss:16124kB, file-rss:37956kB, shmem-rss:0kB
21:57:10 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:10 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240300002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:57:10 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:10 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:57:10 executing program 5:
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:57:10 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  993.305310][T14672] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  993.331894][T14672] CPU: 0 PID: 14672 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  993.341049][T14672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  993.351118][T14672] Call Trace:
[  993.351144][T14672]  dump_stack+0x172/0x1f0
[  993.351168][T14672]  dump_header+0x177/0x1152
[  993.358775][T14672]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  993.358790][T14672]  ? ___ratelimit+0x2c8/0x595
[  993.358805][T14672]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  993.358821][T14672]  ? lockdep_hardirqs_on+0x418/0x5d0
[  993.358842][T14672]  ? trace_hardirqs_on+0x67/0x240
[  993.390121][T14672]  ? pagefault_out_of_memory+0x11c/0x11c
[  993.395783][T14672]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  993.401628][T14672]  ? ___ratelimit+0x60/0x595
[  993.406232][T14672]  ? do_raw_spin_unlock+0x57/0x270
[  993.411368][T14672]  oom_kill_process.cold+0x10/0x15
[  993.416493][T14672]  out_of_memory+0x334/0x1340
[  993.416520][T14672]  ? oom_killer_disable+0x280/0x280
[  993.416548][T14672]  mem_cgroup_out_of_memory+0x1d8/0x240
[  993.416561][T14672]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  993.416587][T14672]  ? _raw_spin_unlock+0x41/0x50
[  993.426456][T14672]  try_charge+0xf4b/0x1440
[  993.426481][T14672]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
21:57:10 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240400002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  993.426493][T14672]  ? percpu_ref_tryget_live+0x111/0x290
[  993.426518][T14672]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.426534][T14672]  ? __kasan_check_read+0x11/0x20
[  993.426551][T14672]  ? get_mem_cgroup_from_mm+0x156/0x320
[  993.426569][T14672]  mem_cgroup_try_charge+0x136/0x590
[  993.426590][T14672]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  993.486942][T14672]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  993.493222][T14672]  __handle_mm_fault+0x1e34/0x3f20
[  993.498400][T14672]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  993.503978][T14672]  ? __kasan_check_read+0x11/0x20
[  993.509026][T14672]  handle_mm_fault+0x1b5/0x6c0
[  993.513811][T14672]  __get_user_pages+0x7d4/0x1b30
[  993.518972][T14672]  ? mark_held_locks+0xf0/0xf0
[  993.523747][T14672]  ? follow_page_mask+0x1cf0/0x1cf0
[  993.528937][T14672]  ? __mm_populate+0x270/0x380
[  993.533898][T14672]  ? __kasan_check_write+0x14/0x20
[  993.539001][T14672]  ? down_read+0x109/0x430
[  993.543408][T14672]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.550809][T14672]  populate_vma_page_range+0x20d/0x2a0
[  993.556479][T14672]  __mm_populate+0x204/0x380
[  993.561088][T14672]  ? populate_vma_page_range+0x2a0/0x2a0
[  993.566723][T14672]  ? __kasan_check_write+0x14/0x20
[  993.572017][T14672]  ? up_write+0x155/0x490
[  993.576345][T14672]  ? ns_capable_common+0x93/0x100
[  993.581360][T14672]  __x64_sys_mlockall+0x473/0x520
[  993.586372][T14672]  do_syscall_64+0xfa/0x760
[  993.590863][T14672]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  993.596760][T14672] RIP: 0033:0x4598e9
[  993.600646][T14672] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  993.620248][T14672] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  993.629001][T14672] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  993.637196][T14672] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  993.645357][T14672] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
21:57:10 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  993.653813][T14672] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  993.661874][T14672] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  993.674126][T14672] memory: usage 307200kB, limit 307200kB, failcnt 543
[  993.681204][T14672] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  993.699972][T14672] Memory cgroup stats for /syz2:
[  993.700103][T14672] anon 303837184
[  993.700103][T14672] file 0
[  993.700103][T14672] kernel_stack 589824
[  993.700103][T14672] slab 7405568
[  993.700103][T14672] sock 0
[  993.700103][T14672] shmem 0
[  993.700103][T14672] file_mapped 0
[  993.700103][T14672] file_dirty 0
[  993.700103][T14672] file_writeback 0
[  993.700103][T14672] anon_thp 272629760
[  993.700103][T14672] inactive_anon 264949760
[  993.700103][T14672] active_anon 4648960
[  993.700103][T14672] inactive_file 0
[  993.700103][T14672] active_file 0
[  993.700103][T14672] unevictable 34250752
[  993.700103][T14672] slab_reclaimable 2703360
[  993.700103][T14672] slab_unreclaimable 4702208
[  993.700103][T14672] pgfault 46497
[  993.700103][T14672] pgmajfault 0
[  993.700103][T14672] workingset_refault 0
[  993.700103][T14672] workingset_activate 0
[  993.700103][T14672] workingset_nodereclaim 0
[  993.700103][T14672] pgrefill 166
[  993.700103][T14672] pgscan 165
[  993.700103][T14672] pgsteal 0
[  993.700103][T14672] pgactivate 99
21:57:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240600002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  993.855577][T14672] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14649,uid=0
21:57:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240a00002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  993.967287][T14672] Memory cgroup out of memory: Killed process 14649 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
21:57:11 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  994.043108][ T1066] oom_reaper: reaped process 14649 (syz-executor.2), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB
[  994.058094][T14666] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  994.119625][T14666] CPU: 1 PID: 14666 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  994.128811][T14666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  994.138885][T14666] Call Trace:
[  994.142212][T14666]  dump_stack+0x172/0x1f0
[  994.146568][T14666]  dump_header+0x177/0x1152
[  994.151079][T14666]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  994.156988][T14666]  ? ___ratelimit+0x2c8/0x595
[  994.161671][T14666]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  994.167783][T14666]  ? lockdep_hardirqs_on+0x418/0x5d0
[  994.173249][T14666]  ? trace_hardirqs_on+0x67/0x240
[  994.178540][T14666]  ? pagefault_out_of_memory+0x11c/0x11c
[  994.184184][T14666]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  994.190687][T14666]  ? ___ratelimit+0x60/0x595
[  994.195279][T14666]  ? do_raw_spin_unlock+0x57/0x270
[  994.200490][T14666]  oom_kill_process.cold+0x10/0x15
[  994.205607][T14666]  out_of_memory+0x334/0x1340
[  994.210282][T14666]  ? lock_downgrade+0x920/0x920
[  994.215143][T14666]  ? oom_killer_disable+0x280/0x280
[  994.220354][T14666]  mem_cgroup_out_of_memory+0x1d8/0x240
[  994.225908][T14666]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  994.231551][T14666]  ? do_raw_spin_unlock+0x57/0x270
[  994.236679][T14666]  ? _raw_spin_unlock+0x2d/0x50
[  994.241565][T14666]  try_charge+0xf4b/0x1440
[  994.246003][T14666]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  994.251549][T14666]  ? percpu_ref_tryget_live+0x111/0x290
[  994.257102][T14666]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  994.257122][T14666]  ? __kasan_check_read+0x11/0x20
[  994.257142][T14666]  ? get_mem_cgroup_from_mm+0x156/0x320
[  994.268386][T14666]  mem_cgroup_try_charge+0x136/0x590
[  994.268404][T14666]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  994.268424][T14666]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  994.268446][T14666]  __handle_mm_fault+0x1e34/0x3f20
[  994.268468][T14666]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  994.268495][T14666]  ? __kasan_check_read+0x11/0x20
[  994.268517][T14666]  handle_mm_fault+0x1b5/0x6c0
[  994.311608][T14666]  __get_user_pages+0x7d4/0x1b30
[  994.311626][T14666]  ? mark_held_locks+0xf0/0xf0
[  994.311650][T14666]  ? follow_page_mask+0x1cf0/0x1cf0
[  994.321323][T14666]  ? __mm_populate+0x270/0x380
[  994.321347][T14666]  ? __kasan_check_write+0x14/0x20
[  994.321364][T14666]  ? down_read+0x109/0x430
[  994.321386][T14666]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  994.347022][T14666]  populate_vma_page_range+0x20d/0x2a0
[  994.352496][T14666]  __mm_populate+0x204/0x380
[  994.357090][T14666]  ? populate_vma_page_range+0x2a0/0x2a0
[  994.362724][T14666]  ? __kasan_check_write+0x14/0x20
[  994.367840][T14666]  ? up_write+0x155/0x490
[  994.372169][T14666]  ? ns_capable_common+0x93/0x100
[  994.377201][T14666]  __x64_sys_mlockall+0x473/0x520
[  994.382245][T14666]  do_syscall_64+0xfa/0x760
[  994.386755][T14666]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  994.392642][T14666] RIP: 0033:0x4598e9
[  994.396536][T14666] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:57:11 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  994.416141][T14666] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  994.424557][T14666] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  994.432539][T14666] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  994.440519][T14666] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  994.448493][T14666] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  994.456465][T14666] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  994.487481][T14666] memory: usage 307200kB, limit 307200kB, failcnt 960
[  994.500801][T14666] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  994.509821][T14666] Memory cgroup stats for /syz1:
[  994.509931][T14666] anon 302514176
[  994.509931][T14666] file 40960
[  994.509931][T14666] kernel_stack 851968
[  994.509931][T14666] slab 7258112
[  994.509931][T14666] sock 4096
[  994.509931][T14666] shmem 0
[  994.509931][T14666] file_mapped 0
[  994.509931][T14666] file_dirty 0
[  994.509931][T14666] file_writeback 0
[  994.509931][T14666] anon_thp 266338304
[  994.509931][T14666] inactive_anon 204828672
[  994.509931][T14666] active_anon 20066304
[  994.509931][T14666] inactive_file 0
[  994.509931][T14666] active_file 0
[  994.509931][T14666] unevictable 77791232
[  994.509931][T14666] slab_reclaimable 2297856
[  994.509931][T14666] slab_unreclaimable 4960256
[  994.509931][T14666] pgfault 58905
[  994.509931][T14666] pgmajfault 0
[  994.509931][T14666] workingset_refault 0
21:57:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240e00002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  994.509931][T14666] workingset_activate 0
[  994.509931][T14666] workingset_nodereclaim 0
[  994.509931][T14666] pgrefill 267
[  994.509931][T14666] pgscan 266
[  994.509931][T14666] pgsteal 33
[  994.615491][T14666] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14664,uid=0
[  994.642516][T14666] Memory cgroup out of memory: Killed process 14664 (syz-executor.1) total-vm:72576kB, anon-rss:16612kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
21:57:11 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240f00002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[  994.690019][ T1066] oom_reaper: reaped process 14664 (syz-executor.1), now anon-rss:16656kB, file-rss:37956kB, shmem-rss:0kB
[  994.701918][T14663] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  994.728877][T14663] CPU: 1 PID: 14663 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[  994.738025][T14663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  994.748111][T14663] Call Trace:
[  994.751419][T14663]  dump_stack+0x172/0x1f0
[  994.755766][T14663]  dump_header+0x177/0x1152
[  994.760290][T14663]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  994.766102][T14663]  ? ___ratelimit+0x2c8/0x595
[  994.770797][T14663]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  994.776611][T14663]  ? lockdep_hardirqs_on+0x418/0x5d0
[  994.781901][T14663]  ? trace_hardirqs_on+0x67/0x240
[  994.786935][T14663]  ? pagefault_out_of_memory+0x11c/0x11c
[  994.792572][T14663]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  994.792589][T14663]  ? ___ratelimit+0x60/0x595
[  994.792603][T14663]  ? do_raw_spin_unlock+0x57/0x270
[  994.792622][T14663]  oom_kill_process.cold+0x10/0x15
[  994.792642][T14663]  out_of_memory+0x334/0x1340
[  994.808376][T14663]  ? lock_downgrade+0x920/0x920
[  994.818137][T14663]  ? oom_killer_disable+0x280/0x280
[  994.818166][T14663]  mem_cgroup_out_of_memory+0x1d8/0x240
[  994.818185][T14663]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  994.828212][T14663]  ? do_raw_spin_unlock+0x57/0x270
[  994.828233][T14663]  ? _raw_spin_unlock+0x2d/0x50
[  994.828256][T14663]  try_charge+0xf4b/0x1440
[  994.828282][T14663]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  994.828296][T14663]  ? percpu_ref_tryget_live+0x111/0x290
[  994.828321][T14663]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  994.871514][T14663]  ? __kasan_check_read+0x11/0x20
[  994.876569][T14663]  ? get_mem_cgroup_from_mm+0x156/0x320
[  994.882151][T14663]  mem_cgroup_try_charge+0x136/0x590
[  994.887452][T14663]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  994.893721][T14663]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  994.899375][T14663]  __handle_mm_fault+0x1e34/0x3f20
[  994.904505][T14663]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  994.910082][T14663]  ? __kasan_check_read+0x11/0x20
[  994.915140][T14663]  handle_mm_fault+0x1b5/0x6c0
[  994.919924][T14663]  __get_user_pages+0x7d4/0x1b30
[  994.924875][T14663]  ? mark_held_locks+0xf0/0xf0
[  994.929660][T14663]  ? follow_page_mask+0x1cf0/0x1cf0
[  994.934867][T14663]  ? __mm_populate+0x270/0x380
[  994.939644][T14663]  ? __kasan_check_write+0x14/0x20
[  994.939661][T14663]  ? down_read+0x109/0x430
[  994.939682][T14663]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  994.949182][T14663]  populate_vma_page_range+0x20d/0x2a0
[  994.949205][T14663]  __mm_populate+0x204/0x380
[  994.949221][T14663]  ? populate_vma_page_range+0x2a0/0x2a0
[  994.949239][T14663]  ? __kasan_check_write+0x14/0x20
[  994.976216][T14663]  ? up_write+0x155/0x490
[  994.980552][T14663]  ? ns_capable_common+0x93/0x100
[  994.985590][T14663]  __x64_sys_mlockall+0x473/0x520
[  994.990612][T14663]  do_syscall_64+0xfa/0x760
[  994.995125][T14663]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  995.001021][T14663] RIP: 0033:0x4598e9
[  995.004917][T14663] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  995.024525][T14663] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  995.033029][T14663] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
21:57:12 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[  995.041002][T14663] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  995.049061][T14663] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  995.057034][T14663] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[  995.065009][T14663] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  995.074665][T14663] memory: usage 307068kB, limit 307200kB, failcnt 122
[  995.081440][T14663] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  995.088386][T14663] Memory cgroup stats for /syz4:
[  995.088507][T14663] anon 300191744
[  995.088507][T14663] file 77824
[  995.088507][T14663] kernel_stack 786432
[  995.088507][T14663] slab 10031104
[  995.088507][T14663] sock 225280
[  995.088507][T14663] shmem 0
[  995.088507][T14663] file_mapped 0
[  995.088507][T14663] file_dirty 0
[  995.088507][T14663] file_writeback 0
[  995.088507][T14663] anon_thp 266338304
[  995.088507][T14663] inactive_anon 237948928
[  995.088507][T14663] active_anon 7290880
[  995.088507][T14663] inactive_file 135168
[  995.088507][T14663] active_file 0
[  995.088507][T14663] unevictable 54988800
[  995.088507][T14663] slab_reclaimable 2973696
[  995.088507][T14663] slab_unreclaimable 7057408
[  995.088507][T14663] pgfault 38874
[  995.088507][T14663] pgmajfault 0
[  995.088507][T14663] workingset_refault 0
[  995.088507][T14663] workingset_activate 0
[  995.088507][T14663] workingset_nodereclaim 0
[  995.088507][T14663] pgrefill 135
[  995.088507][T14663] pgscan 132
[  995.088507][T14663] pgsteal 0
[  995.192052][T14663] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14655,uid=0
[  995.215987][T14663] Memory cgroup out of memory: Killed process 14655 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[  995.236333][T14695] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  995.250056][T14695] CPU: 1 PID: 14695 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[  995.252978][ T1066] oom_reaper: reaped process 14655 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  995.259165][T14695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  995.259172][T14695] Call Trace:
[  995.259196][T14695]  dump_stack+0x172/0x1f0
[  995.259217][T14695]  dump_header+0x177/0x1152
[  995.292644][T14695]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  995.298450][T14695]  ? ___ratelimit+0x2c8/0x595
[  995.303129][T14695]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  995.308935][T14695]  ? lockdep_hardirqs_on+0x418/0x5d0
[  995.314220][T14695]  ? trace_hardirqs_on+0x67/0x240
[  995.319248][T14695]  ? pagefault_out_of_memory+0x11c/0x11c
[  995.324881][T14695]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  995.330687][T14695]  ? ___ratelimit+0x60/0x595
[  995.335273][T14695]  ? do_raw_spin_unlock+0x57/0x270
[  995.340385][T14695]  oom_kill_process.cold+0x10/0x15
[  995.345498][T14695]  out_of_memory+0x334/0x1340
[  995.350173][T14695]  ? lock_downgrade+0x920/0x920
[  995.355027][T14695]  ? oom_killer_disable+0x280/0x280
[  995.360236][T14695]  mem_cgroup_out_of_memory+0x1d8/0x240
[  995.365775][T14695]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  995.371511][T14695]  ? do_raw_spin_unlock+0x57/0x270
[  995.376622][T14695]  ? _raw_spin_unlock+0x2d/0x50
[  995.381492][T14695]  try_charge+0xf4b/0x1440
[  995.385949][T14695]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  995.391509][T14695]  ? percpu_ref_tryget_live+0x111/0x290
[  995.391533][T14695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.403296][T14695]  ? __kasan_check_read+0x11/0x20
[  995.403316][T14695]  ? get_mem_cgroup_from_mm+0x156/0x320
[  995.403335][T14695]  mem_cgroup_try_charge+0x136/0x590
[  995.419140][T14695]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  995.425390][T14695]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  995.431026][T14695]  __handle_mm_fault+0x1e34/0x3f20
[  995.436137][T14695]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  995.436166][T14695]  ? __kasan_check_read+0x11/0x20
[  995.436188][T14695]  handle_mm_fault+0x1b5/0x6c0
[  995.451487][T14695]  __get_user_pages+0x7d4/0x1b30
[  995.456430][T14695]  ? mark_held_locks+0xf0/0xf0
[  995.461200][T14695]  ? follow_page_mask+0x1cf0/0x1cf0
[  995.466396][T14695]  ? __mm_populate+0x270/0x380
[  995.471170][T14695]  ? __kasan_check_write+0x14/0x20
[  995.476282][T14695]  ? down_read+0x109/0x430
[  995.480703][T14695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.486956][T14695]  populate_vma_page_range+0x20d/0x2a0
21:57:12 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[  995.492427][T14695]  __mm_populate+0x204/0x380
[  995.497026][T14695]  ? populate_vma_page_range+0x2a0/0x2a0
[  995.502664][T14695]  ? __kasan_check_write+0x14/0x20
[  995.507785][T14695]  ? up_write+0x155/0x490
[  995.512202][T14695]  ? ns_capable_common+0x93/0x100
[  995.517234][T14695]  __x64_sys_mlockall+0x473/0x520
[  995.522259][T14695]  do_syscall_64+0xfa/0x760
[  995.526773][T14695]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  995.532666][T14695] RIP: 0033:0x4598e9
[  995.536560][T14695] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  995.556265][T14695] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  995.556279][T14695] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  995.556286][T14695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  995.556294][T14695] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  995.556301][T14695] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[  995.556309][T14695] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  995.557548][T14695] memory: usage 307200kB, limit 307200kB, failcnt 577
[  995.595126][T14695] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  995.627960][T14695] Memory cgroup stats for /syz2:
[  995.628079][T14695] anon 303448064
[  995.628079][T14695] file 0
[  995.628079][T14695] kernel_stack 589824
[  995.628079][T14695] slab 7622656
[  995.628079][T14695] sock 0
[  995.628079][T14695] shmem 0
[  995.628079][T14695] file_mapped 0
[  995.628079][T14695] file_dirty 0
[  995.628079][T14695] file_writeback 0
[  995.628079][T14695] anon_thp 272629760
[  995.628079][T14695] inactive_anon 265142272
[  995.628079][T14695] active_anon 4608000
[  995.628079][T14695] inactive_file 0
[  995.628079][T14695] active_file 0
[  995.628079][T14695] unevictable 33988608
[  995.628079][T14695] slab_reclaimable 2703360
[  995.628079][T14695] slab_unreclaimable 4919296
[  995.628079][T14695] pgfault 47256
[  995.628079][T14695] pgmajfault 0
[  995.628079][T14695] workingset_refault 0
[  995.628079][T14695] workingset_activate 0
[  995.628079][T14695] workingset_nodereclaim 0
[  995.628079][T14695] pgrefill 166
[  995.628079][T14695] pgscan 165
[  995.628079][T14695] pgsteal 0
[  995.628079][T14695] pgactivate 99
[  995.732910][T14695] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14693,uid=0
[  995.750717][T14695] Memory cgroup out of memory: Killed process 14693 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[  995.779546][ T1066] oom_reaper: reaped process 14693 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
[  995.797150][T14705] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  995.811705][T14705] CPU: 0 PID: 14705 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[  995.821093][T14705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  995.832098][T14705] Call Trace:
[  995.835580][T14705]  dump_stack+0x172/0x1f0
[  995.839940][T14705]  dump_header+0x177/0x1152
[  995.844447][T14705]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  995.850340][T14705]  ? ___ratelimit+0x2c8/0x595
[  995.855024][T14705]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  995.860831][T14705]  ? lockdep_hardirqs_on+0x418/0x5d0
[  995.866122][T14705]  ? trace_hardirqs_on+0x67/0x240
[  995.871335][T14705]  ? pagefault_out_of_memory+0x11c/0x11c
[  995.876982][T14705]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  995.882835][T14705]  ? ___ratelimit+0x60/0x595
[  995.887459][T14705]  ? do_raw_spin_unlock+0x57/0x270
[  995.892580][T14705]  oom_kill_process.cold+0x10/0x15
[  995.898624][T14705]  out_of_memory+0x334/0x1340
[  995.898641][T14705]  ? lock_downgrade+0x920/0x920
[  995.898662][T14705]  ? oom_killer_disable+0x280/0x280
[  995.898690][T14705]  mem_cgroup_out_of_memory+0x1d8/0x240
[  995.898706][T14705]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  995.898725][T14705]  ? do_raw_spin_unlock+0x57/0x270
[  995.908338][T14705]  ? _raw_spin_unlock+0x2d/0x50
[  995.908359][T14705]  try_charge+0xf4b/0x1440
[  995.908383][T14705]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  995.908408][T14705]  ? percpu_ref_tryget_live+0x111/0x290
[  995.951349][T14705]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.957605][T14705]  ? __kasan_check_read+0x11/0x20
[  995.957626][T14705]  ? get_mem_cgroup_from_mm+0x156/0x320
[  995.957642][T14705]  mem_cgroup_try_charge+0x136/0x590
[  995.957657][T14705]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  995.957675][T14705]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  995.968474][T14705]  __handle_mm_fault+0x1e34/0x3f20
[  995.968494][T14705]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  995.968524][T14705]  ? __kasan_check_read+0x11/0x20
[  995.968545][T14705]  handle_mm_fault+0x1b5/0x6c0
[  995.968562][T14705]  __get_user_pages+0x7d4/0x1b30
[  995.968580][T14705]  ? mark_held_locks+0xf0/0xf0
[  996.017957][T14705]  ? follow_page_mask+0x1cf0/0x1cf0
[  996.023335][T14705]  ? __mm_populate+0x270/0x380
[  996.028114][T14705]  ? __kasan_check_write+0x14/0x20
[  996.034301][T14705]  ? down_read+0x109/0x430
[  996.038720][T14705]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.044969][T14705]  populate_vma_page_range+0x20d/0x2a0
[  996.050444][T14705]  __mm_populate+0x204/0x380
[  996.055051][T14705]  ? populate_vma_page_range+0x2a0/0x2a0
[  996.060792][T14705]  ? __kasan_check_write+0x14/0x20
[  996.065912][T14705]  ? up_write+0x155/0x490
[  996.070251][T14705]  ? ns_capable_common+0x93/0x100
[  996.075392][T14705]  __x64_sys_mlockall+0x473/0x520
[  996.080552][T14705]  do_syscall_64+0xfa/0x760
[  996.085078][T14705]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  996.091392][T14705] RIP: 0033:0x4598e9
[  996.095285][T14705] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  996.115392][T14705] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  996.125467][T14705] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  996.133432][T14705] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  996.141423][T14705] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  996.149518][T14705] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[  996.157492][T14705] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  996.169981][T14705] memory: usage 307196kB, limit 307200kB, failcnt 989
[  996.178012][T14705] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  996.185471][T14705] Memory cgroup stats for /syz1:
[  996.185601][T14705] anon 302481408
[  996.185601][T14705] file 40960
[  996.185601][T14705] kernel_stack 851968
[  996.185601][T14705] slab 7258112
[  996.185601][T14705] sock 4096
[  996.185601][T14705] shmem 0
[  996.185601][T14705] file_mapped 0
[  996.185601][T14705] file_dirty 0
[  996.185601][T14705] file_writeback 0
[  996.185601][T14705] anon_thp 266338304
[  996.185601][T14705] inactive_anon 204873728
[  996.185601][T14705] active_anon 20135936
[  996.185601][T14705] inactive_file 0
[  996.185601][T14705] active_file 0
[  996.185601][T14705] unevictable 77684736
[  996.185601][T14705] slab_reclaimable 2297856
[  996.185601][T14705] slab_unreclaimable 4960256
[  996.185601][T14705] pgfault 59598
[  996.185601][T14705] pgmajfault 0
[  996.185601][T14705] workingset_refault 0
[  996.185601][T14705] workingset_activate 0
[  996.185601][T14705] workingset_nodereclaim 0
[  996.185601][T14705] pgrefill 267
[  996.185601][T14705] pgscan 266
[  996.185601][T14705] pgsteal 33
[  996.288250][T14705] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14704,uid=0
[  996.304424][T14705] Memory cgroup out of memory: Killed process 14704 (syz-executor.1) total-vm:72576kB, anon-rss:16612kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[  996.328093][ T1066] oom_reaper: reaped process 14704 (syz-executor.1), now anon-rss:16656kB, file-rss:37956kB, shmem-rss:0kB
[  996.344048][T14711] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  996.361896][T14711] CPU: 0 PID: 14711 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[  996.371420][T14711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  996.382638][T14711] Call Trace:
[  996.386129][T14711]  dump_stack+0x172/0x1f0
[  996.391231][T14711]  dump_header+0x177/0x1152
[  996.396205][T14711]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  996.402265][T14711]  ? ___ratelimit+0x2c8/0x595
[  996.407786][T14711]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  996.414233][T14711]  ? lockdep_hardirqs_on+0x418/0x5d0
[  996.420363][T14711]  ? trace_hardirqs_on+0x67/0x240
[  996.428420][T14711]  ? pagefault_out_of_memory+0x11c/0x11c
[  996.435060][T14711]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  996.441666][T14711]  ? ___ratelimit+0x60/0x595
[  996.446450][T14711]  ? do_raw_spin_unlock+0x57/0x270
[  996.452376][T14711]  oom_kill_process.cold+0x10/0x15
[  996.458119][T14711]  out_of_memory+0x334/0x1340
[  996.462840][T14711]  ? lock_downgrade+0x920/0x920
[  996.468085][T14711]  ? oom_killer_disable+0x280/0x280
[  996.474167][T14711]  mem_cgroup_out_of_memory+0x1d8/0x240
[  996.480001][T14711]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[  996.487558][T14711]  ? do_raw_spin_unlock+0x57/0x270
[  996.493928][T14711]  ? _raw_spin_unlock+0x2d/0x50
[  996.498770][T14711]  try_charge+0xf4b/0x1440
[  996.503424][T14711]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[  996.509644][T14711]  ? percpu_ref_tryget_live+0x111/0x290
[  996.515363][T14711]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.521975][T14711]  ? __kasan_check_read+0x11/0x20
[  996.528990][T14711]  ? get_mem_cgroup_from_mm+0x156/0x320
[  996.534705][T14711]  mem_cgroup_try_charge+0x136/0x590
[  996.540452][T14711]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  996.546721][T14711]  mem_cgroup_try_charge_delay+0x1f/0xa0
[  996.553223][T14711]  __handle_mm_fault+0x1e34/0x3f20
[  996.559511][T14711]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[  996.565084][T14711]  ? __kasan_check_read+0x11/0x20
[  996.570311][T14711]  handle_mm_fault+0x1b5/0x6c0
[  996.575097][T14711]  __get_user_pages+0x7d4/0x1b30
[  996.580049][T14711]  ? mark_held_locks+0xf0/0xf0
[  996.585862][T14711]  ? follow_page_mask+0x1cf0/0x1cf0
[  996.591492][T14711]  ? __mm_populate+0x270/0x380
[  996.596278][T14711]  ? __kasan_check_write+0x14/0x20
[  996.601403][T14711]  ? down_read+0x109/0x430
[  996.605803][T14711]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.612025][T14711]  populate_vma_page_range+0x20d/0x2a0
[  996.618086][T14711]  __mm_populate+0x204/0x380
[  996.623798][T14711]  ? populate_vma_page_range+0x2a0/0x2a0
[  996.629783][T14711]  ? __kasan_check_write+0x14/0x20
[  996.635725][T14711]  ? up_write+0x155/0x490
[  996.640043][T14711]  ? ns_capable_common+0x93/0x100
[  996.645159][T14711]  __x64_sys_mlockall+0x473/0x520
[  996.650164][T14711]  do_syscall_64+0xfa/0x760
[  996.654651][T14711]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  996.661331][T14711] RIP: 0033:0x4598e9
[  996.665911][T14711] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  996.686475][T14711] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  996.695105][T14711] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[  996.703785][T14711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  996.712013][T14711] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  996.720695][T14711] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[  996.729385][T14711] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[  996.741760][T14711] memory: usage 306840kB, limit 307200kB, failcnt 136
[  996.748910][T14711] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[  996.756548][T14711] Memory cgroup stats for /syz4:
[  996.756663][T14711] anon 300298240
[  996.756663][T14711] file 77824
[  996.756663][T14711] kernel_stack 720896
[  996.756663][T14711] slab 9691136
[  996.756663][T14711] sock 225280
[  996.756663][T14711] shmem 0
[  996.756663][T14711] file_mapped 0
[  996.756663][T14711] file_dirty 0
[  996.756663][T14711] file_writeback 0
[  996.756663][T14711] anon_thp 266338304
[  996.756663][T14711] inactive_anon 237948928
[  996.756663][T14711] active_anon 7290880
[  996.756663][T14711] inactive_file 0
[  996.756663][T14711] active_file 0
[  996.756663][T14711] unevictable 55111680
[  996.756663][T14711] slab_reclaimable 2973696
[  996.756663][T14711] slab_unreclaimable 6717440
[  996.756663][T14711] pgfault 40227
[  996.756663][T14711] pgmajfault 0
[  996.756663][T14711] workingset_refault 0
[  996.756663][T14711] workingset_activate 0
[  996.756663][T14711] workingset_nodereclaim 0
[  996.756663][T14711] pgrefill 168
[  996.756663][T14711] pgscan 166
[  996.756663][T14711] pgsteal 0
[  996.858275][T14711] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14709,uid=0
[  996.878305][T14711] Memory cgroup out of memory: Killed process 14709 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[  996.908173][ T1066] oom_reaper: reaped process 14709 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB
21:57:19 executing program 5:
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:57:19 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:19 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="246000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:57:19 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:19 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:19 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

[ 1002.073437][T14733] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1002.103597][T14733] CPU: 0 PID: 14733 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1002.113235][T14733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1002.129826][T14733] Call Trace:
[ 1002.133345][T14733]  dump_stack+0x172/0x1f0
[ 1002.137801][T14733]  dump_header+0x177/0x1152
[ 1002.142336][T14733]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1002.148162][T14733]  ? ___ratelimit+0x2c8/0x595
[ 1002.153219][T14733]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1002.159132][T14733]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1002.164429][T14733]  ? trace_hardirqs_on+0x67/0x240
[ 1002.169913][T14733]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1002.176345][T14733]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1002.182612][T14733]  ? ___ratelimit+0x60/0x595
[ 1002.187219][T14733]  ? do_raw_spin_unlock+0x57/0x270
[ 1002.192352][T14733]  oom_kill_process.cold+0x10/0x15
[ 1002.197481][T14733]  out_of_memory+0x334/0x1340
[ 1002.202252][T14733]  ? lock_downgrade+0x920/0x920
[ 1002.207122][T14733]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1002.212952][T14733]  ? oom_killer_disable+0x280/0x280
[ 1002.218173][T14733]  mem_cgroup_out_of_memory+0x1d8/0x240
21:57:19 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="24f000002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[ 1002.223947][T14733]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1002.229591][T14733]  ? do_raw_spin_unlock+0x57/0x270
[ 1002.234723][T14733]  ? _raw_spin_unlock+0x2d/0x50
[ 1002.239586][T14733]  try_charge+0xf4b/0x1440
[ 1002.244114][T14733]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1002.249659][T14733]  ? percpu_ref_tryget_live+0x111/0x290
[ 1002.255216][T14733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.261655][T14733]  ? __kasan_check_read+0x11/0x20
[ 1002.266728][T14733]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1002.272390][T14733]  mem_cgroup_try_charge+0x136/0x590
[ 1002.277691][T14733]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1002.283948][T14733]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1002.289600][T14733]  __handle_mm_fault+0x1e34/0x3f20
[ 1002.295076][T14733]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1002.300649][T14733]  ? __kasan_check_read+0x11/0x20
[ 1002.305691][T14733]  handle_mm_fault+0x1b5/0x6c0
[ 1002.310463][T14733]  __get_user_pages+0x7d4/0x1b30
[ 1002.315403][T14733]  ? mark_held_locks+0xf0/0xf0
[ 1002.320178][T14733]  ? follow_page_mask+0x1cf0/0x1cf0
[ 1002.325372][T14733]  ? __mm_populate+0x270/0x380
[ 1002.330580][T14733]  ? __kasan_check_write+0x14/0x20
[ 1002.335704][T14733]  ? down_read+0x109/0x430
[ 1002.340141][T14733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.340164][T14733]  populate_vma_page_range+0x20d/0x2a0
[ 1002.340186][T14733]  __mm_populate+0x204/0x380
[ 1002.340205][T14733]  ? populate_vma_page_range+0x2a0/0x2a0
[ 1002.340220][T14733]  ? __kasan_check_write+0x14/0x20
[ 1002.340240][T14733]  ? up_write+0x155/0x490
[ 1002.351920][T14733]  ? ns_capable_common+0x93/0x100
[ 1002.351945][T14733]  __x64_sys_mlockall+0x473/0x520
[ 1002.351966][T14733]  do_syscall_64+0xfa/0x760
[ 1002.351990][T14733]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1002.352002][T14733] RIP: 0033:0x4598e9
[ 1002.352021][T14733] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1002.419096][T14733] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[ 1002.419114][T14733] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[ 1002.419122][T14733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1002.419130][T14733] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1002.419139][T14733] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[ 1002.419148][T14733] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[ 1002.438850][T14733] memory: usage 307200kB, limit 307200kB, failcnt 597
[ 1002.458501][T14733] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1002.501923][T14733] Memory cgroup stats for /syz2:
[ 1002.502035][T14733] anon 303583232
[ 1002.502035][T14733] file 0
[ 1002.502035][T14733] kernel_stack 589824
[ 1002.502035][T14733] slab 7487488
[ 1002.502035][T14733] sock 0
21:57:19 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[ 1002.502035][T14733] shmem 0
[ 1002.502035][T14733] file_mapped 0
[ 1002.502035][T14733] file_dirty 0
[ 1002.502035][T14733] file_writeback 0
[ 1002.502035][T14733] anon_thp 272629760
[ 1002.502035][T14733] inactive_anon 265146368
[ 1002.502035][T14733] active_anon 4612096
[ 1002.502035][T14733] inactive_file 0
[ 1002.502035][T14733] active_file 0
[ 1002.502035][T14733] unevictable 33988608
[ 1002.502035][T14733] slab_reclaimable 2568192
[ 1002.502035][T14733] slab_unreclaimable 4919296
[ 1002.502035][T14733] pgfault 48147
[ 1002.502035][T14733] pgmajfault 0
[ 1002.502035][T14733] workingset_refault 0
[ 1002.502035][T14733] workingset_activate 0
[ 1002.502035][T14733] workingset_nodereclaim 0
[ 1002.502035][T14733] pgrefill 166
[ 1002.502035][T14733] pgscan 165
[ 1002.502035][T14733] pgsteal 0
[ 1002.502035][T14733] pgactivate 99
[ 1002.606113][T14733] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14714,uid=0
21:57:19 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="242702002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[ 1002.672570][T14733] Memory cgroup out of memory: Killed process 14714 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1002.742962][T14731] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1002.765278][T14731] CPU: 1 PID: 14731 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1002.774431][T14731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1002.784500][T14731] Call Trace:
[ 1002.787819][T14731]  dump_stack+0x172/0x1f0
[ 1002.792184][T14731]  dump_header+0x177/0x1152
[ 1002.796719][T14731]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1002.802535][T14731]  ? ___ratelimit+0x2c8/0x595
[ 1002.807223][T14731]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1002.813042][T14731]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1002.818334][T14731]  ? trace_hardirqs_on+0x67/0x240
[ 1002.823366][T14731]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1002.829006][T14731]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1002.834827][T14731]  ? ___ratelimit+0x60/0x595
[ 1002.839430][T14731]  ? do_raw_spin_unlock+0x57/0x270
[ 1002.844573][T14731]  oom_kill_process.cold+0x10/0x15
[ 1002.849722][T14731]  out_of_memory+0x334/0x1340
[ 1002.854431][T14731]  ? lock_downgrade+0x920/0x920
[ 1002.859314][T14731]  ? oom_killer_disable+0x280/0x280
[ 1002.864550][T14731]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1002.870135][T14731]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1002.875801][T14731]  ? do_raw_spin_unlock+0x57/0x270
[ 1002.880951][T14731]  ? _raw_spin_unlock+0x2d/0x50
[ 1002.885833][T14731]  try_charge+0xf4b/0x1440
[ 1002.890271][T14731]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1002.895848][T14731]  ? percpu_ref_tryget_live+0x111/0x290
[ 1002.901417][T14731]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.907663][T14731]  ? __kasan_check_read+0x11/0x20
[ 1002.907683][T14731]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1002.907696][T14731]  mem_cgroup_try_charge+0x136/0x590
[ 1002.907718][T14731]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1002.907734][T14731]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1002.907763][T14731]  __handle_mm_fault+0x1e34/0x3f20
[ 1002.918329][T14731]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1002.918363][T14731]  ? __kasan_check_read+0x11/0x20
[ 1002.918386][T14731]  handle_mm_fault+0x1b5/0x6c0
[ 1002.918408][T14731]  __get_user_pages+0x7d4/0x1b30
[ 1002.940644][T14731]  ? mark_held_locks+0xf0/0xf0
[ 1002.940675][T14731]  ? follow_page_mask+0x1cf0/0x1cf0
[ 1002.940698][T14731]  ? __mm_populate+0x270/0x380
[ 1002.956025][T14731]  ? __kasan_check_write+0x14/0x20
[ 1002.956044][T14731]  ? down_read+0x109/0x430
[ 1002.956061][T14731]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.956080][T14731]  populate_vma_page_range+0x20d/0x2a0
[ 1002.956098][T14731]  __mm_populate+0x204/0x380
[ 1002.985303][T14731]  ? populate_vma_page_range+0x2a0/0x2a0
[ 1003.007203][T14731]  ? __kasan_check_write+0x14/0x20
[ 1003.012411][T14731]  ? up_write+0x155/0x490
[ 1003.016884][T14731]  ? ns_capable_common+0x93/0x100
[ 1003.021941][T14731]  __x64_sys_mlockall+0x473/0x520
[ 1003.026986][T14731]  do_syscall_64+0xfa/0x760
[ 1003.031517][T14731]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1003.037422][T14731] RIP: 0033:0x4598e9
[ 1003.041328][T14731] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1003.060955][T14731] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[ 1003.069420][T14731] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[ 1003.077408][T14731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1003.085393][T14731] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1003.093370][T14731] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
[ 1003.101349][T14731] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
21:57:20 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[ 1003.135378][T14731] memory: usage 307188kB, limit 307200kB, failcnt 156
[ 1003.142198][T14731] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1003.152489][T14731] Memory cgroup stats for /syz4:
[ 1003.152614][T14731] anon 300867584
[ 1003.152614][T14731] file 77824
[ 1003.152614][T14731] kernel_stack 786432
[ 1003.152614][T14731] slab 9592832
[ 1003.152614][T14731] sock 225280
[ 1003.152614][T14731] shmem 0
[ 1003.152614][T14731] file_mapped 0
[ 1003.152614][T14731] file_dirty 0
[ 1003.152614][T14731] file_writeback 0
[ 1003.152614][T14731] anon_thp 266338304
[ 1003.152614][T14731] inactive_anon 237916160
[ 1003.152614][T14731] active_anon 7290880
[ 1003.152614][T14731] inactive_file 0
[ 1003.152614][T14731] active_file 0
[ 1003.152614][T14731] unevictable 55664640
[ 1003.152614][T14731] slab_reclaimable 2973696
[ 1003.152614][T14731] slab_unreclaimable 6619136
[ 1003.152614][T14731] pgfault 41712
[ 1003.152614][T14731] pgmajfault 0
[ 1003.152614][T14731] workingset_refault 0
[ 1003.152614][T14731] workingset_activate 0
21:57:20 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240003002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[ 1003.152614][T14731] workingset_nodereclaim 0
[ 1003.152614][T14731] pgrefill 201
[ 1003.152614][T14731] pgscan 199
[ 1003.152614][T14731] pgsteal 0
[ 1003.285183][T14731] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14717,uid=0
[ 1003.308422][T14731] Memory cgroup out of memory: Killed process 14717 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1003.362897][T14729] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1003.403627][T14729] CPU: 1 PID: 14729 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1003.412799][T14729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1003.422871][T14729] Call Trace:
[ 1003.426179][T14729]  dump_stack+0x172/0x1f0
[ 1003.430547][T14729]  dump_header+0x177/0x1152
[ 1003.435073][T14729]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1003.440891][T14729]  ? ___ratelimit+0x2c8/0x595
[ 1003.445575][T14729]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1003.451393][T14729]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1003.456684][T14729]  ? trace_hardirqs_on+0x67/0x240
[ 1003.461723][T14729]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1003.467371][T14729]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1003.473186][T14729]  ? ___ratelimit+0x60/0x595
[ 1003.477897][T14729]  ? do_raw_spin_unlock+0x57/0x270
[ 1003.483056][T14729]  oom_kill_process.cold+0x10/0x15
[ 1003.488188][T14729]  out_of_memory+0x334/0x1340
[ 1003.492878][T14729]  ? lock_downgrade+0x920/0x920
[ 1003.497749][T14729]  ? oom_killer_disable+0x280/0x280
[ 1003.502980][T14729]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1003.508544][T14729]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1003.514200][T14729]  ? do_raw_spin_unlock+0x57/0x270
[ 1003.519341][T14729]  ? _raw_spin_unlock+0x2d/0x50
[ 1003.524217][T14729]  try_charge+0xf4b/0x1440
[ 1003.528665][T14729]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1003.534238][T14729]  ? percpu_ref_tryget_live+0x111/0x290
[ 1003.539809][T14729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.546338][T14729]  ? __kasan_check_read+0x11/0x20
[ 1003.551392][T14729]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1003.556961][T14729]  mem_cgroup_try_charge+0x136/0x590
[ 1003.562263][T14729]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1003.568519][T14729]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1003.574199][T14729]  __handle_mm_fault+0x1e34/0x3f20
[ 1003.579331][T14729]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1003.584915][T14729]  ? __kasan_check_read+0x11/0x20
[ 1003.589978][T14729]  handle_mm_fault+0x1b5/0x6c0
[ 1003.594762][T14729]  __get_user_pages+0x7d4/0x1b30
[ 1003.599721][T14729]  ? mark_held_locks+0xf0/0xf0
[ 1003.599759][T14729]  ? follow_page_mask+0x1cf0/0x1cf0
[ 1003.609710][T14729]  ? __mm_populate+0x270/0x380
[ 1003.614509][T14729]  ? __kasan_check_write+0x14/0x20
[ 1003.619643][T14729]  ? down_read+0x109/0x430
[ 1003.624083][T14729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.630358][T14729]  populate_vma_page_range+0x20d/0x2a0
[ 1003.635847][T14729]  __mm_populate+0x204/0x380
[ 1003.640466][T14729]  ? populate_vma_page_range+0x2a0/0x2a0
[ 1003.646126][T14729]  ? __kasan_check_write+0x14/0x20
[ 1003.651245][T14729]  ? up_write+0x155/0x490
[ 1003.655575][T14729]  ? ns_capable_common+0x93/0x100
[ 1003.660614][T14729]  __x64_sys_mlockall+0x473/0x520
[ 1003.665646][T14729]  do_syscall_64+0xfa/0x760
[ 1003.670162][T14729]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1003.676055][T14729] RIP: 0033:0x4598e9
[ 1003.679950][T14729] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:57:20 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240006002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[ 1003.699567][T14729] RSP: 002b:00007f11e84b4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[ 1003.708002][T14729] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[ 1003.715993][T14729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1003.723986][T14729] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1003.731968][T14729] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f11e84b56d4
[ 1003.731978][T14729] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[ 1003.748571][T14729] memory: usage 307200kB, limit 307200kB, failcnt 1004
[ 1003.758854][T14729] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1003.770819][T14729] Memory cgroup stats for /syz1:
[ 1003.770937][T14729] anon 302501888
[ 1003.770937][T14729] file 40960
[ 1003.770937][T14729] kernel_stack 851968
[ 1003.770937][T14729] slab 7258112
[ 1003.770937][T14729] sock 4096
[ 1003.770937][T14729] shmem 0
[ 1003.770937][T14729] file_mapped 0
[ 1003.770937][T14729] file_dirty 0
[ 1003.770937][T14729] file_writeback 0
[ 1003.770937][T14729] anon_thp 266338304
[ 1003.770937][T14729] inactive_anon 204849152
[ 1003.770937][T14729] active_anon 20135936
[ 1003.770937][T14729] inactive_file 0
[ 1003.770937][T14729] active_file 0
[ 1003.770937][T14729] unevictable 77705216
[ 1003.770937][T14729] slab_reclaimable 2297856
[ 1003.770937][T14729] slab_unreclaimable 4960256
[ 1003.770937][T14729] pgfault 60258
[ 1003.770937][T14729] pgmajfault 0
[ 1003.770937][T14729] workingset_refault 0
[ 1003.770937][T14729] workingset_activate 0
[ 1003.770937][T14729] workingset_nodereclaim 0
[ 1003.770937][T14729] pgrefill 267
[ 1003.770937][T14729] pgscan 266
[ 1003.770937][T14729] pgsteal 66
[ 1003.870328][T14729] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=14725,uid=0
[ 1003.891799][T14729] Memory cgroup out of memory: Killed process 14725 (syz-executor.1) total-vm:72576kB, anon-rss:16612kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
[ 1003.918143][ T1066] oom_reaper: reaped process 14725 (syz-executor.1), now anon-rss:16656kB, file-rss:37956kB, shmem-rss:0kB
[ 1003.930877][T14752] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1003.947567][T14752] CPU: 1 PID: 14752 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1003.956721][T14752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1003.966886][T14752] Call Trace:
[ 1003.970214][T14752]  dump_stack+0x172/0x1f0
[ 1003.974559][T14752]  dump_header+0x177/0x1152
[ 1003.979077][T14752]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1003.984888][T14752]  ? ___ratelimit+0x2c8/0x595
[ 1003.989578][T14752]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1003.995418][T14752]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1004.000743][T14752]  ? trace_hardirqs_on+0x67/0x240
[ 1004.005804][T14752]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1004.011453][T14752]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1004.017293][T14752]  ? ___ratelimit+0x60/0x595
[ 1004.021900][T14752]  ? do_raw_spin_unlock+0x57/0x270
[ 1004.027032][T14752]  oom_kill_process.cold+0x10/0x15
[ 1004.032338][T14752]  out_of_memory+0x334/0x1340
[ 1004.037144][T14752]  ? lock_downgrade+0x920/0x920
[ 1004.042046][T14752]  ? oom_killer_disable+0x280/0x280
[ 1004.047307][T14752]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1004.052970][T14752]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1004.058601][T14752]  ? do_raw_spin_unlock+0x57/0x270
[ 1004.063707][T14752]  ? _raw_spin_unlock+0x2d/0x50
[ 1004.068547][T14752]  try_charge+0xf4b/0x1440
[ 1004.072962][T14752]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1004.078490][T14752]  ? percpu_ref_tryget_live+0x111/0x290
[ 1004.084031][T14752]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.090274][T14752]  ? __kasan_check_read+0x11/0x20
[ 1004.095304][T14752]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1004.100849][T14752]  mem_cgroup_try_charge+0x136/0x590
[ 1004.106126][T14752]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1004.112371][T14752]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1004.118001][T14752]  __handle_mm_fault+0x1e34/0x3f20
[ 1004.123118][T14752]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1004.128673][T14752]  ? __kasan_check_read+0x11/0x20
[ 1004.133888][T14752]  handle_mm_fault+0x1b5/0x6c0
[ 1004.138641][T14752]  __get_user_pages+0x7d4/0x1b30
[ 1004.143570][T14752]  ? mark_held_locks+0xf0/0xf0
[ 1004.148383][T14752]  ? follow_page_mask+0x1cf0/0x1cf0
[ 1004.153591][T14752]  ? __mm_populate+0x270/0x380
[ 1004.158378][T14752]  ? __kasan_check_write+0x14/0x20
[ 1004.163499][T14752]  ? down_read+0x109/0x430
[ 1004.167923][T14752]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.174205][T14752]  populate_vma_page_range+0x20d/0x2a0
[ 1004.179882][T14752]  __mm_populate+0x204/0x380
[ 1004.184472][T14752]  ? populate_vma_page_range+0x2a0/0x2a0
[ 1004.190278][T14752]  ? __kasan_check_write+0x14/0x20
[ 1004.195389][T14752]  ? up_write+0x155/0x490
[ 1004.199718][T14752]  ? ns_capable_common+0x93/0x100
[ 1004.204818][T14752]  __x64_sys_mlockall+0x473/0x520
[ 1004.209891][T14752]  do_syscall_64+0xfa/0x760
[ 1004.214383][T14752]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1004.220265][T14752] RIP: 0033:0x4598e9
[ 1004.224250][T14752] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1004.243845][T14752] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[ 1004.252250][T14752] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[ 1004.260213][T14752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1004.268177][T14752] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1004.276150][T14752] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[ 1004.284107][T14752] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[ 1004.296549][T14752] memory: usage 307200kB, limit 307200kB, failcnt 624
[ 1004.303464][T14752] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1004.318282][T14752] Memory cgroup stats for /syz2:
[ 1004.318401][T14752] anon 303448064
[ 1004.318401][T14752] file 0
[ 1004.318401][T14752] kernel_stack 589824
[ 1004.318401][T14752] slab 7487488
[ 1004.318401][T14752] sock 0
[ 1004.318401][T14752] shmem 0
[ 1004.318401][T14752] file_mapped 0
[ 1004.318401][T14752] file_dirty 0
[ 1004.318401][T14752] file_writeback 0
[ 1004.318401][T14752] anon_thp 272629760
[ 1004.318401][T14752] inactive_anon 265064448
[ 1004.318401][T14752] active_anon 4612096
[ 1004.318401][T14752] inactive_file 0
[ 1004.318401][T14752] active_file 0
[ 1004.318401][T14752] unevictable 33882112
[ 1004.318401][T14752] slab_reclaimable 2568192
[ 1004.318401][T14752] slab_unreclaimable 4919296
[ 1004.318401][T14752] pgfault 48972
[ 1004.318401][T14752] pgmajfault 0
[ 1004.318401][T14752] workingset_refault 0
[ 1004.318401][T14752] workingset_activate 0
[ 1004.318401][T14752] workingset_nodereclaim 0
[ 1004.318401][T14752] pgrefill 166
[ 1004.318401][T14752] pgscan 165
[ 1004.318401][T14752] pgsteal 0
[ 1004.318401][T14752] pgactivate 132
[ 1004.324140][T14752] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14748,uid=0
[ 1004.439669][T14752] Memory cgroup out of memory: Killed process 14748 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1004.553069][T14752] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000
[ 1004.565888][T14752] CPU: 0 PID: 14752 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1004.575013][T14752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1004.585080][T14752] Call Trace:
[ 1004.588384][T14752]  dump_stack+0x172/0x1f0
[ 1004.592850][T14752]  dump_header+0x177/0x1152
[ 1004.597387][T14752]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1004.603228][T14752]  ? ___ratelimit+0x2c8/0x595
[ 1004.607925][T14752]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 1004.613839][T14752]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1004.619125][T14752]  ? trace_hardirqs_on+0x67/0x240
[ 1004.624138][T14752]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1004.629763][T14752]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1004.635552][T14752]  ? ___ratelimit+0x60/0x595
[ 1004.640145][T14752]  ? do_raw_spin_unlock+0x57/0x270
[ 1004.645248][T14752]  oom_kill_process.cold+0x10/0x15
[ 1004.650350][T14752]  out_of_memory+0x334/0x1340
[ 1004.655022][T14752]  ? lock_downgrade+0x920/0x920
[ 1004.659879][T14752]  ? mem_cgroup_unmark_under_oom+0x8d/0xb0
[ 1004.665673][T14752]  ? oom_killer_disable+0x280/0x280
[ 1004.670867][T14752]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1004.676403][T14752]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1004.682027][T14752]  ? do_raw_spin_unlock+0x57/0x270
[ 1004.687127][T14752]  ? _raw_spin_unlock+0x2d/0x50
[ 1004.692454][T14752]  try_charge+0xf4b/0x1440
[ 1004.697042][T14752]  ? __lock_acquire+0x800/0x4a00
[ 1004.702131][T14752]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1004.707865][T14752]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1004.713864][T14752]  ? cache_grow_begin+0x122/0xd20
[ 1004.718895][T14752]  ? find_held_lock+0x35/0x130
[ 1004.723672][T14752]  ? cache_grow_begin+0x122/0xd20
[ 1004.728710][T14752]  __memcg_kmem_charge_memcg+0x71/0xf0
[ 1004.734191][T14752]  ? memcg_kmem_put_cache+0x50/0x50
[ 1004.739394][T14752]  ? __kasan_check_read+0x11/0x20
[ 1004.744409][T14752]  cache_grow_begin+0x629/0xd20
[ 1004.749291][T14752]  ? __sanitizer_cov_trace_cmp2+0x11/0x20
[ 1004.755013][T14752]  ? mempolicy_slab_node+0x139/0x390
[ 1004.760294][T14752]  fallback_alloc+0x1fd/0x2d0
[ 1004.764966][T14752]  ____cache_alloc_node+0x1bc/0x1d0
[ 1004.770152][T14752]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1004.776375][T14752]  kmem_cache_alloc_trace+0x21c/0x790
[ 1004.781739][T14752]  kvm_uevent_notify_change.part.0+0x1fc/0x460
[ 1004.787881][T14752]  kvm_dev_ioctl+0x1088/0x1650
[ 1004.792637][T14752]  ? kvm_debugfs_release+0x90/0x90
[ 1004.797744][T14752]  ? kvm_debugfs_release+0x90/0x90
[ 1004.802898][T14752]  do_vfs_ioctl+0xdb6/0x13e0
[ 1004.807492][T14752]  ? ioctl_preallocate+0x210/0x210
[ 1004.812628][T14752]  ? __fget+0x384/0x560
[ 1004.816790][T14752]  ? ksys_dup3+0x3e0/0x3e0
[ 1004.821209][T14752]  ? nsecs_to_jiffies+0x30/0x30
[ 1004.826088][T14752]  ? tomoyo_file_ioctl+0x23/0x30
[ 1004.831027][T14752]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.837292][T14752]  ? security_file_ioctl+0x8d/0xc0
[ 1004.842404][T14752]  ksys_ioctl+0xab/0xd0
[ 1004.846554][T14752]  __x64_sys_ioctl+0x73/0xb0
[ 1004.851133][T14752]  do_syscall_64+0xfa/0x760
[ 1004.855634][T14752]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1004.861525][T14752] RIP: 0033:0x4598e9
[ 1004.865408][T14752] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1004.885119][T14752] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1004.893520][T14752] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9
[ 1004.901483][T14752] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000004
[ 1004.909441][T14752] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1004.917396][T14752] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[ 1004.925364][T14752] R13: 00000000004c2841 R14: 00000000004d5ec8 R15: 00000000ffffffff
[ 1004.937789][T14752] memory: usage 307192kB, limit 307200kB, failcnt 661
[ 1004.944734][T14752] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1004.951648][T14752] Memory cgroup stats for /syz2:
[ 1004.951757][T14752] anon 303144960
[ 1004.951757][T14752] file 0
[ 1004.951757][T14752] kernel_stack 655360
[ 1004.951757][T14752] slab 7749632
[ 1004.951757][T14752] sock 0
[ 1004.951757][T14752] shmem 0
[ 1004.951757][T14752] file_mapped 0
[ 1004.951757][T14752] file_dirty 0
[ 1004.951757][T14752] file_writeback 0
[ 1004.951757][T14752] anon_thp 272629760
[ 1004.951757][T14752] inactive_anon 248582144
[ 1004.951757][T14752] active_anon 2506752
[ 1004.951757][T14752] inactive_file 0
[ 1004.951757][T14752] active_file 0
[ 1004.951757][T14752] unevictable 52215808
[ 1004.951757][T14752] slab_reclaimable 2568192
[ 1004.951757][T14752] slab_unreclaimable 5181440
[ 1004.951757][T14752] pgfault 49632
[ 1004.951757][T14752] pgmajfault 0
[ 1004.951757][T14752] workingset_refault 0
[ 1004.951757][T14752] workingset_activate 0
[ 1004.951757][T14752] workingset_nodereclaim 0
[ 1004.951757][T14752] pgrefill 166
[ 1004.951757][T14752] pgscan 165
[ 1004.951757][T14752] pgsteal 0
[ 1004.951757][T14752] pgactivate 132
[ 1005.048557][T14752] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14750,uid=0
[ 1005.065205][T14752] Memory cgroup out of memory: Killed process 14750 (syz-executor.2) total-vm:72840kB, anon-rss:18196kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000
[ 1005.087783][ T1066] 
[ 1005.090259][ T1066] ============================================
[ 1005.096422][ T1066] WARNING: possible recursive locking detected
[ 1005.102609][ T1066] 5.3.0-rc6-next-20190830 #75 Not tainted
[ 1005.108347][ T1066] --------------------------------------------
[ 1005.114495][ T1066] oom_reaper/1066 is trying to acquire lock:
[ 1005.120452][ T1066] ffffffff8904ff60 (mmu_notifier_invalidate_range_start){+.+.}, at: __mmu_notifier_invalidate_range_end+0x0/0x360
[ 1005.132439][ T1066] 
[ 1005.132439][ T1066] but task is already holding lock:
[ 1005.140249][ T1066] ffffffff8904ff60 (mmu_notifier_invalidate_range_start){+.+.}, at: __oom_reap_task_mm+0x196/0x490
[ 1005.150920][ T1066] 
[ 1005.150920][ T1066] other info that might help us debug this:
[ 1005.159316][ T1066]  Possible unsafe locking scenario:
[ 1005.159316][ T1066] 
[ 1005.166990][ T1066]        CPU0
[ 1005.170269][ T1066]        ----
[ 1005.173853][ T1066]   lock(mmu_notifier_invalidate_range_start);
[ 1005.179985][ T1066]   lock(mmu_notifier_invalidate_range_start);
[ 1005.186239][ T1066] 
[ 1005.186239][ T1066]  *** DEADLOCK ***
[ 1005.186239][ T1066] 
[ 1005.194570][ T1066]  May be due to missing lock nesting notation
[ 1005.194570][ T1066] 
[ 1005.202884][ T1066] 2 locks held by oom_reaper/1066:
[ 1005.207989][ T1066]  #0: ffff888090ea6550 (&mm->mmap_sem#2){++++}, at: oom_reaper+0x3a7/0x1320
[ 1005.216855][ T1066]  #1: ffffffff8904ff60 (mmu_notifier_invalidate_range_start){+.+.}, at: __oom_reap_task_mm+0x196/0x490
[ 1005.228116][ T1066] 
[ 1005.228116][ T1066] stack backtrace:
[ 1005.234604][ T1066] CPU: 0 PID: 1066 Comm: oom_reaper Not tainted 5.3.0-rc6-next-20190830 #75
[ 1005.243269][ T1066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1005.253323][ T1066] Call Trace:
[ 1005.256612][ T1066]  dump_stack+0x172/0x1f0
[ 1005.260988][ T1066]  __lock_acquire.cold+0x15d/0x385
[ 1005.266109][ T1066]  ? mark_held_locks+0xf0/0xf0
[ 1005.270880][ T1066]  ? unmap_page_range+0x1df4/0x2380
[ 1005.276073][ T1066]  lock_acquire+0x190/0x410
[ 1005.280580][ T1066]  ? __mmu_notifier_invalidate_range_start+0x210/0x210
[ 1005.287432][ T1066]  __mmu_notifier_invalidate_range_end+0x3c/0x360
[ 1005.294489][ T1066]  ? __mmu_notifier_invalidate_range_start+0x210/0x210
[ 1005.301394][ T1066]  ? __mmu_notifier_invalidate_range_start+0x1a5/0x210
[ 1005.308250][ T1066]  __oom_reap_task_mm+0x3fa/0x490
[ 1005.313260][ T1066]  ? process_shares_mm+0x130/0x130
[ 1005.318351][ T1066]  ? oom_reaper+0x3a7/0x1320
[ 1005.322921][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1005.329151][ T1066]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1005.335688][ T1066]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1005.341740][ T1066]  ? __kasan_check_read+0x11/0x20
[ 1005.346755][ T1066]  ? do_raw_spin_unlock+0x57/0x270
[ 1005.351849][ T1066]  oom_reaper+0x2b2/0x1320
[ 1005.356246][ T1066]  ? __oom_reap_task_mm+0x490/0x490
[ 1005.361444][ T1066]  ? trace_hardirqs_on+0x67/0x240
[ 1005.366490][ T1066]  ? finish_wait+0x260/0x260
[ 1005.371081][ T1066]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1005.377309][ T1066]  ? __kthread_parkme+0x108/0x1c0
[ 1005.382332][ T1066]  ? __kasan_check_read+0x11/0x20
[ 1005.387346][ T1066]  kthread+0x361/0x430
[ 1005.391683][ T1066]  ? __oom_reap_task_mm+0x490/0x490
[ 1005.396866][ T1066]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 1005.403515][ T1066]  ret_from_fork+0x24/0x30
[ 1005.408474][ T1066] oom_reaper: reaped process 14750 (syz-executor.2), now anon-rss:18224kB, file-rss:54332kB, shmem-rss:0kB
[ 1005.458276][T14752] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1005.465280][T14752] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 1012.582359][T14766] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1012.590081][T14766] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
21:57:30 executing program 5:
mlockall(0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:57:30 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:30 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="24000a002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21:57:30 executing program 4:
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)

21:57:30 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

21:57:30 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[ 1013.623251][T14766] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1013.630430][T14766] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 1013.704740][ T3891] kobject: 'loop5' (00000000479a206f): kobject_uevent_env
[ 1013.714679][ T3891] kobject: 'loop5' (00000000479a206f): fill_kobj_path: path = '/devices/virtual/block/loop5'
[ 1013.737008][T14777] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1013.764187][T14777] CPU: 0 PID: 14777 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1013.773372][T14777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1013.783432][T14777] Call Trace:
[ 1013.786718][T14777]  dump_stack+0x172/0x1f0
[ 1013.791034][T14777]  dump_header+0x177/0x1152
[ 1013.795527][T14777]  ? ___ratelimit+0xf8/0x595
[ 1013.800111][T14777]  ? trace_hardirqs_on+0x67/0x240
[ 1013.805134][T14777]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1013.810763][T14777]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1013.816559][T14777]  ? ___ratelimit+0x60/0x595
[ 1013.821140][T14777]  ? do_raw_spin_unlock+0x57/0x270
[ 1013.826244][T14777]  oom_kill_process.cold+0x10/0x15
[ 1013.831366][T14777]  out_of_memory+0x334/0x1340
[ 1013.836041][T14777]  ? lock_downgrade+0x920/0x920
[ 1013.840886][T14777]  ? oom_killer_disable+0x280/0x280
[ 1013.846081][T14777]  ? __kasan_check_read+0x11/0x20
[ 1013.851116][T14777]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1013.856658][T14777]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1013.862276][T14777]  ? do_raw_spin_unlock+0x57/0x270
[ 1013.867380][T14777]  ? _raw_spin_unlock+0x2d/0x50
[ 1013.872211][T14777]  try_charge+0xf4b/0x1440
[ 1013.876613][T14777]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1013.882145][T14777]  ? percpu_ref_tryget_live+0x111/0x290
[ 1013.888189][T14777]  ? get_mem_cgroup_from_mm+0x16/0x320
[ 1013.893630][T14777]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1013.899157][T14777]  mem_cgroup_try_charge+0x136/0x590
[ 1013.904435][T14777]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1013.910653][T14777]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1013.916276][T14777]  __handle_mm_fault+0x1e34/0x3f20
[ 1013.921391][T14777]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1013.926931][T14777]  ? __kasan_check_read+0x11/0x20
[ 1013.932052][T14777]  ? do_raw_spin_unlock+0x57/0x270
[ 1013.937153][T14777]  ? trace_hardirqs_on+0x67/0x240
[ 1013.942173][T14777]  handle_mm_fault+0x1b5/0x6c0
[ 1013.946968][T14777]  __get_user_pages+0x7d4/0x1b30
[ 1013.951888][T14777]  ? mark_held_locks+0xf0/0xf0
[ 1013.956645][T14777]  ? follow_page_mask+0x1cf0/0x1cf0
[ 1013.961823][T14777]  ? __mm_populate+0x270/0x380
[ 1013.966565][T14777]  ? __kasan_check_write+0x14/0x20
[ 1013.971657][T14777]  ? down_read+0x109/0x430
[ 1013.976056][T14777]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1013.982277][T14777]  populate_vma_page_range+0x20d/0x2a0
[ 1013.987714][T14777]  __mm_populate+0x204/0x380
[ 1013.992287][T14777]  ? populate_vma_page_range+0x2a0/0x2a0
[ 1013.997898][T14777]  ? __kasan_check_write+0x14/0x20
[ 1014.002989][T14777]  ? up_write+0x155/0x490
[ 1014.007297][T14777]  ? ns_capable_common+0x93/0x100
[ 1014.012301][T14777]  __x64_sys_mlockall+0x473/0x520
[ 1014.017315][T14777]  do_syscall_64+0xfa/0x760
[ 1014.021802][T14777]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1014.027672][T14777] RIP: 0033:0x4598e9
[ 1014.031548][T14777] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1014.051138][T14777] RSP: 002b:00007f685c8acc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[ 1014.059539][T14777] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[ 1014.068537][T14777] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1014.076487][T14777] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1014.084449][T14777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f685c8ad6d4
[ 1014.092426][T14777] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[ 1014.105375][T14777] memory: usage 307200kB, limit 307200kB, failcnt 710
[ 1014.122426][T14777] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1014.130350][T14777] Memory cgroup stats for /syz2:
[ 1014.130475][T14777] anon 303284224
[ 1014.130475][T14777] file 0
[ 1014.130475][T14777] kernel_stack 589824
[ 1014.130475][T14777] slab 7749632
[ 1014.130475][T14777] sock 0
[ 1014.130475][T14777] shmem 0
[ 1014.130475][T14777] file_mapped 0
[ 1014.130475][T14777] file_dirty 0
[ 1014.130475][T14777] file_writeback 0
[ 1014.130475][T14777] anon_thp 272629760
[ 1014.130475][T14777] inactive_anon 265084928
[ 1014.130475][T14777] active_anon 4624384
[ 1014.130475][T14777] inactive_file 0
[ 1014.130475][T14777] active_file 0
[ 1014.130475][T14777] unevictable 33689600
[ 1014.130475][T14777] slab_reclaimable 2568192
[ 1014.130475][T14777] slab_unreclaimable 5181440
[ 1014.130475][T14777] pgfault 49731
[ 1014.130475][T14777] pgmajfault 0
[ 1014.130475][T14777] workingset_refault 0
[ 1014.130475][T14777] workingset_activate 0
[ 1014.130475][T14777] workingset_nodereclaim 0
[ 1014.130475][T14777] pgrefill 166
[ 1014.130475][T14777] pgscan 165
[ 1014.130475][T14777] pgsteal 0
[ 1014.130475][T14777] pgactivate 132
[ 1014.150781][T14770] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1014.229055][T14777] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14764,uid=0
[ 1014.236830][T14770] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 1014.250771][T14777] Memory cgroup out of memory: Killed process 14764 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000
[ 1014.307580][T14776] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1014.322634][T14776] CPU: 0 PID: 14776 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1014.330248][T14768] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1014.331782][T14776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1014.331788][T14776] Call Trace:
[ 1014.331815][T14776]  dump_stack+0x172/0x1f0
[ 1014.341451][T14768] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 1014.349222][T14776]  dump_header+0x177/0x1152
[ 1014.349235][T14776]  ? ___ratelimit+0xf8/0x595
[ 1014.349250][T14776]  ? trace_hardirqs_on+0x67/0x240
[ 1014.349262][T14776]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1014.349278][T14776]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1014.349296][T14776]  ? ___ratelimit+0x60/0x595
[ 1014.396706][T14776]  ? do_raw_spin_unlock+0x57/0x270
[ 1014.401844][T14776]  oom_kill_process.cold+0x10/0x15
[ 1014.406988][T14776]  out_of_memory+0x334/0x1340
[ 1014.411702][T14776]  ? lock_downgrade+0x920/0x920
[ 1014.416590][T14776]  ? oom_killer_disable+0x280/0x280
[ 1014.421820][T14776]  ? __kasan_check_read+0x11/0x20
[ 1014.426881][T14776]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1014.432441][T14776]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1014.438090][T14776]  ? do_raw_spin_unlock+0x57/0x270
[ 1014.443210][T14776]  ? _raw_spin_unlock+0x2d/0x50
[ 1014.448070][T14776]  try_charge+0xf4b/0x1440
[ 1014.452491][T14776]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0
[ 1014.458038][T14776]  ? percpu_ref_tryget_live+0x111/0x290
[ 1014.463583][T14776]  ? get_mem_cgroup_from_mm+0x16/0x320
[ 1014.469233][T14776]  ? get_mem_cgroup_from_mm+0x156/0x320
[ 1014.474807][T14776]  mem_cgroup_try_charge+0x136/0x590
[ 1014.480132][T14776]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1014.486392][T14776]  mem_cgroup_try_charge_delay+0x1f/0xa0
[ 1014.492160][T14776]  __handle_mm_fault+0x1e34/0x3f20
[ 1014.497298][T14776]  ? vmf_insert_mixed_mkwrite+0x40/0x40
[ 1014.502889][T14776]  ? __kasan_check_read+0x11/0x20
[ 1014.507950][T14776]  ? do_raw_spin_unlock+0x57/0x270
[ 1014.510692][T14777] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1014.513378][T14776]  ? trace_hardirqs_on+0x67/0x240
[ 1014.522753][T14777] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 1014.525345][T14776]  handle_mm_fault+0x1b5/0x6c0
[ 1014.525362][T14776]  __get_user_pages+0x7d4/0x1b30
[ 1014.525377][T14776]  ? mark_held_locks+0xf0/0xf0
[ 1014.525392][T14776]  ? follow_page_mask+0x1cf0/0x1cf0
[ 1014.525402][T14776]  ? __mm_populate+0x270/0x380
[ 1014.525424][T14776]  ? __kasan_check_write+0x14/0x20
[ 1014.558998][T14772] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1014.560110][T14776]  ? down_read+0x109/0x430
[ 1014.560138][T14776]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1014.566936][T14772] kobject: 'kvm' (0000000017e2fb3e): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 1014.573152][T14776]  populate_vma_page_range+0x20d/0x2a0
[ 1014.573167][T14776]  __mm_populate+0x204/0x380
[ 1014.573186][T14776]  ? populate_vma_page_range+0x2a0/0x2a0
[ 1014.573207][T14776]  ? __kasan_check_write+0x14/0x20
[ 1014.614559][T14776]  ? up_write+0x155/0x490
[ 1014.618908][T14776]  ? ns_capable_common+0x93/0x100
[ 1014.623957][T14776]  __x64_sys_mlockall+0x473/0x520
[ 1014.629247][T14776]  do_syscall_64+0xfa/0x760
[ 1014.633768][T14776]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1014.639667][T14776] RIP: 0033:0x4598e9
21:57:31 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x1, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[ 1014.643584][T14776] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1014.663205][T14776] RSP: 002b:00007f8d1351cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[ 1014.671635][T14776] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004598e9
[ 1014.679619][T14776] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1014.687686][T14776] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1014.695974][T14776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d1351d6d4
21:57:31 executing program 3:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x101200, 0x0)
mlockall(0x1)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000032a000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000329000/0x2000)=nil)
syz_open_dev$vcsa(0x0, 0x0, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f00000002c0)=""/226, 0xe2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xae, 0x0, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x400, 0x20, &(0x7f0000000100)=""/192, &(0x7f00000003c0)=0xc0)

[ 1014.703962][T14776] R13: 00000000004c5dab R14: 00000000004da878 R15: 00000000ffffffff
[ 1014.714857][T14776] memory: usage 307200kB, limit 307200kB, failcnt 186
[ 1014.719036][ T3891] kobject: 'loop3' (00000000903e93a5): kobject_uevent_env
[ 1014.721768][T14776] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1014.735669][ T3891] kobject: 'loop3' (00000000903e93a5): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1014.741320][T14776] Memory cgroup stats for /syz4:
[ 1014.741447][T14776] anon 301436928
[ 1014.741447][T14776] file 77824
[ 1014.741447][T14776] kernel_stack 786432
[ 1014.741447][T14776] slab 8740864
[ 1014.741447][T14776] sock 225280
[ 1014.741447][T14776] shmem 0
[ 1014.741447][T14776] file_mapped 0
[ 1014.741447][T14776] file_dirty 0
[ 1014.741447][T14776] file_writeback 0
[ 1014.741447][T14776] anon_thp 268435456
[ 1014.741447][T14776] inactive_anon 237948928
[ 1014.741447][T14776] active_anon 7290880
[ 1014.741447][T14776] inactive_file 0
[ 1014.741447][T14776] active_file 0
[ 1014.741447][T14776] unevictable 56274944
[ 1014.741447][T14776] slab_reclaimable 2703360
[ 1014.741447][T14776] slab_unreclaimable 6037504
[ 1014.741447][T14776] pgfault 42702
[ 1014.741447][T14776] pgmajfault 0
[ 1014.741447][T14776] workingset_refault 0
[ 1014.741447][T14776] workingset_activate 0
[ 1014.741447][T14776] workingset_nodereclaim 0
[ 1014.741447][T14776] pgrefill 235
[ 1014.741447][T14776] pgscan 232
[ 1014.741447][T14776] pgsteal 0
[ 1014.846882][T14776] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=14758,uid=0
21:57:32 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="24000e002a002d0800000000000000000600000010000800000000000000080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

[ 1014.884176][T14776] Memory cgroup out of memory: Killed process 14758 (syz-executor.4) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000
[ 1014.933035][T14773] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1014.957088][T14773] CPU: 1 PID: 14773 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75
[ 1014.966237][T14773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1014.976295][T14773] Call Trace:
[ 1014.979590][T14773]  dump_stack+0x172/0x1f0
[ 1014.983944][T14773]  dump_header+0x177/0x1152
[ 1014.988449][T14773]  ? ___ratelimit+0xf8/0x595
[ 1014.993045][T14773]  ? trace_hardirqs_on+0x67/0x240
[ 1014.998076][T14773]  ? pagefault_out_of_memory+0x11c/0x11c
[ 1015.003736][T14773]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 1015.009571][T14773]  ? ___ratelimit+0x60/0x595
[ 1015.014578][T14773]  ? do_raw_spin_unlock+0x57/0x270
[ 1015.019733][T14773]  oom_kill_process.cold+0x10/0x15
[ 1015.024961][T14773]  out_of_memory+0x334/0x1340
[ 1015.029695][T14773]  ? lock_downgrade+0x920/0x920
[ 1015.034572][T14773]  ? oom_killer_disable+0x280/0x280
[ 1015.039800][T14773]  ? __kasan_check_read+0x11/0x20
[ 1015.044856][T14773]  mem_cgroup_out_of_memory+0x1d8/0x240
[ 1015.050423][T14773]  ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0
[ 1015.056079][T14773]  ? do_raw_spin_unlock+0x57/0x270
[ 1015.061300][T14773]  ? _raw_spin_unlock+0x2d/0x50
[ 1015.061890][T14776] kobject: 'kvm' (0000000017e2fb3e): kobject_uevent_env
[ 1015.066172][T14773]  try_charge+0xf4b/0x1440
[ 1015.066193][T14773]  ? mem_cgroup_oom_trylock+0x1a0/0x1a0