00200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0xffffff92) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, 0x2, {0x7, 0x10}}, 0x50) statfs(&(0x7f00000000c0)='./file0\x00', 0x0) 03:57:39 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0xc72f, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)) 03:57:39 executing program 0: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x400000000e) sigaltstack(&(0x7f00005e5000/0x2000)=nil, 0x0) mremap(&(0x7f00003fb000/0x400000)=nil, 0x400000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil) 03:57:39 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0xffffff92) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, 0x2, {0x7, 0x10}}, 0x50) statfs(&(0x7f00000000c0)='./file0\x00', 0x0) 03:57:39 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0xc72f, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)) 03:57:39 executing program 0: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x400000000e) sigaltstack(&(0x7f00005e5000/0x2000)=nil, 0x0) mremap(&(0x7f00003fb000/0x400000)=nil, 0x400000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil) 03:57:39 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) 03:57:39 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x7ffff000) [ 2701.797098][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2701.803124][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:39 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000af5000)={0x1, &(0x7f00006dc000)=[{0x200006, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffda9, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x8000000000000003, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000540)="c3401c344654f3c7d9fe1ba48c8e390002000000000000d65cffffff38e9dd18c58f6bd779650fc30f09000000ecf323c9b87010227a60d177faf6502ceab47e58034347b289546c65a5eb278de72b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d0c00"/130, 0x82, 0x1, 0x0, 0x4f5) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/192, 0xc0}], 0x1}, 0x0) r1 = gettid() recvmmsg(r0, &(0x7f0000000ac0), 0x12f, 0x0, 0x0) tkill(r1, 0x14) 03:57:39 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_buf(r0, 0x29, 0xd2, 0x0, 0x0) [ 2701.957120][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2701.963126][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:57:40 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_buf(r0, 0x29, 0xd2, 0x0, 0x0) 03:57:40 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @ipip={{0xc, 0x1, 'ipip\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_TTL={0x8, 0x4, 0x2}]]}}}]}, 0x3c}}, 0x0) 03:57:40 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_buf(r0, 0x29, 0xd2, 0x0, 0x0) 03:57:40 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) [ 2702.616580][T32121] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 03:57:40 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) 03:57:40 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x7ffff000) 03:57:40 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_buf(r0, 0x29, 0xd2, 0x0, 0x0) 03:57:40 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @ipip={{0xc, 0x1, 'ipip\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_TTL={0x8, 0x4, 0x2}]]}}}]}, 0x3c}}, 0x0) 03:57:40 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000af5000)={0x1, &(0x7f00006dc000)=[{0x200006, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffda9, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x8000000000000003, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000540)="c3401c344654f3c7d9fe1ba48c8e390002000000000000d65cffffff38e9dd18c58f6bd779650fc30f09000000ecf323c9b87010227a60d177faf6502ceab47e58034347b289546c65a5eb278de72b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d0c00"/130, 0x82, 0x1, 0x0, 0x4f5) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/192, 0xc0}], 0x1}, 0x0) r1 = gettid() recvmmsg(r0, &(0x7f0000000ac0), 0x12f, 0x0, 0x0) tkill(r1, 0x14) [ 2703.109079][T32143] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 03:57:41 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @ipip={{0xc, 0x1, 'ipip\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_TTL={0x8, 0x4, 0x2}]]}}}]}, 0x3c}}, 0x0) 03:57:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) 03:57:41 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) [ 2703.567883][T32160] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 03:57:41 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x7ffff000) 03:57:41 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) 03:57:41 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @ipip={{0xc, 0x1, 'ipip\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_TTL={0x8, 0x4, 0x2}]]}}}]}, 0x3c}}, 0x0) 03:57:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) [ 2703.954421][T32274] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 03:57:41 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000af5000)={0x1, &(0x7f00006dc000)=[{0x200006, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffda9, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x8000000000000003, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000540)="c3401c344654f3c7d9fe1ba48c8e390002000000000000d65cffffff38e9dd18c58f6bd779650fc30f09000000ecf323c9b87010227a60d177faf6502ceab47e58034347b289546c65a5eb278de72b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d0c00"/130, 0x82, 0x1, 0x0, 0x4f5) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/192, 0xc0}], 0x1}, 0x0) r1 = gettid() recvmmsg(r0, &(0x7f0000000ac0), 0x12f, 0x0, 0x0) tkill(r1, 0x14) 03:57:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) 03:57:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) 03:57:42 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) 03:57:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) 03:57:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffe4b) setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000540), 0x118) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) 03:57:42 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x5, 0xfffffff8, 0x7ff}}, 0xe8) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x1100) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902000000a8a9890000007ba79554354cdddb4e767263a7192f6f0100000028db38a5668b145e6313f3ee41e2f28204b8de607a25340b579ac761976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e547ce7a3bfaab8d914fb6ee79d501a7aa400000080000000005268d9ee158864d444d4bf66e8d85cc74a000000000000000000"], 0x10}}, 0x0) 03:57:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) 03:57:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r3}) 03:57:43 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000af5000)={0x1, &(0x7f00006dc000)=[{0x200006, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, 0x0, 0xfffffda9, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x8000000000000003, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000540)="c3401c344654f3c7d9fe1ba48c8e390002000000000000d65cffffff38e9dd18c58f6bd779650fc30f09000000ecf323c9b87010227a60d177faf6502ceab47e58034347b289546c65a5eb278de72b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d0c00"/130, 0x82, 0x1, 0x0, 0x4f5) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000003c0)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/192, 0xc0}], 0x1}, 0x0) r1 = gettid() recvmmsg(r0, &(0x7f0000000ac0), 0x12f, 0x0, 0x0) tkill(r1, 0x14) 03:57:43 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0xfffffffd}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') preadv(r0, &(0x7f00000017c0), 0x1000000000000277, 0x400000000000) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) 03:57:43 executing program 1: io_setup(0x8, &(0x7f0000000000)=0x0) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0xfc0004) io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)="cc", 0x1}]) 03:57:43 executing program 3: r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xbe, 0x0) 03:57:43 executing program 3: r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xbe, 0x0) 03:57:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffe4b) setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000540), 0x118) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) 03:57:43 executing program 1: io_setup(0x8, &(0x7f0000000000)=0x0) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0xfc0004) io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)="cc", 0x1}]) 03:57:43 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="f800000016001d03000000000000005217008e29f5856696001e2f3b0716111f382e7226448038000004000008000000001000f7ffffff40000000ffffe00900", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000010000000000000000000e6ffffff33000000000000000000000000020000000000ec6c1453c6000400000000000000006f0790be00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000ab99a6d1f1d861bf5bc562ab22278ea04a949fa85eef5fdeeb9300000000cd0900e88064fe1137ede1d4ab3f7b28a7be01c815a40ca7f0d136bad3d387bb2d7e85a064732e1264f9b9d06fc245590d00000082d5e3ae103a9ad77e73484630f176bc15235dcedb4163e34e0d9b40e10e59e3f017ad9273e4975686c6fe5acef9f51ae4622ee7d07197eb82e5856505d42e8f0f2af41c4cba9eedc0a1042185b201788a51bffe53257c14e8e91943631b61df621ea907ad47799b415cc681b25bf41519f6295cbdaea7492da6127b1fac798c8144dfbc565cf06ba04fc7f5b057fac3dcab39fbad424e7c9148d412109347541d0d802ec2b2b9c7c485b1393ef10da838f4832da08b84dc298f6ed4e9b436e806ecde3bc43beb8355aa50148c0800000000000000c6144f719d1fe03016c7bca5c4e8e6947eff098d692feccecc68de5b5db5430333f7ca7b5b175517371e36fb30c0339bb9f25cde9c8d36bfa18f8a87e95ebfa1b938037bcb2d691c23cbcb610beecab518fc9befb0455ac1b48df24e44df8943ae2eefb9a4a2bcd8c41cae9563dd8ef65c54e3277213d13adf6da3907ac96496cb87a9cb754a60002370503cb06e6b6bf116e008bd39d839aeb07b89aab1fd9e094ccbaa343702ea55c6238ab2d0ef179c621836b2d69f6770fe8a497e750c3c394939eb471d76451a0dc3a4be3e580aad44ce1fcb1c487b7a41779c8704b1186e00d30511dcc6ecb94c7548f2743976764be604d7ddfd0c0de744ef46a0bf08341f8f1719f8a39ad81dc4aa045a129296abb1b1de057950581f071e7d267f24b0bf7848537ef3f621cc4680ce44dd0fd532d569d200000000000000000000000000000000e5e08277fdb7a89ff73dd6023ac47bb75c0252436b48b97156af8dc8f861392bf902c7c4dbdb64f4"], 0xf8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@flushsa={0x14, 0x1c, 0x507}, 0x14}}, 0x0) 03:57:43 executing program 4: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x7}, 0x10) write(r0, &(0x7f0000000040)="240000001a005f0214f9f4070009040011000000ff020202000200000800040003000014", 0x24) [ 2705.957121][ C0] net_ratelimit: 15 callbacks suppressed [ 2705.957131][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2705.968903][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:43 executing program 3: r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xbe, 0x0) 03:57:43 executing program 1: io_setup(0x8, &(0x7f0000000000)=0x0) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0xfc0004) io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)="cc", 0x1}]) 03:57:43 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="f800000016001d03000000000000005217008e29f5856696001e2f3b0716111f382e7226448038000004000008000000001000f7ffffff40000000ffffe00900", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000010000000000000000000e6ffffff33000000000000000000000000020000000000ec6c1453c6000400000000000000006f0790be00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000ab99a6d1f1d861bf5bc562ab22278ea04a949fa85eef5fdeeb9300000000cd0900e88064fe1137ede1d4ab3f7b28a7be01c815a40ca7f0d136bad3d387bb2d7e85a064732e1264f9b9d06fc245590d00000082d5e3ae103a9ad77e73484630f176bc15235dcedb4163e34e0d9b40e10e59e3f017ad9273e4975686c6fe5acef9f51ae4622ee7d07197eb82e5856505d42e8f0f2af41c4cba9eedc0a1042185b201788a51bffe53257c14e8e91943631b61df621ea907ad47799b415cc681b25bf41519f6295cbdaea7492da6127b1fac798c8144dfbc565cf06ba04fc7f5b057fac3dcab39fbad424e7c9148d412109347541d0d802ec2b2b9c7c485b1393ef10da838f4832da08b84dc298f6ed4e9b436e806ecde3bc43beb8355aa50148c0800000000000000c6144f719d1fe03016c7bca5c4e8e6947eff098d692feccecc68de5b5db5430333f7ca7b5b175517371e36fb30c0339bb9f25cde9c8d36bfa18f8a87e95ebfa1b938037bcb2d691c23cbcb610beecab518fc9befb0455ac1b48df24e44df8943ae2eefb9a4a2bcd8c41cae9563dd8ef65c54e3277213d13adf6da3907ac96496cb87a9cb754a60002370503cb06e6b6bf116e008bd39d839aeb07b89aab1fd9e094ccbaa343702ea55c6238ab2d0ef179c621836b2d69f6770fe8a497e750c3c394939eb471d76451a0dc3a4be3e580aad44ce1fcb1c487b7a41779c8704b1186e00d30511dcc6ecb94c7548f2743976764be604d7ddfd0c0de744ef46a0bf08341f8f1719f8a39ad81dc4aa045a129296abb1b1de057950581f071e7d267f24b0bf7848537ef3f621cc4680ce44dd0fd532d569d200000000000000000000000000000000e5e08277fdb7a89ff73dd6023ac47bb75c0252436b48b97156af8dc8f861392bf902c7c4dbdb64f4"], 0xf8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@flushsa={0x14, 0x1c, 0x507}, 0x14}}, 0x0) [ 2706.117182][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2706.123592][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:57:44 executing program 4: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x7}, 0x10) write(r0, &(0x7f0000000040)="240000001a005f0214f9f4070009040011000000ff020202000200000800040003000014", 0x24) 03:57:44 executing program 3: r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xbe, 0x0) 03:57:44 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00 \x00', 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) write$binfmt_elf32(r0, &(0x7f0000001900)=ANY=[@ANYBLOB="4ef27f454c4600000033006c00000000000000004423090000000000002b0b00e00000000009000400008d994fd1826b0018001000000000"], 0x38) 03:57:44 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="f800000016001d03000000000000005217008e29f5856696001e2f3b0716111f382e7226448038000004000008000000001000f7ffffff40000000ffffe00900", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000010000000000000000000e6ffffff33000000000000000000000000020000000000ec6c1453c6000400000000000000006f0790be00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000ab99a6d1f1d861bf5bc562ab22278ea04a949fa85eef5fdeeb9300000000cd0900e88064fe1137ede1d4ab3f7b28a7be01c815a40ca7f0d136bad3d387bb2d7e85a064732e1264f9b9d06fc245590d00000082d5e3ae103a9ad77e73484630f176bc15235dcedb4163e34e0d9b40e10e59e3f017ad9273e4975686c6fe5acef9f51ae4622ee7d07197eb82e5856505d42e8f0f2af41c4cba9eedc0a1042185b201788a51bffe53257c14e8e91943631b61df621ea907ad47799b415cc681b25bf41519f6295cbdaea7492da6127b1fac798c8144dfbc565cf06ba04fc7f5b057fac3dcab39fbad424e7c9148d412109347541d0d802ec2b2b9c7c485b1393ef10da838f4832da08b84dc298f6ed4e9b436e806ecde3bc43beb8355aa50148c0800000000000000c6144f719d1fe03016c7bca5c4e8e6947eff098d692feccecc68de5b5db5430333f7ca7b5b175517371e36fb30c0339bb9f25cde9c8d36bfa18f8a87e95ebfa1b938037bcb2d691c23cbcb610beecab518fc9befb0455ac1b48df24e44df8943ae2eefb9a4a2bcd8c41cae9563dd8ef65c54e3277213d13adf6da3907ac96496cb87a9cb754a60002370503cb06e6b6bf116e008bd39d839aeb07b89aab1fd9e094ccbaa343702ea55c6238ab2d0ef179c621836b2d69f6770fe8a497e750c3c394939eb471d76451a0dc3a4be3e580aad44ce1fcb1c487b7a41779c8704b1186e00d30511dcc6ecb94c7548f2743976764be604d7ddfd0c0de744ef46a0bf08341f8f1719f8a39ad81dc4aa045a129296abb1b1de057950581f071e7d267f24b0bf7848537ef3f621cc4680ce44dd0fd532d569d200000000000000000000000000000000e5e08277fdb7a89ff73dd6023ac47bb75c0252436b48b97156af8dc8f861392bf902c7c4dbdb64f4"], 0xf8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@flushsa={0x14, 0x1c, 0x507}, 0x14}}, 0x0) 03:57:44 executing program 1: io_setup(0x8, &(0x7f0000000000)=0x0) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0xfc0004) io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)="cc", 0x1}]) 03:57:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffe4b) setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000540), 0x118) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) 03:57:44 executing program 4: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x7}, 0x10) write(r0, &(0x7f0000000040)="240000001a005f0214f9f4070009040011000000ff020202000200000800040003000014", 0x24) 03:57:44 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:57:44 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="f800000016001d03000000000000005217008e29f5856696001e2f3b0716111f382e7226448038000004000008000000001000f7ffffff40000000ffffe00900", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000010000000000000000000e6ffffff33000000000000000000000000020000000000ec6c1453c6000400000000000000006f0790be00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000ab99a6d1f1d861bf5bc562ab22278ea04a949fa85eef5fdeeb9300000000cd0900e88064fe1137ede1d4ab3f7b28a7be01c815a40ca7f0d136bad3d387bb2d7e85a064732e1264f9b9d06fc245590d00000082d5e3ae103a9ad77e73484630f176bc15235dcedb4163e34e0d9b40e10e59e3f017ad9273e4975686c6fe5acef9f51ae4622ee7d07197eb82e5856505d42e8f0f2af41c4cba9eedc0a1042185b201788a51bffe53257c14e8e91943631b61df621ea907ad47799b415cc681b25bf41519f6295cbdaea7492da6127b1fac798c8144dfbc565cf06ba04fc7f5b057fac3dcab39fbad424e7c9148d412109347541d0d802ec2b2b9c7c485b1393ef10da838f4832da08b84dc298f6ed4e9b436e806ecde3bc43beb8355aa50148c0800000000000000c6144f719d1fe03016c7bca5c4e8e6947eff098d692feccecc68de5b5db5430333f7ca7b5b175517371e36fb30c0339bb9f25cde9c8d36bfa18f8a87e95ebfa1b938037bcb2d691c23cbcb610beecab518fc9befb0455ac1b48df24e44df8943ae2eefb9a4a2bcd8c41cae9563dd8ef65c54e3277213d13adf6da3907ac96496cb87a9cb754a60002370503cb06e6b6bf116e008bd39d839aeb07b89aab1fd9e094ccbaa343702ea55c6238ab2d0ef179c621836b2d69f6770fe8a497e750c3c394939eb471d76451a0dc3a4be3e580aad44ce1fcb1c487b7a41779c8704b1186e00d30511dcc6ecb94c7548f2743976764be604d7ddfd0c0de744ef46a0bf08341f8f1719f8a39ad81dc4aa045a129296abb1b1de057950581f071e7d267f24b0bf7848537ef3f621cc4680ce44dd0fd532d569d200000000000000000000000000000000e5e08277fdb7a89ff73dd6023ac47bb75c0252436b48b97156af8dc8f861392bf902c7c4dbdb64f4"], 0xf8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@flushsa={0x14, 0x1c, 0x507}, 0x14}}, 0x0) 03:57:44 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00 \x00', 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) write$binfmt_elf32(r0, &(0x7f0000001900)=ANY=[@ANYBLOB="4ef27f454c4600000033006c00000000000000004423090000000000002b0b00e00000000009000400008d994fd1826b0018001000000000"], 0x38) 03:57:44 executing program 1: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1}) 03:57:44 executing program 4: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x7}, 0x10) write(r0, &(0x7f0000000040)="240000001a005f0214f9f4070009040011000000ff020202000200000800040003000014", 0x24) 03:57:44 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0xffffffc6, 0x0, 0x7ffff}}, &(0x7f0000000180)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x0, 0x0, 0x0, 0x0, 0x0, [0x86fe7]}, 0x48) 03:57:44 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00 \x00', 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) write$binfmt_elf32(r0, &(0x7f0000001900)=ANY=[@ANYBLOB="4ef27f454c4600000033006c00000000000000004423090000000000002b0b00e00000000009000400008d994fd1826b0018001000000000"], 0x38) 03:57:44 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:57:44 executing program 1: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1}) [ 2707.077126][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2707.077179][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2707.084070][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2707.095768][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2707.101807][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:44 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0xffffffc6, 0x0, 0x7ffff}}, &(0x7f0000000180)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x0, 0x0, 0x0, 0x0, 0x0, [0x86fe7]}, 0x48) 03:57:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffe4b) setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000540), 0x118) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) 03:57:45 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip6_vti0\x00 \x00', 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) write$binfmt_elf32(r0, &(0x7f0000001900)=ANY=[@ANYBLOB="4ef27f454c4600000033006c00000000000000004423090000000000002b0b00e00000000009000400008d994fd1826b0018001000000000"], 0x38) 03:57:45 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f00000000c0)) ptrace(0x10, r2) ptrace$getregset(0x4204, r2, 0x2, &(0x7f0000000280)={0x0, 0x10}) 03:57:45 executing program 1: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1}) 03:57:45 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0xffffffc6, 0x0, 0x7ffff}}, &(0x7f0000000180)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x0, 0x0, 0x0, 0x0, 0x0, [0x86fe7]}, 0x48) 03:57:45 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:57:45 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0xffffffc6, 0x0, 0x7ffff}}, &(0x7f0000000180)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x0, 0x0, 0x0, 0x0, 0x0, [0x86fe7]}, 0x48) 03:57:45 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:57:45 executing program 5: ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x110}) ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f0000000140)={{0x2, 0x0, @local}, {0x0, @dev}, 0x0, {0x2, 0x0, @multicast1}, 'veth0\x00'}) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 03:57:45 executing program 1: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1}) 03:57:45 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2020, 0x0) 03:57:45 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000100)=0x3, 0x2) [ 2708.037101][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2708.328961][ T393] EXT4-fs (sda1): re-mounted. Opts: (null) 03:57:46 executing program 0: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x3c) poll(&(0x7f0000000100)=[{r1}, {r2}, {r1}], 0x3, 0x0) 03:57:46 executing program 1: r0 = socket$inet(0x10, 0x880400000003, 0x0) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000110007031dfffd946fa2830002200a0007000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 03:57:46 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f00000000c0)) ptrace(0x10, r2) ptrace$getregset(0x4204, r2, 0x2, &(0x7f0000000280)={0x0, 0x10}) 03:57:46 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000100)=0x3, 0x2) 03:57:46 executing program 5: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000280)="1f0000000104ffd00e0ac5da07000013020000000b00010004049b0d950547", 0x1f) 03:57:46 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x154, 0x0, 0x27) [ 2708.619759][ T507] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:46 executing program 5: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000280)="1f0000000104ffd00e0ac5da07000013020000000b00010004049b0d950547", 0x1f) 03:57:46 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000100)=0x3, 0x2) 03:57:46 executing program 1: r0 = socket$inet(0x10, 0x880400000003, 0x0) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000110007031dfffd946fa2830002200a0007000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 03:57:46 executing program 0: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x3c) poll(&(0x7f0000000100)=[{r1}, {r2}, {r1}], 0x3, 0x0) 03:57:46 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000100)=0x3, 0x2) 03:57:46 executing program 5: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000280)="1f0000000104ffd00e0ac5da07000013020000000b00010004049b0d950547", 0x1f) [ 2708.839330][ T630] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:46 executing program 2: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:46 executing program 1: r0 = socket$inet(0x10, 0x880400000003, 0x0) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000110007031dfffd946fa2830002200a0007000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 2709.115097][ T646] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:47 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f00000000c0)) ptrace(0x10, r2) ptrace$getregset(0x4204, r2, 0x2, &(0x7f0000000280)={0x0, 0x10}) 03:57:47 executing program 0: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x3c) poll(&(0x7f0000000100)=[{r1}, {r2}, {r1}], 0x3, 0x0) 03:57:47 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 03:57:47 executing program 5: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000280)="1f0000000104ffd00e0ac5da07000013020000000b00010004049b0d950547", 0x1f) 03:57:47 executing program 1: r0 = socket$inet(0x10, 0x880400000003, 0x0) sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000110007031dfffd946fa2830002200a0007000000741d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 03:57:47 executing program 2: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) [ 2709.609805][ T661] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:47 executing program 5: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:47 executing program 0: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x3c) poll(&(0x7f0000000100)=[{r1}, {r2}, {r1}], 0x3, 0x0) 03:57:47 executing program 1: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:47 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 03:57:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x200000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 03:57:48 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 03:57:48 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x41be, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f00000000c0)) ptrace(0x10, r2) ptrace$getregset(0x4204, r2, 0x2, &(0x7f0000000280)={0x0, 0x10}) 03:57:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x200000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 03:57:48 executing program 2: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:48 executing program 1: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x200000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 03:57:48 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 03:57:48 executing program 5: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x200000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) [ 2711.237139][ C0] net_ratelimit: 13 callbacks suppressed [ 2711.237150][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2711.237522][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2711.242990][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2711.248982][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2711.254750][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2711.272158][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:49 executing program 2: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:49 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare(0x2040400) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000040)=0xa4ffffff, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\v\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:57:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000340, 0x20000370, 0x200003a0], 0x0, 0x0, &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) 03:57:49 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) socket$netlink(0x10, 0x3, 0x2) preadv(0xffffffffffffffff, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x10) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) semctl$GETVAL(0x0, 0xfac69a90c9373844, 0xc, &(0x7f0000000200)=""/157) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x8000fffffffe) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setreuid(0x0, r2) getegid() accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58) accept4$alg(r3, 0x0, 0x0, 0x0) accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) 03:57:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000340, 0x20000370, 0x200003a0], 0x0, 0x0, &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) [ 2711.706203][ T826] bond0: (slave bond_slave_1): Releasing backup interface 03:57:49 executing program 1: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000340, 0x20000370, 0x200003a0], 0x0, 0x0, &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) 03:57:49 executing program 0: syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000140)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) [ 2712.198006][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2712.204887][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:50 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000280)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000340, 0x20000370, 0x200003a0], 0x0, 0x0, &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) 03:57:50 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x2, 0xa, 0x8, &(0x7f0000000000)) [ 2712.357160][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2712.363125][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:57:50 executing program 5: bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000100)=@netrom={'nr', 0x0}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0}, 0x20) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$usbmon(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 03:57:50 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x1, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000200)="580000001400add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) 03:57:50 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendto$unix(r1, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)}, 0x0) 03:57:51 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare(0x2040400) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000040)=0xa4ffffff, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\v\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:57:51 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x2, 0xa, 0x8, &(0x7f0000000000)) 03:57:51 executing program 0: mremap(&(0x7f00003fb000/0x400000)=nil, 0x400000, 0x800000, 0x3, &(0x7f00007fb000/0x800000)=nil) socket$inet_udplite(0x2, 0x2, 0x88) clone(0x0, &(0x7f0000000000), 0x0, 0x0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x80000003, 0x0) 03:57:51 executing program 3: r0 = getpgrp(0xffffffffffffffff) migrate_pages(r0, 0x4, 0x0, &(0x7f0000000100)=0x1) 03:57:51 executing program 3: r0 = getpgrp(0xffffffffffffffff) migrate_pages(r0, 0x4, 0x0, &(0x7f0000000100)=0x1) 03:57:51 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x2, 0xa, 0x8, &(0x7f0000000000)) 03:57:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0585605, &(0x7f0000000080)={0x0, 0x2, 0x0, [], 0x0}) 03:57:51 executing program 3: r0 = getpgrp(0xffffffffffffffff) migrate_pages(r0, 0x4, 0x0, &(0x7f0000000100)=0x1) 03:57:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0585605, &(0x7f0000000080)={0x0, 0x2, 0x0, [], 0x0}) [ 2713.740836][ T1223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 03:57:51 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare(0x2040400) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000040)=0xa4ffffff, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\v\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:57:51 executing program 3: r0 = getpgrp(0xffffffffffffffff) migrate_pages(r0, 0x4, 0x0, &(0x7f0000000100)=0x1) 03:57:51 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x2, 0xa, 0x8, &(0x7f0000000000)) 03:57:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0585605, &(0x7f0000000080)={0x0, 0x2, 0x0, [], 0x0}) [ 2714.044893][ T1318] bond0: (slave bond_slave_1): Releasing backup interface 03:57:51 executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0585605, &(0x7f0000000080)={0x0, 0x2, 0x0, [], 0x0}) 03:57:52 executing program 4: openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare(0x2040400) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000040)=0xa4ffffff, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\v\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'}) [ 2714.588904][ T1329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2716.357262][ C0] net_ratelimit: 15 callbacks suppressed [ 2716.357272][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2716.369138][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2716.517203][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2716.523040][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2717.477249][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2717.483182][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2717.487106][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2717.489199][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2717.494658][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2717.506392][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:55 executing program 1: creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r0 = gettid() tkill(r0, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getpriority(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x1}, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000400)=':%\xb8#et\x871\x00j\x83 \xe7\xb9\xfb\xc4e\xeb\x13@\x90t\xcam\x9d\x1f\x9c\xb8\xa5-\xa3\xd1N\x9c\x1fz\x1b\xd6\x13 \xd1\xa7\x1f\x12\xbe\x1b}\xd9A\xd2\t\x02T\xe6N\xd4\xb6m\a\x05\xe7\x86\x85\xf3?V\xf13\xeb\"\x00\xfa\xaf\xca>ot\n\xae1\xb2D\xe6\x15\x0fY\xc4=\xc5t\x9c \xad\f8y\x90\xef\xb2fc\x1f%s\xa8\xb8\x0f\x0f\xd1\xaa\x138u\x1bB\xd1\xc9\rO\x99\xd0|\xd1f\xb1\xcay`\x15V\f\xe3@V\xba\xa0\x03k\xee2\x9eJ\xca\xff\xde\x02\xee\x99\xfc\xbc\xb8\xeb\x1e\xe9\vQ\x038\xd7\x9e\xee\xafg3Z;\x05\xed\xce\bv\xb2') mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r5 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r5, &(0x7f0000000240)=[{{}, 0x0, 0x1}], 0xfec4) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000701000/0x3000)=nil) 03:57:55 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x5, 0x3, 0x5}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x48) 03:57:55 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) 03:57:55 executing program 2: madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x11) 03:57:55 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0x14, 0x2, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8}]}}}]}, 0x44}}, 0x0) 03:57:55 executing program 4: r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f00000001c0)={0x0, 0x4}) 03:57:55 executing program 1: r0 = socket(0x10, 0x1000040000000003, 0x0) write(r0, &(0x7f0000000040)="22000000140067058d000005004c030402080313010000000800020041030ee376ab", 0x352) [ 2718.057661][ T1333] devpts: called with bogus options 03:57:56 executing program 2: madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x11) 03:57:56 executing program 4: r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f00000001c0)={0x0, 0x4}) 03:57:56 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0x14, 0x2, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8}]}}}]}, 0x44}}, 0x0) [ 2718.285286][ T1347] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:56 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x5, 0x3, 0x5}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x48) 03:57:56 executing program 1: r0 = socket(0x10, 0x1000040000000003, 0x0) write(r0, &(0x7f0000000040)="22000000140067058d000005004c030402080313010000000800020041030ee376ab", 0x352) 03:57:56 executing program 2: madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x11) 03:57:56 executing program 4: r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f00000001c0)={0x0, 0x4}) 03:57:56 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) [ 2718.606481][ T1372] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:56 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x5, 0x3, 0x5}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x48) 03:57:56 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0x14, 0x2, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8}]}}}]}, 0x44}}, 0x0) 03:57:56 executing program 2: madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x11) 03:57:56 executing program 1: r0 = socket(0x10, 0x1000040000000003, 0x0) write(r0, &(0x7f0000000040)="22000000140067058d000005004c030402080313010000000800020041030ee376ab", 0x352) 03:57:56 executing program 4: r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f00000001c0)={0x0, 0x4}) 03:57:56 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x5, 0x3, 0x5}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x48) 03:57:56 executing program 2: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) 03:57:56 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0x14, 0x2, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8}]}}}]}, 0x44}}, 0x0) [ 2719.018911][ T1390] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:57 executing program 1: r0 = socket(0x10, 0x1000040000000003, 0x0) write(r0, &(0x7f0000000040)="22000000140067058d000005004c030402080313010000000800020041030ee376ab", 0x352) 03:57:57 executing program 4: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000000), 0x4) 03:57:57 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) 03:57:57 executing program 5: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001100358600000003000000001b000000", @ANYRES32, @ANYBLOB="00000005000000000c001a00080000"], 0x2c}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x332, 0x0) [ 2719.351081][ T1407] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. 03:57:57 executing program 0: mkdir(&(0x7f0000000600)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mount(0x0, &(0x7f0000000480)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000500)='sysfs\x00', 0x0, 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', 0x0) 03:57:57 executing program 4: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000000), 0x4) 03:57:57 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@deltfilter={0x34, 0x2d, 0x1, 0x0, 0x0, {}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:57:57 executing program 2: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) 03:57:57 executing program 4: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000000), 0x4) 03:57:57 executing program 0: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000001000)='keyring\x00', &(0x7f0000000000)={'syz'}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00\xf3\xad\xe75\xf9\x03\x00AU\xa0\xe1\x94N\xd8\xdfLA\x1e0\x89dm\x10\xb4e\xa6\x91\v\x13', &(0x7f0000000200)=@secondary='builtin_and_secondary_trusted\x00') keyctl$get_persistent(0x16, 0x0, r1) 03:57:57 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@deltfilter={0x34, 0x2d, 0x1, 0x0, 0x0, {}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:57:57 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) 03:57:57 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@deltfilter={0x34, 0x2d, 0x1, 0x0, 0x0, {}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:57:57 executing program 4: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000000), 0x4) 03:57:58 executing program 0: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000001000)='keyring\x00', &(0x7f0000000000)={'syz'}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00\xf3\xad\xe75\xf9\x03\x00AU\xa0\xe1\x94N\xd8\xdfLA\x1e0\x89dm\x10\xb4e\xa6\x91\v\x13', &(0x7f0000000200)=@secondary='builtin_and_secondary_trusted\x00') keyctl$get_persistent(0x16, 0x0, r1) 03:57:58 executing program 5: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001100358600000003000000001b000000", @ANYRES32, @ANYBLOB="00000005000000000c001a00080000"], 0x2c}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x332, 0x0) 03:57:58 executing program 2: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f00000002c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) r1 = syz_open_dev$sg(0x0, 0x0, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0x0) syz_open_dev$sg(0x0, 0x0, 0x163882) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT], 0x35) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) 03:57:58 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x1f) 03:57:58 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x1e, &(0x7f0000000080), 0x4) 03:57:58 executing program 0: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000001000)='keyring\x00', &(0x7f0000000000)={'syz'}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00\xf3\xad\xe75\xf9\x03\x00AU\xa0\xe1\x94N\xd8\xdfLA\x1e0\x89dm\x10\xb4e\xa6\x91\v\x13', &(0x7f0000000200)=@secondary='builtin_and_secondary_trusted\x00') keyctl$get_persistent(0x16, 0x0, r1) 03:57:58 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@deltfilter={0x34, 0x2d, 0x1, 0x0, 0x0, {}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:57:58 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x1e, &(0x7f0000000080), 0x4) 03:57:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003400000bfa300000000000007010000000101ff7a03f0fff8ffffff79a4f0ff00000000b7060000000000012d640100000000006502faff000000000404000001007d60b7030000001000006a0a00fe000000008500000026000000b7008000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 03:57:58 executing program 0: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000001000)='keyring\x00', &(0x7f0000000000)={'syz'}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00\xf3\xad\xe75\xf9\x03\x00AU\xa0\xe1\x94N\xd8\xdfLA\x1e0\x89dm\x10\xb4e\xa6\x91\v\x13', &(0x7f0000000200)=@secondary='builtin_and_secondary_trusted\x00') keyctl$get_persistent(0x16, 0x0, r1) 03:57:58 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x1f) 03:57:58 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x1e, &(0x7f0000000080), 0x4) 03:57:58 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141044, 0x0) close(r0) socket$caif_seqpacket(0x25, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, 0x0, 0x0) 03:57:59 executing program 5: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001100358600000003000000001b000000", @ANYRES32, @ANYBLOB="00000005000000000c001a00080000"], 0x2c}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x332, 0x0) 03:57:59 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r0, 0x5) flock(r1, 0x7fc7f6d726326634) flock(r0, 0x2) 03:57:59 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003400000bfa300000000000007010000000101ff7a03f0fff8ffffff79a4f0ff00000000b7060000000000012d640100000000006502faff000000000404000001007d60b7030000001000006a0a00fe000000008500000026000000b7008000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 03:57:59 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x1f) 03:57:59 executing program 3: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x1e, &(0x7f0000000080), 0x4) 03:57:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x2, &(0x7f0000ad2000), &(0x7f0000000080)=0x8) 03:57:59 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r0, 0x5) flock(r1, 0x7fc7f6d726326634) flock(r0, 0x2) 03:57:59 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003400000bfa300000000000007010000000101ff7a03f0fff8ffffff79a4f0ff00000000b7060000000000012d640100000000006502faff000000000404000001007d60b7030000001000006a0a00fe000000008500000026000000b7008000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 03:57:59 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x1f) 03:57:59 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141044, 0x0) close(r0) socket$caif_seqpacket(0x25, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, 0x0, 0x0) 03:57:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x2, &(0x7f0000ad2000), &(0x7f0000000080)=0x8) 03:57:59 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) [ 2721.637105][ C1] net_ratelimit: 13 callbacks suppressed [ 2721.637116][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2721.637151][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2721.643240][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2721.661325][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2721.667275][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:57:59 executing program 5: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001100358600000003000000001b000000", @ANYRES32, @ANYBLOB="00000005000000000c001a00080000"], 0x2c}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x332, 0x0) 03:57:59 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r0, 0x5) flock(r1, 0x7fc7f6d726326634) flock(r0, 0x2) 03:57:59 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003400000bfa300000000000007010000000101ff7a03f0fff8ffffff79a4f0ff00000000b7060000000000012d640100000000006502faff000000000404000001007d60b7030000001000006a0a00fe000000008500000026000000b7008000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 03:57:59 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141044, 0x0) close(r0) socket$caif_seqpacket(0x25, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, 0x0, 0x0) 03:57:59 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 03:57:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x2, &(0x7f0000ad2000), &(0x7f0000000080)=0x8) 03:57:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x2, &(0x7f0000ad2000), &(0x7f0000000080)=0x8) 03:57:59 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 03:57:59 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 03:57:59 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r0, 0x5) flock(r1, 0x7fc7f6d726326634) flock(r0, 0x2) 03:58:00 executing program 0: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141044, 0x0) close(r0) socket$caif_seqpacket(0x25, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, 0x0, 0x0) 03:58:00 executing program 3: r0 = socket(0x20000000000000a, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000001280)={&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f00000011c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0xffffffffffffffb6}]}]}}}], 0x18}, 0x0) [ 2722.597146][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2722.604581][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:58:00 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) 03:58:00 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r0, &(0x7f0000000080), 0xffffff43) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000)) perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.\x93sage_sys\x00', 0x0, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) close(r5) sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe) ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f00000000c0)={0x50b98d18, 0x50000000, 0x8}) write$cgroup_int(r2, 0x0, 0x0) 03:58:00 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 03:58:00 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 03:58:00 executing program 3: r0 = socket(0x20000000000000a, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000001280)={&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f00000011c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0xffffffffffffffb6}]}]}}}], 0x18}, 0x0) 03:58:00 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={[], [], @empty}}, 0x1c) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000240)={0x0, @in6={{0x2, 0x0, 0x0, @loopback}}, 0x8dffffff, 0x0, 0x0, 0x0, 0x8000000055}, 0x98) [ 2722.757152][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2722.763431][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:58:00 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 03:58:00 executing program 4: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) 03:58:00 executing program 3: r0 = socket(0x20000000000000a, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000001280)={&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f00000011c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0xffffffffffffffb6}]}]}}}], 0x18}, 0x0) 03:58:00 executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x65dc}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x8, 0x14}]}, 0x30}}, 0x0) 03:58:01 executing program 3: r0 = socket(0x20000000000000a, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000001280)={&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f00000011c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0xffffffffffffffb6}]}]}}}], 0x18}, 0x0) [ 2723.404289][ T1906] cgroup: fork rejected by pids controller in /syz4 [ 2723.424976][ T1892] syz-executor.2 invoked oom-killer: gfp_mask=0x101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), order=0, oom_score_adj=1000 [ 2723.428183][ T1917] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 2723.445859][ T1892] CPU: 0 PID: 1892 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2723.454817][ T1892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2723.463819][ T1917] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 2723.465052][ T1892] Call Trace: [ 2723.465203][ T1892] dump_stack+0x172/0x1f0 [ 2723.465226][ T1892] dump_header+0x177/0x1152 [ 2723.485548][ T1892] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2723.491391][ T1892] ? ___ratelimit+0x2c8/0x595 [ 2723.496099][ T1892] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2723.503509][ T1892] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2723.508835][ T1892] ? trace_hardirqs_on+0x67/0x240 [ 2723.513988][ T1892] ? pagefault_out_of_memory+0x11c/0x11c [ 2723.519665][ T1892] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2723.525504][ T1892] ? ___ratelimit+0x60/0x595 [ 2723.530114][ T1892] ? do_raw_spin_unlock+0x57/0x270 [ 2723.535253][ T1892] oom_kill_process.cold+0x10/0x15 [ 2723.540689][ T1892] out_of_memory+0x334/0x1340 [ 2723.545487][ T1892] ? lock_downgrade+0x920/0x920 [ 2723.550402][ T1892] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2723.556253][ T1892] ? oom_killer_disable+0x280/0x280 [ 2723.561485][ T1892] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2723.567335][ T1892] ? memcg_stat_show+0xc40/0xc40 [ 2723.572287][ T1892] ? do_raw_spin_unlock+0x57/0x270 [ 2723.577411][ T1892] ? _raw_spin_unlock+0x28/0x40 [ 2723.582367][ T1892] try_charge+0xf4b/0x1440 [ 2723.586877][ T1892] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2723.592415][ T1892] ? percpu_ref_tryget_live+0x10c/0x290 [ 2723.597981][ T1892] ? rcu_read_lock_held+0x9c/0xb0 [ 2723.603086][ T1892] ? __kasan_check_read+0x11/0x20 [ 2723.608628][ T1892] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2723.614171][ T1892] mem_cgroup_try_charge+0x136/0x590 [ 2723.619459][ T1892] __add_to_page_cache_locked+0x43f/0xec0 [ 2723.625201][ T1892] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 2723.631199][ T1892] ? __kasan_check_read+0x11/0x20 [ 2723.636318][ T1892] ? __filemap_set_wb_err+0x2b0/0x2b0 [ 2723.641684][ T1892] ? __alloc_pages_nodemask+0x661/0x910 [ 2723.647221][ T1892] ? xas_descend+0x144/0x370 [ 2723.651800][ T1892] ? shadow_lru_isolate+0x430/0x430 [ 2723.657044][ T1892] add_to_page_cache_lru+0x1d8/0x790 [ 2723.662363][ T1892] ? add_to_page_cache_locked+0x40/0x40 [ 2723.668515][ T1892] ? __page_cache_alloc+0x116/0x490 [ 2723.673734][ T1892] pagecache_get_page+0x3c6/0xa00 [ 2723.678757][ T1892] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2723.684301][ T1892] grab_cache_page_write_begin+0x75/0xb0 [ 2723.689944][ T1892] ext4_da_write_begin+0x2ec/0xb80 [ 2723.695409][ T1892] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2723.701641][ T1892] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2723.707965][ T1892] ? ext4_write_begin+0xd20/0xd20 [ 2723.713007][ T1892] ? copyin+0x150/0x150 [ 2723.717160][ T1892] generic_perform_write+0x23b/0x540 [ 2723.722446][ T1892] ? timestamp_truncate+0x2f0/0x2f0 [ 2723.727642][ T1892] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4b0/0x4b0 [ 2723.736657][ T1892] ? current_time+0x110/0x110 [ 2723.741507][ T1892] ? generic_write_check_limits.isra.0+0x270/0x270 [ 2723.747997][ T1892] ? aa_file_perm+0x40b/0xdd0 [ 2723.752754][ T1892] __generic_file_write_iter+0x25e/0x630 [ 2723.758384][ T1892] ext4_file_write_iter+0x317/0x13c0 [ 2723.763667][ T1892] ? __kasan_check_read+0x11/0x20 [ 2723.768687][ T1892] ? ext4_release_file+0x380/0x380 [ 2723.773792][ T1892] ? mark_lock+0xc2/0x1220 [ 2723.778213][ T1892] ? __kasan_check_read+0x11/0x20 [ 2723.783249][ T1892] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2723.789516][ T1892] ? iov_iter_init+0xee/0x220 [ 2723.794222][ T1892] new_sync_write+0x4d3/0x770 [ 2723.798920][ T1892] ? new_sync_read+0x800/0x800 [ 2723.803691][ T1892] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2723.809848][ T1892] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 2723.815130][ T1892] __vfs_write+0xe1/0x110 [ 2723.819462][ T1892] vfs_write+0x268/0x5d0 [ 2723.823704][ T1892] ksys_write+0x14f/0x290 [ 2723.828029][ T1892] ? __ia32_sys_read+0xb0/0xb0 [ 2723.832788][ T1892] ? do_syscall_64+0x26/0x760 [ 2723.837462][ T1892] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2723.843524][ T1892] ? do_syscall_64+0x26/0x760 [ 2723.848198][ T1892] __x64_sys_write+0x73/0xb0 [ 2723.852789][ T1892] do_syscall_64+0xfa/0x760 [ 2723.857289][ T1892] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2723.865878][ T1892] RIP: 0033:0x459a59 [ 2723.869773][ T1892] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2723.889374][ T1892] RSP: 002b:00007f6dd4672c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2723.897789][ T1892] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a59 [ 2723.905756][ T1892] RDX: 00000000ffffff43 RSI: 0000000020000080 RDI: 0000000000000003 [ 2723.913722][ T1892] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2723.921688][ T1892] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6dd46736d4 [ 2723.929670][ T1892] R13: 00000000004c9e7e R14: 00000000004e1a90 R15: 00000000ffffffff [ 2723.938132][ C1] protocol 88fb is buggy, dev hsr_slave_0 03:58:01 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) [ 2723.958824][ T1892] memory: usage 274692kB, limit 0kB, failcnt 455 [ 2723.970627][ T1892] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2723.978220][ T1892] Memory cgroup stats for /syz2: [ 2723.979276][ T1892] anon 254910464 [ 2723.979276][ T1892] file 36864 [ 2723.979276][ T1892] kernel_stack 3014656 [ 2723.979276][ T1892] slab 11694080 [ 2723.979276][ T1892] sock 106496 [ 2723.979276][ T1892] shmem 0 [ 2723.979276][ T1892] file_mapped 0 [ 2723.979276][ T1892] file_dirty 135168 [ 2723.979276][ T1892] file_writeback 0 [ 2723.979276][ T1892] anon_thp 205520896 [ 2723.979276][ T1892] inactive_anon 41857024 [ 2723.979276][ T1892] active_anon 213106688 [ 2723.979276][ T1892] inactive_file 118784 [ 2723.979276][ T1892] active_file 65536 [ 2723.979276][ T1892] unevictable 0 [ 2723.979276][ T1892] slab_reclaimable 3649536 [ 2723.979276][ T1892] slab_unreclaimable 8044544 [ 2723.979276][ T1892] pgfault 396132 [ 2723.979276][ T1892] pgmajfault 0 [ 2723.979276][ T1892] workingset_refault 0 [ 2723.979276][ T1892] workingset_activate 0 [ 2723.979276][ T1892] workingset_nodereclaim 0 [ 2723.979276][ T1892] pgrefill 74 [ 2723.979276][ T1892] pgscan 1900 [ 2723.979276][ T1892] pgsteal 1760 03:58:01 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) [ 2724.135240][ T1892] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24071,uid=0 [ 2724.204691][ T1892] Memory cgroup out of memory: Killed process 24071 (syz-executor.2) total-vm:60688kB, anon-rss:6328kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2724.341211][ T1900] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2724.373101][ T1900] CPU: 1 PID: 1900 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2724.382130][ T1900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2724.392206][ T1900] Call Trace: [ 2724.395529][ T1900] dump_stack+0x172/0x1f0 [ 2724.399895][ T1900] dump_header+0x177/0x1152 [ 2724.404441][ T1900] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2724.410280][ T1900] ? ___ratelimit+0x2c8/0x595 [ 2724.414964][ T1900] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2724.420786][ T1900] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2724.426220][ T1900] ? trace_hardirqs_on+0x67/0x240 [ 2724.431272][ T1900] ? pagefault_out_of_memory+0x11c/0x11c [ 2724.437092][ T1900] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2724.442934][ T1900] ? ___ratelimit+0x60/0x595 [ 2724.447585][ T1900] ? do_raw_spin_unlock+0x57/0x270 [ 2724.452719][ T1900] oom_kill_process.cold+0x10/0x15 [ 2724.457860][ T1900] out_of_memory+0x334/0x1340 [ 2724.462579][ T1900] ? oom_killer_disable+0x280/0x280 [ 2724.467802][ T1900] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2724.473357][ T1900] ? memcg_stat_show+0xc40/0xc40 [ 2724.478327][ T1900] ? _raw_spin_unlock_irqrestore+0xb8/0xe0 [ 2724.484159][ T1900] ? cgroup_file_notify+0x140/0x1b0 [ 2724.489378][ T1900] memory_max_write+0x262/0x3a0 [ 2724.494228][ T1900] ? mem_cgroup_write+0x370/0x370 [ 2724.499256][ T1900] ? lock_acquire+0x190/0x410 [ 2724.503928][ T1900] ? kernfs_fop_write+0x1df/0x4a0 [ 2724.508962][ T1900] cgroup_file_write+0x241/0x790 [ 2724.513904][ T1900] ? mem_cgroup_write+0x370/0x370 [ 2724.518933][ T1900] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2724.524608][ T1900] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2724.530255][ T1900] kernfs_fop_write+0x270/0x4a0 [ 2724.535631][ T1900] __vfs_write+0x8a/0x110 [ 2724.539960][ T1900] ? kernfs_fop_open+0xd80/0xd80 [ 2724.544889][ T1900] vfs_write+0x268/0x5d0 [ 2724.549133][ T1900] ksys_write+0x14f/0x290 [ 2724.553479][ T1900] ? __ia32_sys_read+0xb0/0xb0 [ 2724.558257][ T1900] ? do_syscall_64+0x26/0x760 [ 2724.562937][ T1900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2724.569006][ T1900] ? do_syscall_64+0x26/0x760 [ 2724.573722][ T1900] __x64_sys_write+0x73/0xb0 [ 2724.578312][ T1900] do_syscall_64+0xfa/0x760 [ 2724.582847][ T1900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2724.588749][ T1900] RIP: 0033:0x459a59 [ 2724.592649][ T1900] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2724.612511][ T1900] RSP: 002b:00007f6dd4630c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2724.620934][ T1900] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a59 [ 2724.628905][ T1900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2724.638184][ T1900] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 2724.646201][ T1900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6dd46316d4 [ 2724.654180][ T1900] R13: 00000000004c9e7e R14: 00000000004e1a90 R15: 00000000ffffffff [ 2724.666039][ T1900] memory: usage 268228kB, limit 0kB, failcnt 469 [ 2724.672504][ T1900] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2724.679925][ T1900] Memory cgroup stats for /syz2: [ 2724.680347][ T1900] anon 248340480 [ 2724.680347][ T1900] file 36864 [ 2724.680347][ T1900] kernel_stack 3014656 [ 2724.680347][ T1900] slab 11694080 [ 2724.680347][ T1900] sock 106496 [ 2724.680347][ T1900] shmem 0 [ 2724.680347][ T1900] file_mapped 0 [ 2724.680347][ T1900] file_dirty 135168 [ 2724.680347][ T1900] file_writeback 0 [ 2724.680347][ T1900] anon_thp 203423744 [ 2724.680347][ T1900] inactive_anon 37720064 [ 2724.680347][ T1900] active_anon 210944000 [ 2724.680347][ T1900] inactive_file 118784 [ 2724.680347][ T1900] active_file 65536 [ 2724.680347][ T1900] unevictable 0 [ 2724.680347][ T1900] slab_reclaimable 3649536 [ 2724.680347][ T1900] slab_unreclaimable 8044544 [ 2724.680347][ T1900] pgfault 396132 [ 2724.680347][ T1900] pgmajfault 0 [ 2724.680347][ T1900] workingset_refault 0 [ 2724.680347][ T1900] workingset_activate 0 [ 2724.680347][ T1900] workingset_nodereclaim 0 [ 2724.680347][ T1900] pgrefill 74 [ 2724.680347][ T1900] pgscan 1900 [ 2724.680347][ T1900] pgsteal 1760 [ 2724.778421][ T1900] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11421,uid=0 [ 2724.796692][ T1900] Memory cgroup out of memory: Killed process 11421 (syz-executor.2) total-vm:60556kB, anon-rss:6200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2724.822286][ T1058] oom_reaper: reaped process 11421 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2724.828380][ T1900] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2724.851926][ T1900] CPU: 0 PID: 1900 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2724.860913][ T1900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2724.870978][ T1900] Call Trace: [ 2724.874359][ T1900] dump_stack+0x172/0x1f0 [ 2724.878731][ T1900] dump_header+0x177/0x1152 [ 2724.883655][ T1900] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2724.889481][ T1900] ? ___ratelimit+0x2c8/0x595 [ 2724.894297][ T1900] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2724.900119][ T1900] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2724.905396][ T1900] ? trace_hardirqs_on+0x67/0x240 [ 2724.910409][ T1900] ? pagefault_out_of_memory+0x11c/0x11c [ 2724.916030][ T1900] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2724.921839][ T1900] ? ___ratelimit+0x60/0x595 [ 2724.926419][ T1900] ? do_raw_spin_unlock+0x57/0x270 [ 2724.931518][ T1900] oom_kill_process.cold+0x10/0x15 [ 2724.936616][ T1900] out_of_memory+0x334/0x1340 [ 2724.941285][ T1900] ? __sched_text_start+0x8/0x8 [ 2724.946144][ T1900] ? oom_killer_disable+0x280/0x280 [ 2724.951342][ T1900] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2724.957061][ T1900] ? memcg_stat_show+0xc40/0xc40 [ 2724.962045][ T1900] ? _raw_spin_unlock_irqrestore+0xb8/0xe0 [ 2724.967847][ T1900] ? cgroup_file_notify+0x140/0x1b0 [ 2724.973055][ T1900] memory_max_write+0x262/0x3a0 [ 2724.977890][ T1900] ? mem_cgroup_write+0x370/0x370 [ 2724.982900][ T1900] ? lock_acquire+0x190/0x410 [ 2724.987568][ T1900] ? kernfs_fop_write+0x1df/0x4a0 [ 2724.992599][ T1900] cgroup_file_write+0x241/0x790 [ 2724.997567][ T1900] ? mem_cgroup_write+0x370/0x370 [ 2725.002623][ T1900] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2725.008256][ T1900] ? cgroup_migrate_add_task+0x8a0/0x8a0 [ 2725.013892][ T1900] kernfs_fop_write+0x270/0x4a0 [ 2725.018749][ T1900] __vfs_write+0x8a/0x110 [ 2725.023097][ T1900] ? kernfs_fop_open+0xd80/0xd80 [ 2725.028044][ T1900] vfs_write+0x268/0x5d0 [ 2725.032297][ T1900] ksys_write+0x14f/0x290 [ 2725.036614][ T1900] ? __ia32_sys_read+0xb0/0xb0 [ 2725.041369][ T1900] ? do_syscall_64+0x26/0x760 [ 2725.046029][ T1900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2725.052082][ T1900] ? do_syscall_64+0x26/0x760 [ 2725.056781][ T1900] __x64_sys_write+0x73/0xb0 [ 2725.061413][ T1900] do_syscall_64+0xfa/0x760 [ 2725.065964][ T1900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2725.071883][ T1900] RIP: 0033:0x459a59 [ 2725.075771][ T1900] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2725.095573][ T1900] RSP: 002b:00007f6dd4630c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2725.104124][ T1900] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a59 [ 2725.112087][ T1900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2725.120061][ T1900] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 2725.128036][ T1900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6dd46316d4 [ 2725.136021][ T1900] R13: 00000000004c9e7e R14: 00000000004e1a90 R15: 00000000ffffffff [ 2725.153252][ T1900] memory: usage 261828kB, limit 0kB, failcnt 469 [ 2725.160191][ T1900] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2725.167919][ T1900] Memory cgroup stats for /syz2: [ 2725.168077][ T1900] anon 241971200 [ 2725.168077][ T1900] file 36864 [ 2725.168077][ T1900] kernel_stack 3014656 [ 2725.168077][ T1900] slab 11694080 [ 2725.168077][ T1900] sock 106496 [ 2725.168077][ T1900] shmem 0 [ 2725.168077][ T1900] file_mapped 0 [ 2725.168077][ T1900] file_dirty 135168 [ 2725.168077][ T1900] file_writeback 0 [ 2725.168077][ T1900] anon_thp 201326592 [ 2725.168077][ T1900] inactive_anon 31383552 [ 2725.168077][ T1900] active_anon 210944000 [ 2725.168077][ T1900] inactive_file 118784 [ 2725.168077][ T1900] active_file 65536 [ 2725.168077][ T1900] unevictable 0 [ 2725.168077][ T1900] slab_reclaimable 3649536 [ 2725.168077][ T1900] slab_unreclaimable 8044544 [ 2725.168077][ T1900] pgfault 396132 [ 2725.168077][ T1900] pgmajfault 0 [ 2725.168077][ T1900] workingset_refault 0 [ 2725.168077][ T1900] workingset_activate 0 [ 2725.168077][ T1900] workingset_nodereclaim 0 [ 2725.168077][ T1900] pgrefill 74 [ 2725.168077][ T1900] pgscan 1900 [ 2725.168077][ T1900] pgsteal 1760 [ 2725.265500][ T1900] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11378,uid=0 [ 2725.282870][ T1900] Memory cgroup out of memory: Killed process 11378 (syz-executor.2) total-vm:60556kB, anon-rss:6200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2725.326006][ T1887] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2725.339281][ T1887] CPU: 1 PID: 1887 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2725.348591][ T1887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2725.358731][ T1887] Call Trace: [ 2725.362076][ T1887] dump_stack+0x172/0x1f0 [ 2725.366433][ T1887] dump_header+0x177/0x1152 [ 2725.370946][ T1887] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2725.376749][ T1887] ? ___ratelimit+0x2c8/0x595 [ 2725.381428][ T1887] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2725.387239][ T1887] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2725.392719][ T1887] ? trace_hardirqs_on+0x67/0x240 [ 2725.397772][ T1887] ? pagefault_out_of_memory+0x11c/0x11c [ 2725.403500][ T1887] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2725.409302][ T1887] ? ___ratelimit+0x60/0x595 [ 2725.413881][ T1887] ? do_raw_spin_unlock+0x57/0x270 [ 2725.419017][ T1887] oom_kill_process.cold+0x10/0x15 [ 2725.424153][ T1887] out_of_memory+0x334/0x1340 [ 2725.428833][ T1887] ? oom_killer_disable+0x280/0x280 [ 2725.434052][ T1887] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2725.440057][ T1887] ? memcg_stat_show+0xc40/0xc40 [ 2725.444997][ T1887] ? do_raw_spin_unlock+0x57/0x270 [ 2725.450143][ T1887] ? _raw_spin_unlock+0x28/0x40 [ 2725.454996][ T1887] try_charge+0xa2d/0x1440 [ 2725.459410][ T1887] ? find_held_lock+0x35/0x130 [ 2725.464298][ T1887] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2725.469842][ T1887] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2725.475519][ T1887] ? find_held_lock+0x35/0x130 [ 2725.480304][ T1887] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2725.485860][ T1887] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2725.491562][ T1887] ? memcg_kmem_put_cache+0x50/0x50 [ 2725.496767][ T1887] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2725.502587][ T1887] __memcg_kmem_charge+0x13a/0x3a0 [ 2725.507811][ T1887] __alloc_pages_nodemask+0x4f5/0x910 [ 2725.513340][ T1887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2725.519785][ T1887] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2725.525777][ T1887] ? vm_mmap_pgoff+0x1d4/0x230 [ 2725.530582][ T1887] ? __kasan_check_read+0x11/0x20 [ 2725.535614][ T1887] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2725.541331][ T1887] ? do_huge_pmd_anonymous_page+0xc66/0x1a70 [ 2725.547334][ T1887] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2725.553579][ T1887] alloc_pages_current+0x107/0x210 [ 2725.558690][ T1887] pte_alloc_one+0x1b/0x1a0 [ 2725.563210][ T1887] __pte_alloc+0x20/0x310 [ 2725.567563][ T1887] __handle_mm_fault+0x34ae/0x3fd0 [ 2725.572671][ T1887] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2725.578304][ T1887] ? handle_mm_fault+0x292/0xa90 [ 2725.583248][ T1887] ? handle_mm_fault+0x7dd/0xa90 [ 2725.588203][ T1887] ? __kasan_check_read+0x11/0x20 [ 2725.593244][ T1887] handle_mm_fault+0x3b2/0xa90 [ 2725.598195][ T1887] __do_page_fault+0x536/0xdd0 [ 2725.603092][ T1887] do_page_fault+0x38/0x590 [ 2725.607626][ T1887] page_fault+0x39/0x40 [ 2725.611882][ T1887] RIP: 0033:0x41139f [ 2725.616084][ T1887] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2725.635998][ T1887] RSP: 002b:00007ffe3e2d5440 EFLAGS: 00010206 [ 2725.642085][ T1887] RAX: 00007f6dd45cf000 RBX: 0000000000020000 RCX: 0000000000459aaa [ 2725.650077][ T1887] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2725.658055][ T1887] RBP: 00007ffe3e2d5520 R08: ffffffffffffffff R09: 0000000000000000 [ 2725.666049][ T1887] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe3e2d5610 [ 2725.674020][ T1887] R13: 00007f6dd45ef700 R14: 0000000000000004 R15: 000000000075c1cc [ 2725.685804][ T1887] memory: usage 255460kB, limit 0kB, failcnt 469 [ 2725.692368][ T1887] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2725.699409][ T1887] Memory cgroup stats for /syz2: [ 2725.699921][ T1887] anon 235622400 [ 2725.699921][ T1887] file 36864 [ 2725.699921][ T1887] kernel_stack 2949120 [ 2725.699921][ T1887] slab 11558912 [ 2725.699921][ T1887] sock 106496 [ 2725.699921][ T1887] shmem 0 [ 2725.699921][ T1887] file_mapped 0 [ 2725.699921][ T1887] file_dirty 135168 [ 2725.699921][ T1887] file_writeback 0 [ 2725.699921][ T1887] anon_thp 199229440 [ 2725.699921][ T1887] inactive_anon 25079808 [ 2725.699921][ T1887] active_anon 210944000 [ 2725.699921][ T1887] inactive_file 118784 [ 2725.699921][ T1887] active_file 65536 [ 2725.699921][ T1887] unevictable 0 [ 2725.699921][ T1887] slab_reclaimable 3649536 [ 2725.699921][ T1887] slab_unreclaimable 7909376 [ 2725.699921][ T1887] pgfault 396132 [ 2725.699921][ T1887] pgmajfault 0 [ 2725.699921][ T1887] workingset_refault 0 [ 2725.699921][ T1887] workingset_activate 0 [ 2725.699921][ T1887] workingset_nodereclaim 0 [ 2725.699921][ T1887] pgrefill 74 [ 2725.699921][ T1887] pgscan 1900 [ 2725.699921][ T1887] pgsteal 1760 [ 2725.795373][ T1887] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24037,uid=0 03:58:03 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r0, &(0x7f0000000080), 0xffffff43) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000)) perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.\x93sage_sys\x00', 0x0, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) close(r5) sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe) ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f00000000c0)={0x50b98d18, 0x50000000, 0x8}) write$cgroup_int(r2, 0x0, 0x0) 03:58:03 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) 03:58:03 executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x65dc}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x8, 0x14}]}, 0x30}}, 0x0) 03:58:03 executing program 4: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) 03:58:03 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) 03:58:03 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) [ 2725.813904][ T1887] Memory cgroup out of memory: Killed process 24037 (syz-executor.2) total-vm:60556kB, anon-rss:6196kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2725.840165][ T1058] oom_reaper: reaped process 24037 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2725.965534][ T2142] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 2726.009194][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2726.064380][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2726.073896][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2726.083969][T15111] Call Trace: [ 2726.087299][T15111] dump_stack+0x172/0x1f0 [ 2726.091657][T15111] dump_header+0x177/0x1152 [ 2726.096191][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2726.102022][T15111] ? ___ratelimit+0x2c8/0x595 [ 2726.106721][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2726.112564][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2726.117880][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2726.122935][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2726.128611][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2726.134607][T15111] ? ___ratelimit+0x60/0x595 [ 2726.139220][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2726.144362][T15111] oom_kill_process.cold+0x10/0x15 [ 2726.149504][T15111] out_of_memory+0x334/0x1340 [ 2726.154219][T15111] ? lock_downgrade+0x920/0x920 [ 2726.159129][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2726.165007][T15111] ? oom_killer_disable+0x280/0x280 [ 2726.172224][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2726.177822][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2726.182791][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2726.187935][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2726.193163][T15111] try_charge+0xf4b/0x1440 [ 2726.197610][T15111] ? find_held_lock+0x35/0x130 [ 2726.202425][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2726.208009][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2726.213603][T15111] ? find_held_lock+0x35/0x130 [ 2726.218502][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2726.224086][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2726.229692][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2726.235039][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2726.240710][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2726.245869][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2726.251446][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2726.257119][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2726.262867][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2726.268108][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2726.274116][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2726.279171][T15111] ? __kasan_check_read+0x11/0x20 [ 2726.284230][T15111] copy_process+0x3f8/0x6860 [ 2726.289724][T15111] ? __kasan_check_read+0x11/0x20 [ 2726.294786][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2726.299837][T15111] ? __kasan_check_read+0x11/0x20 [ 2726.304891][T15111] ? mark_lock+0xc2/0x1220 [ 2726.309431][T15111] ? __cleanup_sighand+0x60/0x60 [ 2726.314401][T15111] ? find_held_lock+0x35/0x130 [ 2726.319374][T15111] _do_fork+0x146/0xf90 [ 2726.323718][T15111] ? copy_init_mm+0x20/0x20 [ 2726.328272][T15111] ? __kasan_check_read+0x11/0x20 [ 2726.333326][T15111] ? _copy_to_user+0x118/0x160 [ 2726.338271][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2726.344735][T15111] ? put_timespec64+0xda/0x140 [ 2726.349541][T15111] __x64_sys_clone+0x18d/0x250 [ 2726.354340][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2726.359229][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2726.364544][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2726.370116][T15111] do_syscall_64+0xfa/0x760 [ 2726.374647][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2726.380566][T15111] RIP: 0033:0x45802a [ 2726.384477][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2726.404105][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 03:58:04 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) [ 2726.412542][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2726.420540][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2726.428532][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2726.438200][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2726.446274][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 03:58:04 executing program 4: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) 03:58:04 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) [ 2726.657164][T15111] memory: usage 246560kB, limit 0kB, failcnt 481 [ 2726.669174][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 03:58:04 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) 03:58:04 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) [ 2726.759203][ C0] net_ratelimit: 15 callbacks suppressed [ 2726.759244][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2726.773337][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2726.917094][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2726.923056][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2726.937888][T15111] Memory cgroup stats for /syz2: [ 2726.938327][T15111] anon 227184640 [ 2726.938327][T15111] file 36864 [ 2726.938327][T15111] kernel_stack 2752512 [ 2726.938327][T15111] slab 11558912 [ 2726.938327][T15111] sock 106496 [ 2726.938327][T15111] shmem 0 [ 2726.938327][T15111] file_mapped 0 [ 2726.938327][T15111] file_dirty 135168 [ 2726.938327][T15111] file_writeback 0 [ 2726.938327][T15111] anon_thp 195035136 [ 2726.938327][T15111] inactive_anon 20709376 [ 2726.938327][T15111] active_anon 206503936 [ 2726.938327][T15111] inactive_file 118784 [ 2726.938327][T15111] active_file 65536 [ 2726.938327][T15111] unevictable 0 [ 2726.938327][T15111] slab_reclaimable 3649536 [ 2726.938327][T15111] slab_unreclaimable 7909376 [ 2726.938327][T15111] pgfault 396165 [ 2726.938327][T15111] pgmajfault 0 [ 2726.938327][T15111] workingset_refault 0 03:58:04 executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x65dc}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x8, 0x14}]}, 0x30}}, 0x0) [ 2726.938327][T15111] workingset_activate 0 [ 2726.938327][T15111] workingset_nodereclaim 0 [ 2726.938327][T15111] pgrefill 74 [ 2726.938327][T15111] pgscan 1900 [ 2726.938327][T15111] pgsteal 1760 [ 2727.153930][ T2478] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 2727.201300][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24407,uid=0 [ 2727.225656][T15111] Memory cgroup out of memory: Killed process 24407 (syz-executor.2) total-vm:60424kB, anon-rss:6072kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2727.255808][ T1058] oom_reaper: reaped process 24407 (syz-executor.2), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 2727.298667][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2727.311164][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2727.320216][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2727.330293][T15111] Call Trace: [ 2727.333788][T15111] dump_stack+0x172/0x1f0 [ 2727.338143][T15111] dump_header+0x177/0x1152 [ 2727.342677][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2727.348503][T15111] ? ___ratelimit+0x2c8/0x595 [ 2727.353210][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2727.359048][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2727.364531][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2727.369579][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2727.375254][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2727.381069][T15111] ? ___ratelimit+0x60/0x595 [ 2727.385654][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2727.390770][T15111] oom_kill_process.cold+0x10/0x15 [ 2727.395879][T15111] out_of_memory+0x334/0x1340 [ 2727.400561][T15111] ? lock_downgrade+0x920/0x920 [ 2727.405423][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2727.411338][T15111] ? oom_killer_disable+0x280/0x280 [ 2727.416563][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2727.422245][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2727.427199][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2727.432326][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2727.437206][T15111] try_charge+0xf4b/0x1440 [ 2727.441648][T15111] ? find_held_lock+0x35/0x130 [ 2727.446429][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2727.452071][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2727.457670][T15111] ? find_held_lock+0x35/0x130 [ 2727.462480][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2727.468059][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2727.473787][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2727.479013][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2727.484948][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2727.490089][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2727.495489][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2727.501055][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2727.506771][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2727.511979][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2727.517268][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2727.522313][T15111] ? __kasan_check_read+0x11/0x20 [ 2727.527350][T15111] copy_process+0x3f8/0x6860 [ 2727.531953][T15111] ? __kasan_check_read+0x11/0x20 [ 2727.536995][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2727.542022][T15111] ? __kasan_check_read+0x11/0x20 [ 2727.547051][T15111] ? mark_lock+0xc2/0x1220 [ 2727.551523][T15111] ? __cleanup_sighand+0x60/0x60 [ 2727.556484][T15111] ? find_held_lock+0x35/0x130 [ 2727.561257][T15111] _do_fork+0x146/0xf90 [ 2727.565404][T15111] ? copy_init_mm+0x20/0x20 [ 2727.569910][T15111] ? __kasan_check_read+0x11/0x20 [ 2727.574925][T15111] ? _copy_to_user+0x118/0x160 [ 2727.579701][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2727.585941][T15111] ? put_timespec64+0xda/0x140 [ 2727.590708][T15111] __x64_sys_clone+0x18d/0x250 [ 2727.595550][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2727.600432][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2727.605744][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2727.610775][T15111] do_syscall_64+0xfa/0x760 [ 2727.615303][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2727.621210][T15111] RIP: 0033:0x45802a [ 2727.625098][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2727.644919][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2727.653515][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2727.661662][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2727.669738][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2727.677728][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2727.685708][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2727.699861][T15111] memory: usage 240292kB, limit 0kB, failcnt 487 [ 2727.706383][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2727.727066][T15111] Memory cgroup stats for /syz2: [ 2727.728647][T15111] anon 221057024 [ 2727.728647][T15111] file 36864 [ 2727.728647][T15111] kernel_stack 2752512 [ 2727.728647][T15111] slab 11558912 [ 2727.728647][T15111] sock 106496 [ 2727.728647][T15111] shmem 0 [ 2727.728647][T15111] file_mapped 0 [ 2727.728647][T15111] file_dirty 135168 [ 2727.728647][T15111] file_writeback 0 [ 2727.728647][T15111] anon_thp 192937984 [ 2727.728647][T15111] inactive_anon 16728064 [ 2727.728647][T15111] active_anon 204476416 [ 2727.728647][T15111] inactive_file 118784 [ 2727.728647][T15111] active_file 65536 [ 2727.728647][T15111] unevictable 0 [ 2727.728647][T15111] slab_reclaimable 3649536 [ 2727.728647][T15111] slab_unreclaimable 7909376 [ 2727.728647][T15111] pgfault 396165 [ 2727.728647][T15111] pgmajfault 0 [ 2727.728647][T15111] workingset_refault 0 [ 2727.728647][T15111] workingset_activate 0 [ 2727.728647][T15111] workingset_nodereclaim 0 [ 2727.728647][T15111] pgrefill 74 [ 2727.728647][T15111] pgscan 1900 [ 2727.728647][T15111] pgsteal 1760 [ 2727.838825][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24000,uid=0 [ 2727.859211][T15111] Memory cgroup out of memory: Killed process 24000 (syz-executor.2) total-vm:60424kB, anon-rss:6072kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2727.903495][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2727.916430][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2727.927729][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2727.937812][T15111] Call Trace: [ 2727.941139][T15111] dump_stack+0x172/0x1f0 [ 2727.945483][T15111] dump_header+0x177/0x1152 [ 2727.950162][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2727.955990][T15111] ? ___ratelimit+0x2c8/0x595 [ 2727.960701][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2727.966693][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2727.972011][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2727.977059][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2727.982757][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2727.988578][T15111] ? ___ratelimit+0x60/0x595 [ 2727.993173][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2727.998320][T15111] oom_kill_process.cold+0x10/0x15 [ 2728.003515][T15111] out_of_memory+0x334/0x1340 [ 2728.008191][T15111] ? lock_downgrade+0x920/0x920 [ 2728.013043][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2728.018852][T15111] ? oom_killer_disable+0x280/0x280 [ 2728.024074][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2728.029637][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2728.034571][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2728.037395][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2728.039691][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2728.045461][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2728.050253][T15111] try_charge+0xf4b/0x1440 [ 2728.050269][T15111] ? find_held_lock+0x35/0x130 [ 2728.050288][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2728.050298][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2728.050311][T15111] ? find_held_lock+0x35/0x130 [ 2728.050324][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2728.050352][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2728.095686][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2728.101034][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2728.106597][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2728.111739][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2728.117159][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2728.122749][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2728.128528][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2728.133743][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2728.139037][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2728.144062][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.149084][T15111] copy_process+0x3f8/0x6860 [ 2728.153720][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.158775][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2728.163806][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.168849][T15111] ? mark_lock+0xc2/0x1220 [ 2728.173273][T15111] ? __cleanup_sighand+0x60/0x60 [ 2728.178363][T15111] ? find_held_lock+0x35/0x130 [ 2728.183148][T15111] _do_fork+0x146/0xf90 [ 2728.187316][T15111] ? copy_init_mm+0x20/0x20 [ 2728.191808][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.196822][T15111] ? _copy_to_user+0x118/0x160 [ 2728.201611][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2728.207861][T15111] ? put_timespec64+0xda/0x140 [ 2728.212624][T15111] __x64_sys_clone+0x18d/0x250 [ 2728.217423][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2728.222313][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2728.227620][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2728.232640][T15111] do_syscall_64+0xfa/0x760 [ 2728.237148][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2728.243059][T15111] RIP: 0033:0x45802a [ 2728.248078][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2728.268048][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2728.276483][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2728.284470][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2728.292457][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2728.300434][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2728.308406][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2728.321271][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2728.327208][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2728.333085][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2728.339014][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2728.345672][T15111] memory: usage 234088kB, limit 0kB, failcnt 493 [ 2728.353084][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2728.360423][T15111] Memory cgroup stats for /syz2: [ 2728.360540][T15111] anon 214827008 [ 2728.360540][T15111] file 36864 [ 2728.360540][T15111] kernel_stack 2686976 [ 2728.360540][T15111] slab 11558912 [ 2728.360540][T15111] sock 106496 [ 2728.360540][T15111] shmem 0 [ 2728.360540][T15111] file_mapped 0 [ 2728.360540][T15111] file_dirty 135168 [ 2728.360540][T15111] file_writeback 0 [ 2728.360540][T15111] anon_thp 190840832 [ 2728.360540][T15111] inactive_anon 12644352 [ 2728.360540][T15111] active_anon 202448896 [ 2728.360540][T15111] inactive_file 118784 [ 2728.360540][T15111] active_file 65536 [ 2728.360540][T15111] unevictable 0 [ 2728.360540][T15111] slab_reclaimable 3649536 [ 2728.360540][T15111] slab_unreclaimable 7909376 [ 2728.360540][T15111] pgfault 396165 [ 2728.360540][T15111] pgmajfault 0 [ 2728.360540][T15111] workingset_refault 0 [ 2728.360540][T15111] workingset_activate 0 [ 2728.360540][T15111] workingset_nodereclaim 0 [ 2728.360540][T15111] pgrefill 74 [ 2728.360540][T15111] pgscan 1900 [ 2728.360540][T15111] pgsteal 1760 [ 2728.457130][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11509,uid=0 [ 2728.474680][T15111] Memory cgroup out of memory: Killed process 11509 (syz-executor.2) total-vm:60424kB, anon-rss:6068kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2728.496070][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2728.505372][ T1058] oom_reaper: reaped process 11509 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2728.509630][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2728.528199][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2728.538358][T15111] Call Trace: [ 2728.541674][T15111] dump_stack+0x172/0x1f0 [ 2728.546004][T15111] dump_header+0x177/0x1152 [ 2728.550542][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2728.556334][T15111] ? ___ratelimit+0x2c8/0x595 [ 2728.560997][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2728.566799][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2728.572079][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2728.577099][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2728.582819][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2728.588645][T15111] ? ___ratelimit+0x60/0x595 [ 2728.593234][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2728.598356][T15111] oom_kill_process.cold+0x10/0x15 [ 2728.603454][T15111] out_of_memory+0x334/0x1340 [ 2728.608123][T15111] ? lock_downgrade+0x920/0x920 [ 2728.612973][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2728.618770][T15111] ? oom_killer_disable+0x280/0x280 [ 2728.624049][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2728.629679][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2728.634605][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2728.639725][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2728.644656][T15111] try_charge+0xf4b/0x1440 [ 2728.649086][T15111] ? find_held_lock+0x35/0x130 [ 2728.653880][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2728.659442][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2728.664978][T15111] ? find_held_lock+0x35/0x130 [ 2728.669729][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2728.675284][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2728.680822][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2728.686009][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2728.691551][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2728.696851][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2728.702247][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2728.707835][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2728.713556][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2728.718912][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2728.724194][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2728.729208][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.734759][T15111] copy_process+0x3f8/0x6860 [ 2728.739380][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.744399][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2728.749421][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.754432][T15111] ? mark_lock+0xc2/0x1220 [ 2728.758840][T15111] ? __cleanup_sighand+0x60/0x60 [ 2728.763767][T15111] ? find_held_lock+0x35/0x130 [ 2728.768526][T15111] _do_fork+0x146/0xf90 [ 2728.772670][T15111] ? copy_init_mm+0x20/0x20 [ 2728.777179][T15111] ? __kasan_check_read+0x11/0x20 [ 2728.782191][T15111] ? _copy_to_user+0x118/0x160 [ 2728.787120][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2728.793354][T15111] ? put_timespec64+0xda/0x140 [ 2728.798115][T15111] __x64_sys_clone+0x18d/0x250 [ 2728.802869][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2728.807721][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2728.812999][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2728.818022][T15111] do_syscall_64+0xfa/0x760 [ 2728.822527][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2728.828505][T15111] RIP: 0033:0x45802a [ 2728.832391][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2728.852872][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2728.861410][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2728.869386][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2728.877470][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2728.885449][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2728.893441][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2728.905627][T15111] memory: usage 227776kB, limit 0kB, failcnt 499 [ 2728.912266][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2728.919456][T15111] Memory cgroup stats for /syz2: [ 2728.919553][T15111] anon 208510976 [ 2728.919553][T15111] file 36864 [ 2728.919553][T15111] kernel_stack 2686976 [ 2728.919553][T15111] slab 11423744 [ 2728.919553][T15111] sock 106496 [ 2728.919553][T15111] shmem 0 [ 2728.919553][T15111] file_mapped 0 [ 2728.919553][T15111] file_dirty 135168 [ 2728.919553][T15111] file_writeback 0 [ 2728.919553][T15111] anon_thp 188743680 [ 2728.919553][T15111] inactive_anon 6443008 [ 2728.919553][T15111] active_anon 202313728 [ 2728.919553][T15111] inactive_file 118784 [ 2728.919553][T15111] active_file 65536 [ 2728.919553][T15111] unevictable 0 [ 2728.919553][T15111] slab_reclaimable 3514368 [ 2728.919553][T15111] slab_unreclaimable 7909376 [ 2728.919553][T15111] pgfault 396165 [ 2728.919553][T15111] pgmajfault 0 [ 2728.919553][T15111] workingset_refault 0 [ 2728.919553][T15111] workingset_activate 0 [ 2728.919553][T15111] workingset_nodereclaim 0 [ 2728.919553][T15111] pgrefill 74 [ 2728.919553][T15111] pgscan 1900 [ 2728.919553][T15111] pgsteal 1760 [ 2729.015358][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11462,uid=0 [ 2729.031080][T15111] Memory cgroup out of memory: Killed process 11462 (syz-executor.2) total-vm:60424kB, anon-rss:6068kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2729.052471][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2729.055690][ T1058] oom_reaper: reaped process 11462 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2729.064443][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2729.064453][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2729.064460][T15111] Call Trace: [ 2729.064492][T15111] dump_stack+0x172/0x1f0 [ 2729.064523][T15111] dump_header+0x177/0x1152 [ 2729.106855][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2729.112649][T15111] ? ___ratelimit+0x2c8/0x595 [ 2729.117311][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2729.123119][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2729.128393][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2729.133404][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2729.139704][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2729.146590][T15111] ? ___ratelimit+0x60/0x595 [ 2729.151173][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2729.156295][T15111] oom_kill_process.cold+0x10/0x15 [ 2729.161435][T15111] out_of_memory+0x334/0x1340 [ 2729.166128][T15111] ? lock_downgrade+0x920/0x920 [ 2729.170972][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2729.176811][T15111] ? oom_killer_disable+0x280/0x280 [ 2729.182004][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2729.187545][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2729.192491][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2729.197652][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2729.202505][T15111] try_charge+0xf4b/0x1440 [ 2729.206910][T15111] ? find_held_lock+0x35/0x130 [ 2729.211665][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2729.217284][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2729.222956][T15111] ? find_held_lock+0x35/0x130 [ 2729.227737][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2729.233296][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2729.238872][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2729.244172][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2729.249730][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2729.254838][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2729.260198][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2729.265750][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2729.271471][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2729.277225][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2729.282509][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2729.287520][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.292530][T15111] copy_process+0x3f8/0x6860 [ 2729.297105][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.302115][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2729.307139][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.312202][T15111] ? mark_lock+0xc2/0x1220 [ 2729.316628][T15111] ? __cleanup_sighand+0x60/0x60 [ 2729.321569][T15111] ? find_held_lock+0x35/0x130 [ 2729.326330][T15111] _do_fork+0x146/0xf90 [ 2729.330471][T15111] ? copy_init_mm+0x20/0x20 [ 2729.334979][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.340011][T15111] ? _copy_to_user+0x118/0x160 [ 2729.344773][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2729.350999][T15111] ? put_timespec64+0xda/0x140 [ 2729.355766][T15111] __x64_sys_clone+0x18d/0x250 [ 2729.360518][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2729.365811][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2729.371097][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2729.376116][T15111] do_syscall_64+0xfa/0x760 [ 2729.380738][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2729.386628][T15111] RIP: 0033:0x45802a [ 2729.390520][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2729.410128][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2729.418528][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2729.426488][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2729.434443][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2729.442405][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2729.450372][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2729.459176][T15111] memory: usage 221544kB, limit 0kB, failcnt 505 [ 2729.465577][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2729.472578][T15111] Memory cgroup stats for /syz2: [ 2729.472673][T15111] anon 202297344 [ 2729.472673][T15111] file 36864 [ 2729.472673][T15111] kernel_stack 2621440 [ 2729.472673][T15111] slab 11423744 [ 2729.472673][T15111] sock 106496 [ 2729.472673][T15111] shmem 0 [ 2729.472673][T15111] file_mapped 0 [ 2729.472673][T15111] file_dirty 135168 [ 2729.472673][T15111] file_writeback 0 [ 2729.472673][T15111] anon_thp 186646528 [ 2729.472673][T15111] inactive_anon 245760 [ 2729.472673][T15111] active_anon 202313728 [ 2729.472673][T15111] inactive_file 118784 [ 2729.472673][T15111] active_file 65536 [ 2729.472673][T15111] unevictable 0 [ 2729.472673][T15111] slab_reclaimable 3514368 [ 2729.472673][T15111] slab_unreclaimable 7909376 [ 2729.472673][T15111] pgfault 396165 [ 2729.472673][T15111] pgmajfault 0 [ 2729.472673][T15111] workingset_refault 0 [ 2729.472673][T15111] workingset_activate 0 [ 2729.472673][T15111] workingset_nodereclaim 0 [ 2729.472673][T15111] pgrefill 74 [ 2729.472673][T15111] pgscan 1900 [ 2729.472673][T15111] pgsteal 1760 [ 2729.568510][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14811,uid=0 [ 2729.584885][T15111] Memory cgroup out of memory: Killed process 14811 (syz-executor.2) total-vm:72704kB, anon-rss:4256kB, file-rss:35868kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2729.605935][ T1058] oom_reaper: reaped process 14811 (syz-executor.2), now anon-rss:0kB, file-rss:34908kB, shmem-rss:0kB [ 2729.605995][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2729.629150][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2729.638207][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2729.648474][T15111] Call Trace: [ 2729.651768][T15111] dump_stack+0x172/0x1f0 [ 2729.656087][T15111] dump_header+0x177/0x1152 [ 2729.660593][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2729.666388][T15111] ? ___ratelimit+0x2c8/0x595 [ 2729.671059][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2729.676877][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2729.682174][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2729.687191][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2729.692826][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2729.698631][T15111] ? ___ratelimit+0x60/0x595 [ 2729.703218][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2729.708352][T15111] oom_kill_process.cold+0x10/0x15 [ 2729.713567][T15111] out_of_memory+0x334/0x1340 [ 2729.718597][T15111] ? lock_downgrade+0x920/0x920 [ 2729.723450][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2729.729280][T15111] ? oom_killer_disable+0x280/0x280 [ 2729.734473][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2729.740006][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2729.745370][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2729.750473][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2729.755311][T15111] try_charge+0xf4b/0x1440 [ 2729.759716][T15111] ? find_held_lock+0x35/0x130 [ 2729.764479][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2729.770107][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2729.775642][T15111] ? find_held_lock+0x35/0x130 [ 2729.780405][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2729.785964][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2729.791499][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2729.796684][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2729.802243][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2729.807339][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2729.812698][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2729.818263][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2729.823968][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2729.829174][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2729.834549][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2729.839562][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.844578][T15111] copy_process+0x3f8/0x6860 [ 2729.849159][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.854168][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2729.859177][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.864188][T15111] ? mark_lock+0xc2/0x1220 [ 2729.868599][T15111] ? __cleanup_sighand+0x60/0x60 [ 2729.873536][T15111] ? find_held_lock+0x35/0x130 [ 2729.878319][T15111] _do_fork+0x146/0xf90 [ 2729.882464][T15111] ? copy_init_mm+0x20/0x20 [ 2729.886959][T15111] ? __kasan_check_read+0x11/0x20 [ 2729.891978][T15111] ? _copy_to_user+0x118/0x160 [ 2729.896736][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2729.903070][T15111] ? put_timespec64+0xda/0x140 [ 2729.907849][T15111] __x64_sys_clone+0x18d/0x250 [ 2729.912607][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2729.917461][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2729.922737][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2729.927752][T15111] do_syscall_64+0xfa/0x760 [ 2729.932257][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2729.938140][T15111] RIP: 0033:0x45802a [ 2729.942023][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2729.961727][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2729.970214][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2729.978210][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2729.986437][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2729.994411][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2730.002818][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2730.011159][T15111] memory: usage 217180kB, limit 0kB, failcnt 511 [ 2730.017582][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2730.024823][T15111] Memory cgroup stats for /syz2: [ 2730.024952][T15111] anon 198021120 [ 2730.024952][T15111] file 36864 [ 2730.024952][T15111] kernel_stack 2621440 [ 2730.024952][T15111] slab 11423744 [ 2730.024952][T15111] sock 106496 [ 2730.024952][T15111] shmem 0 [ 2730.024952][T15111] file_mapped 0 [ 2730.024952][T15111] file_dirty 135168 [ 2730.024952][T15111] file_writeback 0 [ 2730.024952][T15111] anon_thp 182452224 [ 2730.024952][T15111] inactive_anon 245760 [ 2730.024952][T15111] active_anon 198017024 [ 2730.024952][T15111] inactive_file 118784 [ 2730.024952][T15111] active_file 65536 [ 2730.024952][T15111] unevictable 0 [ 2730.024952][T15111] slab_reclaimable 3514368 [ 2730.024952][T15111] slab_unreclaimable 7909376 [ 2730.024952][T15111] pgfault 396165 [ 2730.024952][T15111] pgmajfault 0 [ 2730.024952][T15111] workingset_refault 0 [ 2730.024952][T15111] workingset_activate 0 [ 2730.024952][T15111] workingset_nodereclaim 0 [ 2730.024952][T15111] pgrefill 74 [ 2730.024952][T15111] pgscan 1900 [ 2730.024952][T15111] pgsteal 1760 [ 2730.120409][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=27634,uid=0 [ 2730.136104][T15111] Memory cgroup out of memory: Killed process 27634 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:35872kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2730.157482][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2730.157532][ T1058] oom_reaper: reaped process 27634 (syz-executor.2), now anon-rss:0kB, file-rss:34912kB, shmem-rss:0kB [ 2730.169554][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2730.189581][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2730.199743][T15111] Call Trace: [ 2730.203056][T15111] dump_stack+0x172/0x1f0 [ 2730.207513][T15111] dump_header+0x177/0x1152 [ 2730.212003][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2730.217799][T15111] ? ___ratelimit+0x2c8/0x595 [ 2730.222480][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2730.228302][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2730.233571][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2730.238941][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2730.244568][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2730.250394][T15111] ? ___ratelimit+0x60/0x595 [ 2730.254974][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2730.260079][T15111] oom_kill_process.cold+0x10/0x15 [ 2730.265176][T15111] out_of_memory+0x334/0x1340 [ 2730.269836][T15111] ? lock_downgrade+0x920/0x920 [ 2730.274676][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2730.280503][T15111] ? oom_killer_disable+0x280/0x280 [ 2730.285692][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2730.291223][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2730.296148][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2730.301260][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2730.306144][T15111] try_charge+0xf4b/0x1440 [ 2730.310578][T15111] ? find_held_lock+0x35/0x130 [ 2730.315369][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2730.321089][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2730.327020][T15111] ? find_held_lock+0x35/0x130 [ 2730.331802][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2730.337535][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2730.343080][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2730.348280][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2730.353830][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2730.359106][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2730.364836][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2730.371509][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2730.377211][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2730.382499][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2730.387781][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2730.392788][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.397806][T15111] copy_process+0x3f8/0x6860 [ 2730.402404][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.407606][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2730.412610][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.417622][T15111] ? mark_lock+0xc2/0x1220 [ 2730.422036][T15111] ? __cleanup_sighand+0x60/0x60 [ 2730.426973][T15111] ? find_held_lock+0x35/0x130 [ 2730.431739][T15111] _do_fork+0x146/0xf90 [ 2730.435898][T15111] ? copy_init_mm+0x20/0x20 [ 2730.440400][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.445411][T15111] ? _copy_to_user+0x118/0x160 [ 2730.450178][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2730.456665][T15111] ? put_timespec64+0xda/0x140 [ 2730.462741][T15111] __x64_sys_clone+0x18d/0x250 [ 2730.467500][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2730.472795][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2730.478069][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2730.483086][T15111] do_syscall_64+0xfa/0x760 [ 2730.487587][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2730.493462][T15111] RIP: 0033:0x45802a [ 2730.497699][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2730.517294][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2730.525744][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2730.533715][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2730.541772][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2730.549746][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2730.557888][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2730.574056][T15111] memory: usage 212384kB, limit 0kB, failcnt 517 [ 2730.580654][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2730.588588][T15111] Memory cgroup stats for /syz2: [ 2730.588677][T15111] anon 193720320 [ 2730.588677][T15111] file 36864 [ 2730.588677][T15111] kernel_stack 2621440 [ 2730.588677][T15111] slab 11079680 [ 2730.588677][T15111] sock 106496 [ 2730.588677][T15111] shmem 0 [ 2730.588677][T15111] file_mapped 0 [ 2730.588677][T15111] file_dirty 135168 [ 2730.588677][T15111] file_writeback 0 [ 2730.588677][T15111] anon_thp 178257920 [ 2730.588677][T15111] inactive_anon 245760 [ 2730.588677][T15111] active_anon 193716224 [ 2730.588677][T15111] inactive_file 118784 [ 2730.588677][T15111] active_file 65536 [ 2730.588677][T15111] unevictable 0 [ 2730.588677][T15111] slab_reclaimable 3514368 [ 2730.588677][T15111] slab_unreclaimable 7565312 [ 2730.588677][T15111] pgfault 396165 [ 2730.588677][T15111] pgmajfault 0 [ 2730.588677][T15111] workingset_refault 0 [ 2730.588677][T15111] workingset_activate 0 [ 2730.588677][T15111] workingset_nodereclaim 0 [ 2730.588677][T15111] pgrefill 74 [ 2730.588677][T15111] pgscan 1900 [ 2730.588677][T15111] pgsteal 1760 [ 2730.692448][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=27705,uid=0 [ 2730.709213][T15111] Memory cgroup out of memory: Killed process 27705 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:35860kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2730.730807][ T1058] oom_reaper: reaped process 27705 (syz-executor.2), now anon-rss:0kB, file-rss:34900kB, shmem-rss:0kB [ 2730.744843][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2730.757627][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2730.766661][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2730.777332][T15111] Call Trace: [ 2730.780633][T15111] dump_stack+0x172/0x1f0 [ 2730.785055][T15111] dump_header+0x177/0x1152 [ 2730.789848][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2730.795914][T15111] ? ___ratelimit+0x2c8/0x595 [ 2730.800705][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2730.806611][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2730.811898][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2730.816921][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2730.822550][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2730.828987][T15111] ? ___ratelimit+0x60/0x595 [ 2730.833622][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2730.839722][T15111] oom_kill_process.cold+0x10/0x15 [ 2730.845013][T15111] out_of_memory+0x334/0x1340 [ 2730.850139][T15111] ? lock_downgrade+0x920/0x920 [ 2730.855091][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2730.861360][T15111] ? oom_killer_disable+0x280/0x280 [ 2730.867046][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2730.873304][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2730.878927][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2730.884126][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2730.889117][T15111] try_charge+0xf4b/0x1440 [ 2730.893802][T15111] ? find_held_lock+0x35/0x130 [ 2730.898579][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2730.904141][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2730.909797][T15111] ? find_held_lock+0x35/0x130 [ 2730.914572][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2730.920484][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2730.926121][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2730.931334][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2730.936916][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2730.942153][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2730.947555][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2730.953135][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2730.958912][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2730.964130][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2730.969422][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2730.974442][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.979476][T15111] copy_process+0x3f8/0x6860 [ 2730.984055][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.989079][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2730.994098][T15111] ? __kasan_check_read+0x11/0x20 [ 2730.999121][T15111] ? mark_lock+0xc2/0x1220 [ 2731.003680][T15111] ? __cleanup_sighand+0x60/0x60 [ 2731.008642][T15111] ? find_held_lock+0x35/0x130 [ 2731.013418][T15111] _do_fork+0x146/0xf90 [ 2731.017567][T15111] ? copy_init_mm+0x20/0x20 [ 2731.022064][T15111] ? __kasan_check_read+0x11/0x20 [ 2731.027083][T15111] ? _copy_to_user+0x118/0x160 [ 2731.031865][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2731.038115][T15111] ? put_timespec64+0xda/0x140 [ 2731.042893][T15111] __x64_sys_clone+0x18d/0x250 [ 2731.047671][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2731.052529][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2731.057971][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2731.063024][T15111] do_syscall_64+0xfa/0x760 [ 2731.067559][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2731.073451][T15111] RIP: 0033:0x45802a [ 2731.077342][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2731.096971][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2731.105462][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2731.113433][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2731.121633][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2731.129626][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2731.137604][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2731.156616][T15111] memory: usage 207972kB, limit 0kB, failcnt 523 [ 2731.163138][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2731.171083][T15111] Memory cgroup stats for /syz2: [ 2731.171213][T15111] anon 189419520 [ 2731.171213][T15111] file 36864 [ 2731.171213][T15111] kernel_stack 2555904 [ 2731.171213][T15111] slab 11079680 [ 2731.171213][T15111] sock 106496 [ 2731.171213][T15111] shmem 0 [ 2731.171213][T15111] file_mapped 0 [ 2731.171213][T15111] file_dirty 135168 [ 2731.171213][T15111] file_writeback 0 [ 2731.171213][T15111] anon_thp 174063616 [ 2731.171213][T15111] inactive_anon 245760 [ 2731.171213][T15111] active_anon 189415424 [ 2731.171213][T15111] inactive_file 118784 [ 2731.171213][T15111] active_file 65536 [ 2731.171213][T15111] unevictable 0 [ 2731.171213][T15111] slab_reclaimable 3514368 [ 2731.171213][T15111] slab_unreclaimable 7565312 [ 2731.171213][T15111] pgfault 396165 [ 2731.171213][T15111] pgmajfault 0 [ 2731.171213][T15111] workingset_refault 0 [ 2731.171213][T15111] workingset_activate 0 [ 2731.171213][T15111] workingset_nodereclaim 0 [ 2731.171213][T15111] pgrefill 74 [ 2731.171213][T15111] pgscan 1900 [ 2731.171213][T15111] pgsteal 1760 [ 2731.268618][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=27601,uid=0 [ 2731.284524][T15111] Memory cgroup out of memory: Killed process 27601 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:35860kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2731.305631][ T1058] oom_reaper: reaped process 27601 (syz-executor.2), now anon-rss:0kB, file-rss:34900kB, shmem-rss:0kB [ 2731.305919][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2731.330555][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2731.339693][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2731.349765][T15111] Call Trace: [ 2731.353060][T15111] dump_stack+0x172/0x1f0 [ 2731.357393][T15111] dump_header+0x177/0x1152 [ 2731.361910][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2731.367714][T15111] ? ___ratelimit+0x2c8/0x595 [ 2731.372397][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2731.378206][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2731.383488][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2731.388501][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2731.394125][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2731.400643][T15111] ? ___ratelimit+0x60/0x595 [ 2731.405334][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2731.410448][T15111] oom_kill_process.cold+0x10/0x15 [ 2731.415563][T15111] out_of_memory+0x334/0x1340 [ 2731.420256][T15111] ? lock_downgrade+0x920/0x920 [ 2731.425115][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2731.430914][T15111] ? oom_killer_disable+0x280/0x280 [ 2731.436108][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2731.441666][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2731.446611][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2731.451721][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2731.456681][T15111] try_charge+0xf4b/0x1440 [ 2731.461125][T15111] ? find_held_lock+0x35/0x130 [ 2731.465902][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2731.471443][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2731.476985][T15111] ? find_held_lock+0x35/0x130 [ 2731.481757][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2731.487315][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2731.492871][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2731.498072][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2731.503678][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2731.508832][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2731.514249][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2731.519818][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2731.526352][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2731.531562][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2731.536836][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2731.541849][T15111] ? __kasan_check_read+0x11/0x20 [ 2731.546891][T15111] copy_process+0x3f8/0x6860 [ 2731.551478][T15111] ? __kasan_check_read+0x11/0x20 [ 2731.556488][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2731.561582][T15111] ? __kasan_check_read+0x11/0x20 [ 2731.566599][T15111] ? mark_lock+0xc2/0x1220 [ 2731.571099][T15111] ? __cleanup_sighand+0x60/0x60 [ 2731.576022][T15111] ? find_held_lock+0x35/0x130 [ 2731.580785][T15111] _do_fork+0x146/0xf90 [ 2731.584928][T15111] ? copy_init_mm+0x20/0x20 [ 2731.589447][T15111] ? __kasan_check_read+0x11/0x20 [ 2731.594474][T15111] ? _copy_to_user+0x118/0x160 [ 2731.599265][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2731.605517][T15111] ? put_timespec64+0xda/0x140 [ 2731.610456][T15111] __x64_sys_clone+0x18d/0x250 [ 2731.615300][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2731.620174][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2731.625483][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2731.630520][T15111] do_syscall_64+0xfa/0x760 [ 2731.635031][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2731.640919][T15111] RIP: 0033:0x45802a [ 2731.644800][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2731.664482][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2731.673076][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2731.681050][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2731.689126][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2731.697747][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2731.705748][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2731.721458][T15111] memory: usage 203636kB, limit 0kB, failcnt 529 [ 2731.728073][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2731.735269][T15111] Memory cgroup stats for /syz2: [ 2731.735379][T15111] anon 185036800 [ 2731.735379][T15111] file 36864 [ 2731.735379][T15111] kernel_stack 2555904 [ 2731.735379][T15111] slab 11079680 [ 2731.735379][T15111] sock 106496 [ 2731.735379][T15111] shmem 0 [ 2731.735379][T15111] file_mapped 0 [ 2731.735379][T15111] file_dirty 135168 [ 2731.735379][T15111] file_writeback 0 [ 2731.735379][T15111] anon_thp 169869312 [ 2731.735379][T15111] inactive_anon 245760 [ 2731.735379][T15111] active_anon 185040896 [ 2731.735379][T15111] inactive_file 118784 [ 2731.735379][T15111] active_file 65536 [ 2731.735379][T15111] unevictable 0 [ 2731.735379][T15111] slab_reclaimable 3514368 [ 2731.735379][T15111] slab_unreclaimable 7565312 [ 2731.735379][T15111] pgfault 396165 [ 2731.735379][T15111] pgmajfault 0 [ 2731.735379][T15111] workingset_refault 0 [ 2731.735379][T15111] workingset_activate 0 [ 2731.735379][T15111] workingset_nodereclaim 0 [ 2731.735379][T15111] pgrefill 74 [ 2731.735379][T15111] pgscan 1900 [ 2731.735379][T15111] pgsteal 1760 [ 2731.832650][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24283,uid=0 [ 2731.848415][T15111] Memory cgroup out of memory: Killed process 24283 (syz-executor.2) total-vm:72836kB, anon-rss:4264kB, file-rss:35816kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2731.872922][ T1058] oom_reaper: reaped process 24283 (syz-executor.2), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB [ 2731.872966][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2731.896687][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2731.905724][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2731.916020][T15111] Call Trace: [ 2731.919332][T15111] dump_stack+0x172/0x1f0 [ 2731.924260][T15111] dump_header+0x177/0x1152 [ 2731.928956][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2731.934869][T15111] ? ___ratelimit+0x2c8/0x595 [ 2731.939676][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2731.945564][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2731.951287][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2731.956486][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2731.962496][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2731.968354][T15111] ? ___ratelimit+0x60/0x595 [ 2731.973028][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2731.978156][T15111] oom_kill_process.cold+0x10/0x15 [ 2731.983370][T15111] out_of_memory+0x334/0x1340 [ 2731.988054][T15111] ? lock_downgrade+0x920/0x920 [ 2731.992920][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2731.999075][T15111] ? oom_killer_disable+0x280/0x280 [ 2732.004309][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2732.010633][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2732.015578][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2732.020692][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2732.027108][T15111] try_charge+0xf4b/0x1440 [ 2732.031543][T15111] ? find_held_lock+0x35/0x130 [ 2732.036316][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2732.041887][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2732.047454][T15111] ? find_held_lock+0x35/0x130 [ 2732.052455][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2732.058020][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2732.063889][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2732.069119][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2732.074679][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2732.080120][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2732.085493][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2732.091586][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2732.097659][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2732.103578][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2732.108868][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2732.115021][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.120041][T15111] copy_process+0x3f8/0x6860 [ 2732.124632][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.129690][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2732.134732][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.139948][T15111] ? mark_lock+0xc2/0x1220 [ 2732.144430][T15111] ? __cleanup_sighand+0x60/0x60 [ 2732.149475][T15111] ? find_held_lock+0x35/0x130 [ 2732.154307][T15111] _do_fork+0x146/0xf90 [ 2732.158739][T15111] ? copy_init_mm+0x20/0x20 [ 2732.164618][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.169648][T15111] ? _copy_to_user+0x118/0x160 [ 2732.174510][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2732.180763][T15111] ? put_timespec64+0xda/0x140 [ 2732.185530][T15111] __x64_sys_clone+0x18d/0x250 [ 2732.190816][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2732.196179][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2732.197207][ C1] net_ratelimit: 14 callbacks suppressed [ 2732.197217][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2732.201465][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2732.207250][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2732.212970][T15111] do_syscall_64+0xfa/0x760 [ 2732.228188][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2732.234096][T15111] RIP: 0033:0x45802a [ 2732.238516][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2732.258680][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2732.267210][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2732.275324][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2732.283298][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2732.291378][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2732.299477][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2732.311767][T15111] memory: usage 199204kB, limit 0kB, failcnt 535 [ 2732.318977][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2732.326141][T15111] Memory cgroup stats for /syz2: [ 2732.326265][T15111] anon 180719616 [ 2732.326265][T15111] file 36864 [ 2732.326265][T15111] kernel_stack 2490368 [ 2732.326265][T15111] slab 11079680 [ 2732.326265][T15111] sock 106496 [ 2732.326265][T15111] shmem 0 [ 2732.326265][T15111] file_mapped 0 [ 2732.326265][T15111] file_dirty 135168 [ 2732.326265][T15111] file_writeback 0 [ 2732.326265][T15111] anon_thp 165675008 [ 2732.326265][T15111] inactive_anon 245760 [ 2732.326265][T15111] active_anon 180723712 [ 2732.326265][T15111] inactive_file 118784 [ 2732.326265][T15111] active_file 65536 [ 2732.326265][T15111] unevictable 0 [ 2732.326265][T15111] slab_reclaimable 3514368 [ 2732.326265][T15111] slab_unreclaimable 7565312 [ 2732.326265][T15111] pgfault 396165 [ 2732.326265][T15111] pgmajfault 0 [ 2732.326265][T15111] workingset_refault 0 [ 2732.326265][T15111] workingset_activate 0 [ 2732.326265][T15111] workingset_nodereclaim 0 [ 2732.326265][T15111] pgrefill 74 [ 2732.326265][T15111] pgscan 1900 [ 2732.326265][T15111] pgsteal 1760 [ 2732.425003][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23489,uid=0 [ 2732.442479][T15111] Memory cgroup out of memory: Killed process 23489 (syz-executor.2) total-vm:72704kB, anon-rss:4256kB, file-rss:35808kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2732.463938][ T1058] oom_reaper: reaped process 23489 (syz-executor.2), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB [ 2732.464002][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2732.487552][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2732.496669][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2732.506733][T15111] Call Trace: [ 2732.510170][T15111] dump_stack+0x172/0x1f0 [ 2732.514712][T15111] dump_header+0x177/0x1152 [ 2732.519505][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2732.525413][T15111] ? ___ratelimit+0x2c8/0x595 [ 2732.530100][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2732.536081][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2732.541486][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2732.546601][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2732.552517][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2732.558532][T15111] ? ___ratelimit+0x60/0x595 [ 2732.564112][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2732.569229][T15111] oom_kill_process.cold+0x10/0x15 [ 2732.574358][T15111] out_of_memory+0x334/0x1340 [ 2732.579236][T15111] ? lock_downgrade+0x920/0x920 [ 2732.584223][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2732.590103][T15111] ? oom_killer_disable+0x280/0x280 [ 2732.595396][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2732.601199][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2732.606127][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2732.611256][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2732.616361][T15111] try_charge+0xf4b/0x1440 [ 2732.620767][T15111] ? find_held_lock+0x35/0x130 [ 2732.625527][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2732.631058][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2732.636596][T15111] ? find_held_lock+0x35/0x130 [ 2732.641351][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2732.646986][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2732.652544][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2732.657744][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2732.663304][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2732.668418][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2732.673792][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2732.679353][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2732.685094][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2732.691803][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2732.697122][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2732.702147][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.707178][T15111] copy_process+0x3f8/0x6860 [ 2732.711765][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.716777][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2732.721884][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.726901][T15111] ? mark_lock+0xc2/0x1220 [ 2732.731312][T15111] ? __cleanup_sighand+0x60/0x60 [ 2732.736241][T15111] ? find_held_lock+0x35/0x130 [ 2732.741192][T15111] _do_fork+0x146/0xf90 [ 2732.745336][T15111] ? copy_init_mm+0x20/0x20 [ 2732.749842][T15111] ? __kasan_check_read+0x11/0x20 [ 2732.754855][T15111] ? _copy_to_user+0x118/0x160 [ 2732.759623][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2732.765886][T15111] ? put_timespec64+0xda/0x140 [ 2732.770656][T15111] __x64_sys_clone+0x18d/0x250 [ 2732.775405][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2732.780262][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2732.785543][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2732.790580][T15111] do_syscall_64+0xfa/0x760 [ 2732.795338][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2732.801218][T15111] RIP: 0033:0x45802a [ 2732.805101][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2732.824697][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2732.833101][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2732.841766][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2732.849824][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2732.857980][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2732.866056][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2732.879433][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2732.885335][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2732.891363][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2732.897290][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2732.903809][T15111] memory: usage 194788kB, limit 0kB, failcnt 541 [ 2732.910304][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2732.917678][T15111] Memory cgroup stats for /syz2: [ 2732.917823][T15111] anon 176398336 [ 2732.917823][T15111] file 36864 [ 2732.917823][T15111] kernel_stack 2490368 [ 2732.917823][T15111] slab 10944512 [ 2732.917823][T15111] sock 106496 [ 2732.917823][T15111] shmem 0 [ 2732.917823][T15111] file_mapped 0 [ 2732.917823][T15111] file_dirty 135168 [ 2732.917823][T15111] file_writeback 0 [ 2732.917823][T15111] anon_thp 161480704 [ 2732.917823][T15111] inactive_anon 245760 [ 2732.917823][T15111] active_anon 176402432 [ 2732.917823][T15111] inactive_file 118784 [ 2732.917823][T15111] active_file 65536 [ 2732.917823][T15111] unevictable 0 [ 2732.917823][T15111] slab_reclaimable 3379200 [ 2732.917823][T15111] slab_unreclaimable 7565312 [ 2732.917823][T15111] pgfault 396165 [ 2732.917823][T15111] pgmajfault 0 [ 2732.917823][T15111] workingset_refault 0 [ 2732.917823][T15111] workingset_activate 0 [ 2732.917823][T15111] workingset_nodereclaim 0 [ 2732.917823][T15111] pgrefill 74 [ 2732.917823][T15111] pgscan 1900 [ 2732.917823][T15111] pgsteal 1760 [ 2733.014551][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23506,uid=0 [ 2733.034964][T15111] Memory cgroup out of memory: Killed process 23506 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:35812kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2733.062755][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2733.075392][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2733.084509][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2733.094556][T15111] Call Trace: [ 2733.097861][T15111] dump_stack+0x172/0x1f0 [ 2733.102311][T15111] dump_header+0x177/0x1152 [ 2733.106818][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2733.112610][T15111] ? ___ratelimit+0x2c8/0x595 [ 2733.117297][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2733.123187][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2733.129428][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2733.134576][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2733.140942][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2733.146861][T15111] ? ___ratelimit+0x60/0x595 [ 2733.151451][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2733.156780][T15111] oom_kill_process.cold+0x10/0x15 [ 2733.161901][T15111] out_of_memory+0x334/0x1340 [ 2733.166668][T15111] ? lock_downgrade+0x920/0x920 [ 2733.171516][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2733.177600][T15111] ? oom_killer_disable+0x280/0x280 [ 2733.182796][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2733.188414][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2733.193336][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2733.198437][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2733.203272][T15111] try_charge+0xf4b/0x1440 [ 2733.207787][T15111] ? find_held_lock+0x35/0x130 [ 2733.212612][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2733.219814][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2733.225440][T15111] ? find_held_lock+0x35/0x130 [ 2733.230212][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2733.235748][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2733.241303][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2733.246593][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2733.252248][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2733.257619][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2733.262980][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2733.268514][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2733.275462][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2733.280770][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2733.286398][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2733.292205][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.297406][T15111] copy_process+0x3f8/0x6860 [ 2733.301987][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.307067][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2733.312097][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.317125][T15111] ? mark_lock+0xc2/0x1220 [ 2733.321543][T15111] ? __cleanup_sighand+0x60/0x60 [ 2733.326523][T15111] ? find_held_lock+0x35/0x130 [ 2733.331307][T15111] _do_fork+0x146/0xf90 [ 2733.335564][T15111] ? copy_init_mm+0x20/0x20 [ 2733.340081][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.345092][T15111] ? _copy_to_user+0x118/0x160 [ 2733.350199][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2733.356689][T15111] ? put_timespec64+0xda/0x140 [ 2733.361534][T15111] __x64_sys_clone+0x18d/0x250 [ 2733.366310][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2733.371154][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2733.376439][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2733.382672][T15111] do_syscall_64+0xfa/0x760 [ 2733.387170][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2733.393053][T15111] RIP: 0033:0x45802a [ 2733.396939][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2733.416538][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2733.424965][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2733.433703][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2733.441678][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2733.449647][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2733.457606][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2733.466020][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2733.467214][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2733.471888][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2733.477696][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2733.485675][T15111] memory: usage 190420kB, limit 0kB, failcnt 547 [ 2733.496262][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2733.503469][T15111] Memory cgroup stats for /syz2: [ 2733.503579][T15111] anon 172097536 [ 2733.503579][T15111] file 36864 [ 2733.503579][T15111] kernel_stack 2424832 [ 2733.503579][T15111] slab 10944512 [ 2733.503579][T15111] sock 106496 [ 2733.503579][T15111] shmem 0 [ 2733.503579][T15111] file_mapped 0 [ 2733.503579][T15111] file_dirty 135168 [ 2733.503579][T15111] file_writeback 0 [ 2733.503579][T15111] anon_thp 157286400 [ 2733.503579][T15111] inactive_anon 245760 [ 2733.503579][T15111] active_anon 172101632 [ 2733.503579][T15111] inactive_file 118784 [ 2733.503579][T15111] active_file 65536 [ 2733.503579][T15111] unevictable 0 [ 2733.503579][T15111] slab_reclaimable 3379200 [ 2733.503579][T15111] slab_unreclaimable 7565312 [ 2733.503579][T15111] pgfault 396165 [ 2733.503579][T15111] pgmajfault 0 [ 2733.503579][T15111] workingset_refault 0 [ 2733.503579][T15111] workingset_activate 0 [ 2733.503579][T15111] workingset_nodereclaim 0 [ 2733.503579][T15111] pgrefill 74 [ 2733.503579][T15111] pgscan 1900 [ 2733.503579][T15111] pgsteal 1760 [ 2733.599710][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23477,uid=0 [ 2733.615555][T15111] Memory cgroup out of memory: Killed process 23477 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:35812kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2733.636220][ T1058] oom_reaper: reaped process 23477 (syz-executor.2), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 2733.650666][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2733.662625][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2733.671655][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2733.681716][T15111] Call Trace: [ 2733.685039][T15111] dump_stack+0x172/0x1f0 [ 2733.689369][T15111] dump_header+0x177/0x1152 [ 2733.693864][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2733.699674][T15111] ? ___ratelimit+0x2c8/0x595 [ 2733.704351][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2733.710238][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2733.715504][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2733.720535][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2733.726179][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2733.731973][T15111] ? ___ratelimit+0x60/0x595 [ 2733.736567][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2733.741702][T15111] oom_kill_process.cold+0x10/0x15 [ 2733.746838][T15111] out_of_memory+0x334/0x1340 [ 2733.751528][T15111] ? lock_downgrade+0x920/0x920 [ 2733.756525][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2733.762334][T15111] ? oom_killer_disable+0x280/0x280 [ 2733.767559][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2733.773130][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2733.778075][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2733.783217][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2733.788338][T15111] try_charge+0xf4b/0x1440 [ 2733.793101][T15111] ? find_held_lock+0x35/0x130 [ 2733.797855][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2733.803498][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2733.809064][T15111] ? find_held_lock+0x35/0x130 [ 2733.813846][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2733.819415][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2733.825535][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2733.830881][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2733.836436][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2733.841727][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2733.847091][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2733.852714][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2733.858556][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2733.863802][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2733.869862][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2733.875207][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.880261][T15111] copy_process+0x3f8/0x6860 [ 2733.884855][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.890094][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2733.895519][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.900565][T15111] ? mark_lock+0xc2/0x1220 [ 2733.905040][T15111] ? __cleanup_sighand+0x60/0x60 [ 2733.910088][T15111] ? find_held_lock+0x35/0x130 [ 2733.914849][T15111] _do_fork+0x146/0xf90 [ 2733.919037][T15111] ? copy_init_mm+0x20/0x20 [ 2733.923699][T15111] ? __kasan_check_read+0x11/0x20 [ 2733.929002][T15111] ? _copy_to_user+0x118/0x160 [ 2733.933870][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2733.940113][T15111] ? put_timespec64+0xda/0x140 [ 2733.945062][T15111] __x64_sys_clone+0x18d/0x250 [ 2733.949921][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2733.954796][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2733.960138][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2733.965305][T15111] do_syscall_64+0xfa/0x760 [ 2733.969832][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2733.976873][T15111] RIP: 0033:0x45802a [ 2733.980891][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2734.002077][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2734.011336][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2734.019446][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2734.027673][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2734.036548][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2734.045129][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2734.053952][T15111] memory: usage 186052kB, limit 0kB, failcnt 553 [ 2734.060945][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2734.067957][T15111] Memory cgroup stats for /syz2: [ 2734.068057][T15111] anon 167804928 [ 2734.068057][T15111] file 36864 [ 2734.068057][T15111] kernel_stack 2424832 [ 2734.068057][T15111] slab 10944512 [ 2734.068057][T15111] sock 106496 [ 2734.068057][T15111] shmem 0 [ 2734.068057][T15111] file_mapped 0 [ 2734.068057][T15111] file_dirty 135168 [ 2734.068057][T15111] file_writeback 0 [ 2734.068057][T15111] anon_thp 153092096 [ 2734.068057][T15111] inactive_anon 245760 [ 2734.068057][T15111] active_anon 167809024 [ 2734.068057][T15111] inactive_file 118784 [ 2734.068057][T15111] active_file 65536 [ 2734.068057][T15111] unevictable 0 [ 2734.068057][T15111] slab_reclaimable 3379200 [ 2734.068057][T15111] slab_unreclaimable 7565312 [ 2734.068057][T15111] pgfault 396165 [ 2734.068057][T15111] pgmajfault 0 [ 2734.068057][T15111] workingset_refault 0 [ 2734.068057][T15111] workingset_activate 0 [ 2734.068057][T15111] workingset_nodereclaim 0 [ 2734.068057][T15111] pgrefill 74 [ 2734.068057][T15111] pgscan 1900 [ 2734.068057][T15111] pgsteal 1760 [ 2734.168804][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=4955,uid=0 [ 2734.184388][T15111] Memory cgroup out of memory: Killed process 4955 (syz-executor.2) total-vm:72704kB, anon-rss:4256kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2734.205476][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2734.205498][ T1058] oom_reaper: reaped process 4955 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 2734.217583][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2734.217592][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2734.217598][T15111] Call Trace: [ 2734.217629][T15111] dump_stack+0x172/0x1f0 [ 2734.217651][T15111] dump_header+0x177/0x1152 [ 2734.217670][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2734.217682][T15111] ? ___ratelimit+0x2c8/0x595 [ 2734.217695][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2734.217724][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2734.281796][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2734.286998][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2734.293067][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2734.298875][T15111] ? ___ratelimit+0x60/0x595 [ 2734.303471][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2734.308581][T15111] oom_kill_process.cold+0x10/0x15 [ 2734.313683][T15111] out_of_memory+0x334/0x1340 [ 2734.318367][T15111] ? lock_downgrade+0x920/0x920 [ 2734.323210][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2734.329004][T15111] ? oom_killer_disable+0x280/0x280 [ 2734.334199][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2734.339766][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2734.344735][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2734.349864][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2734.354726][T15111] try_charge+0xf4b/0x1440 [ 2734.359141][T15111] ? find_held_lock+0x35/0x130 [ 2734.363914][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2734.369448][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2734.375092][T15111] ? find_held_lock+0x35/0x130 [ 2734.380301][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2734.385856][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2734.391399][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2734.396624][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2734.402168][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2734.407293][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2734.414112][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2734.419646][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2734.425354][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2734.430549][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2734.435825][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2734.440928][T15111] ? __kasan_check_read+0x11/0x20 [ 2734.445949][T15111] copy_process+0x3f8/0x6860 [ 2734.450537][T15111] ? __kasan_check_read+0x11/0x20 [ 2734.455552][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2734.460676][T15111] ? __kasan_check_read+0x11/0x20 [ 2734.465731][T15111] ? mark_lock+0xc2/0x1220 [ 2734.470535][T15111] ? __cleanup_sighand+0x60/0x60 [ 2734.476252][T15111] ? find_held_lock+0x35/0x130 [ 2734.481064][T15111] _do_fork+0x146/0xf90 [ 2734.485213][T15111] ? copy_init_mm+0x20/0x20 [ 2734.489840][T15111] ? __kasan_check_read+0x11/0x20 [ 2734.494889][T15111] ? _copy_to_user+0x118/0x160 [ 2734.499674][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2734.507241][T15111] ? put_timespec64+0xda/0x140 [ 2734.512003][T15111] __x64_sys_clone+0x18d/0x250 [ 2734.516768][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2734.521660][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2734.527309][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2734.532330][T15111] do_syscall_64+0xfa/0x760 [ 2734.536834][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2734.542713][T15111] RIP: 0033:0x45802a [ 2734.546881][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2734.566734][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2734.575225][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2734.583629][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2734.591690][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2734.599885][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2734.608375][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2734.622122][T15111] memory: usage 181268kB, limit 0kB, failcnt 559 [ 2734.629100][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2734.639510][T15111] Memory cgroup stats for /syz2: [ 2734.639622][T15111] anon 163463168 [ 2734.639622][T15111] file 36864 [ 2734.639622][T15111] kernel_stack 2424832 [ 2734.639622][T15111] slab 10498048 [ 2734.639622][T15111] sock 106496 [ 2734.639622][T15111] shmem 0 [ 2734.639622][T15111] file_mapped 0 [ 2734.639622][T15111] file_dirty 135168 [ 2734.639622][T15111] file_writeback 0 [ 2734.639622][T15111] anon_thp 148897792 [ 2734.639622][T15111] inactive_anon 245760 [ 2734.639622][T15111] active_anon 163467264 [ 2734.639622][T15111] inactive_file 118784 [ 2734.639622][T15111] active_file 65536 [ 2734.639622][T15111] unevictable 0 [ 2734.639622][T15111] slab_reclaimable 3379200 [ 2734.639622][T15111] slab_unreclaimable 7118848 [ 2734.639622][T15111] pgfault 396165 [ 2734.639622][T15111] pgmajfault 0 [ 2734.639622][T15111] workingset_refault 0 [ 2734.639622][T15111] workingset_activate 0 [ 2734.639622][T15111] workingset_nodereclaim 0 [ 2734.639622][T15111] pgrefill 74 [ 2734.639622][T15111] pgscan 1900 [ 2734.639622][T15111] pgsteal 1760 [ 2734.734831][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=5029,uid=0 [ 2734.750715][T15111] Memory cgroup out of memory: Killed process 5029 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2734.772102][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2734.778574][ T1058] oom_reaper: reaped process 5029 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 2734.784041][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2734.803987][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2734.814059][T15111] Call Trace: [ 2734.817354][T15111] dump_stack+0x172/0x1f0 [ 2734.821675][T15111] dump_header+0x177/0x1152 [ 2734.826178][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2734.831973][T15111] ? ___ratelimit+0x2c8/0x595 [ 2734.836642][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2734.842552][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2734.847847][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2734.852921][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2734.858566][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2734.864540][T15111] ? ___ratelimit+0x60/0x595 [ 2734.869118][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2734.874289][T15111] oom_kill_process.cold+0x10/0x15 [ 2734.879404][T15111] out_of_memory+0x334/0x1340 [ 2734.884091][T15111] ? lock_downgrade+0x920/0x920 [ 2734.888947][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2734.894870][T15111] ? oom_killer_disable+0x280/0x280 [ 2734.900269][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2734.905813][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2734.910750][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2734.915852][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2734.920706][T15111] try_charge+0xf4b/0x1440 [ 2734.925108][T15111] ? find_held_lock+0x35/0x130 [ 2734.929955][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2734.935491][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2734.941377][T15111] ? find_held_lock+0x35/0x130 [ 2734.946131][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2734.953585][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2734.959144][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2734.964338][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2734.969886][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2734.974991][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2734.980391][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2734.986087][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2734.991820][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2734.997027][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2735.002311][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2735.007324][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.012347][T15111] copy_process+0x3f8/0x6860 [ 2735.016938][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.021996][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2735.027010][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.032056][T15111] ? mark_lock+0xc2/0x1220 [ 2735.036482][T15111] ? __cleanup_sighand+0x60/0x60 [ 2735.041423][T15111] ? find_held_lock+0x35/0x130 [ 2735.046186][T15111] _do_fork+0x146/0xf90 [ 2735.050357][T15111] ? copy_init_mm+0x20/0x20 [ 2735.054882][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.059922][T15111] ? _copy_to_user+0x118/0x160 [ 2735.064694][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2735.070924][T15111] ? put_timespec64+0xda/0x140 [ 2735.075714][T15111] __x64_sys_clone+0x18d/0x250 [ 2735.080479][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2735.085341][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2735.090630][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2735.095677][T15111] do_syscall_64+0xfa/0x760 [ 2735.100201][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2735.106227][T15111] RIP: 0033:0x45802a [ 2735.110119][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2735.129956][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2735.138381][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2735.146347][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2735.154326][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2735.162292][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2735.171587][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2735.180107][T15111] memory: usage 176820kB, limit 0kB, failcnt 565 [ 2735.186475][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2735.193451][T15111] Memory cgroup stats for /syz2: [ 2735.193546][T15111] anon 159133696 [ 2735.193546][T15111] file 36864 [ 2735.193546][T15111] kernel_stack 2359296 [ 2735.193546][T15111] slab 10498048 [ 2735.193546][T15111] sock 106496 [ 2735.193546][T15111] shmem 0 [ 2735.193546][T15111] file_mapped 0 [ 2735.193546][T15111] file_dirty 135168 [ 2735.193546][T15111] file_writeback 0 [ 2735.193546][T15111] anon_thp 144703488 [ 2735.193546][T15111] inactive_anon 245760 [ 2735.193546][T15111] active_anon 159137792 [ 2735.193546][T15111] inactive_file 118784 [ 2735.193546][T15111] active_file 65536 [ 2735.193546][T15111] unevictable 0 [ 2735.193546][T15111] slab_reclaimable 3379200 [ 2735.193546][T15111] slab_unreclaimable 7118848 [ 2735.193546][T15111] pgfault 396165 [ 2735.193546][T15111] pgmajfault 0 [ 2735.193546][T15111] workingset_refault 0 [ 2735.193546][T15111] workingset_activate 0 [ 2735.193546][T15111] workingset_nodereclaim 0 [ 2735.193546][T15111] pgrefill 74 [ 2735.193546][T15111] pgscan 1900 [ 2735.193546][T15111] pgsteal 1760 [ 2735.288835][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23472,uid=0 [ 2735.304448][T15111] Memory cgroup out of memory: Killed process 23472 (syz-executor.2) total-vm:72704kB, anon-rss:4256kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000 [ 2735.326681][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2735.329987][ T1058] oom_reaper: reaped process 23472 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 2735.338793][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2735.338804][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2735.338810][T15111] Call Trace: [ 2735.338846][T15111] dump_stack+0x172/0x1f0 [ 2735.338869][T15111] dump_header+0x177/0x1152 [ 2735.381550][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2735.387349][T15111] ? ___ratelimit+0x2c8/0x595 [ 2735.392032][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2735.397877][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2735.403202][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2735.408255][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2735.413898][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2735.419901][T15111] ? ___ratelimit+0x60/0x595 [ 2735.424504][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2735.429620][T15111] oom_kill_process.cold+0x10/0x15 [ 2735.434735][T15111] out_of_memory+0x334/0x1340 [ 2735.439402][T15111] ? lock_downgrade+0x920/0x920 [ 2735.444262][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2735.450071][T15111] ? oom_killer_disable+0x280/0x280 [ 2735.455283][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2735.460833][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2735.465809][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2735.470935][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2735.475775][T15111] try_charge+0xf4b/0x1440 [ 2735.480175][T15111] ? find_held_lock+0x35/0x130 [ 2735.484948][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2735.490493][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2735.496204][T15111] ? find_held_lock+0x35/0x130 [ 2735.500985][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2735.506549][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2735.512098][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2735.517291][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2735.522858][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2735.527965][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2735.533345][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2735.538908][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2735.544685][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2735.549881][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2735.555375][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2735.560393][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.565453][T15111] copy_process+0x3f8/0x6860 [ 2735.570055][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.575111][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2735.580154][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.585193][T15111] ? mark_lock+0xc2/0x1220 [ 2735.589703][T15111] ? __cleanup_sighand+0x60/0x60 [ 2735.594940][T15111] ? find_held_lock+0x35/0x130 [ 2735.599799][T15111] _do_fork+0x146/0xf90 [ 2735.603974][T15111] ? copy_init_mm+0x20/0x20 [ 2735.608469][T15111] ? __kasan_check_read+0x11/0x20 [ 2735.613481][T15111] ? _copy_to_user+0x118/0x160 [ 2735.618245][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2735.624493][T15111] ? put_timespec64+0xda/0x140 [ 2735.629261][T15111] __x64_sys_clone+0x18d/0x250 [ 2735.634014][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2735.638869][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2735.644171][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2735.649229][T15111] do_syscall_64+0xfa/0x760 [ 2735.653987][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2735.659881][T15111] RIP: 0033:0x45802a [ 2735.663774][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2735.683592][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2735.692081][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2735.700078][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2735.708070][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2735.716059][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2735.724444][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2735.733675][T15111] memory: usage 172396kB, limit 0kB, failcnt 571 [ 2735.740138][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2735.747097][T15111] Memory cgroup stats for /syz2: [ 2735.747204][T15111] anon 154816512 [ 2735.747204][T15111] file 36864 [ 2735.747204][T15111] kernel_stack 2293760 [ 2735.747204][T15111] slab 10498048 [ 2735.747204][T15111] sock 106496 [ 2735.747204][T15111] shmem 0 [ 2735.747204][T15111] file_mapped 0 [ 2735.747204][T15111] file_dirty 135168 [ 2735.747204][T15111] file_writeback 0 [ 2735.747204][T15111] anon_thp 140509184 [ 2735.747204][T15111] inactive_anon 245760 [ 2735.747204][T15111] active_anon 154820608 [ 2735.747204][T15111] inactive_file 118784 [ 2735.747204][T15111] active_file 65536 [ 2735.747204][T15111] unevictable 0 [ 2735.747204][T15111] slab_reclaimable 3379200 [ 2735.747204][T15111] slab_unreclaimable 7118848 [ 2735.747204][T15111] pgfault 396165 [ 2735.747204][T15111] pgmajfault 0 [ 2735.747204][T15111] workingset_refault 0 [ 2735.747204][T15111] workingset_activate 0 [ 2735.747204][T15111] workingset_nodereclaim 0 [ 2735.747204][T15111] pgrefill 74 [ 2735.747204][T15111] pgscan 1900 [ 2735.747204][T15111] pgsteal 1760 [ 2735.844104][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=25041,uid=0 [ 2735.860162][T15111] Memory cgroup out of memory: Killed process 25041 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2735.881345][ T1058] oom_reaper: reaped process 25041 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2735.881422][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2735.905251][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2735.914441][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2735.924515][T15111] Call Trace: [ 2735.928092][T15111] dump_stack+0x172/0x1f0 [ 2735.932554][T15111] dump_header+0x177/0x1152 [ 2735.937110][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2735.943103][T15111] ? ___ratelimit+0x2c8/0x595 [ 2735.947810][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2735.953917][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2735.959471][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2735.964592][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2735.970256][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2735.976275][T15111] ? ___ratelimit+0x60/0x595 [ 2735.981012][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2735.986243][T15111] oom_kill_process.cold+0x10/0x15 [ 2735.991361][T15111] out_of_memory+0x334/0x1340 [ 2735.996050][T15111] ? lock_downgrade+0x920/0x920 [ 2736.001064][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2736.007021][T15111] ? oom_killer_disable+0x280/0x280 [ 2736.012578][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2736.018339][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2736.023333][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2736.028602][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2736.033495][T15111] try_charge+0xf4b/0x1440 [ 2736.038210][T15111] ? find_held_lock+0x35/0x130 [ 2736.043467][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2736.049219][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2736.055044][T15111] ? find_held_lock+0x35/0x130 [ 2736.060097][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2736.065649][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2736.072158][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2736.077383][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2736.083227][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2736.088369][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2736.093786][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2736.099696][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2736.105906][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2736.111312][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2736.119008][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2736.124234][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.129380][T15111] copy_process+0x3f8/0x6860 [ 2736.134195][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.139556][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2736.145586][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.151532][T15111] ? mark_lock+0xc2/0x1220 [ 2736.156089][T15111] ? __cleanup_sighand+0x60/0x60 [ 2736.161590][T15111] ? find_held_lock+0x35/0x130 [ 2736.166613][T15111] _do_fork+0x146/0xf90 [ 2736.171665][T15111] ? copy_init_mm+0x20/0x20 [ 2736.177246][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.182509][T15111] ? _copy_to_user+0x118/0x160 [ 2736.187747][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2736.194288][T15111] ? put_timespec64+0xda/0x140 [ 2736.199529][T15111] __x64_sys_clone+0x18d/0x250 [ 2736.204868][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2736.209991][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2736.215421][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2736.220750][T15111] do_syscall_64+0xfa/0x760 [ 2736.225377][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2736.231770][T15111] RIP: 0033:0x45802a [ 2736.236067][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2736.264650][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2736.276425][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2736.285306][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2736.293475][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2736.302256][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2736.310411][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2736.321787][T15111] memory: usage 168036kB, limit 0kB, failcnt 577 [ 2736.330535][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2736.338254][T15111] Memory cgroup stats for /syz2: [ 2736.338377][T15111] anon 150507520 [ 2736.338377][T15111] file 36864 [ 2736.338377][T15111] kernel_stack 2293760 [ 2736.338377][T15111] slab 10498048 [ 2736.338377][T15111] sock 106496 [ 2736.338377][T15111] shmem 0 [ 2736.338377][T15111] file_mapped 0 [ 2736.338377][T15111] file_dirty 135168 [ 2736.338377][T15111] file_writeback 0 [ 2736.338377][T15111] anon_thp 136314880 [ 2736.338377][T15111] inactive_anon 245760 [ 2736.338377][T15111] active_anon 150511616 [ 2736.338377][T15111] inactive_file 118784 [ 2736.338377][T15111] active_file 65536 [ 2736.338377][T15111] unevictable 0 [ 2736.338377][T15111] slab_reclaimable 3379200 [ 2736.338377][T15111] slab_unreclaimable 7118848 [ 2736.338377][T15111] pgfault 396165 [ 2736.338377][T15111] pgmajfault 0 [ 2736.338377][T15111] workingset_refault 0 [ 2736.338377][T15111] workingset_activate 0 [ 2736.338377][T15111] workingset_nodereclaim 0 [ 2736.338377][T15111] pgrefill 74 [ 2736.338377][T15111] pgscan 1900 [ 2736.338377][T15111] pgsteal 1760 [ 2736.444838][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24995,uid=0 [ 2736.460726][T15111] Memory cgroup out of memory: Killed process 24995 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2736.484006][ T1058] oom_reaper: reaped process 24995 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2736.488725][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2736.511135][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2736.521772][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2736.532411][T15111] Call Trace: [ 2736.537548][T15111] dump_stack+0x172/0x1f0 [ 2736.542641][T15111] dump_header+0x177/0x1152 [ 2736.547373][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2736.554313][T15111] ? ___ratelimit+0x2c8/0x595 [ 2736.559539][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2736.565863][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2736.571330][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2736.578016][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2736.583980][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2736.590312][T15111] ? ___ratelimit+0x60/0x595 [ 2736.595649][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2736.601640][T15111] oom_kill_process.cold+0x10/0x15 [ 2736.607385][T15111] out_of_memory+0x334/0x1340 [ 2736.612676][T15111] ? lock_downgrade+0x920/0x920 [ 2736.617999][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2736.624335][T15111] ? oom_killer_disable+0x280/0x280 [ 2736.630924][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2736.638203][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2736.644026][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2736.649571][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2736.654802][T15111] try_charge+0xf4b/0x1440 [ 2736.659488][T15111] ? find_held_lock+0x35/0x130 [ 2736.664908][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2736.670495][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2736.676445][T15111] ? find_held_lock+0x35/0x130 [ 2736.681717][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2736.689236][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2736.695085][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2736.701555][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2736.707641][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2736.712787][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2736.718609][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2736.724835][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2736.730864][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2736.736301][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2736.743449][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2736.750361][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.756851][T15111] copy_process+0x3f8/0x6860 [ 2736.762557][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.768879][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2736.774969][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.781497][T15111] ? mark_lock+0xc2/0x1220 [ 2736.788113][T15111] ? __cleanup_sighand+0x60/0x60 [ 2736.794323][T15111] ? find_held_lock+0x35/0x130 [ 2736.800110][T15111] _do_fork+0x146/0xf90 [ 2736.805196][T15111] ? copy_init_mm+0x20/0x20 [ 2736.812105][T15111] ? __kasan_check_read+0x11/0x20 [ 2736.818000][T15111] ? _copy_to_user+0x118/0x160 [ 2736.823644][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2736.830939][T15111] ? put_timespec64+0xda/0x140 [ 2736.838659][T15111] __x64_sys_clone+0x18d/0x250 [ 2736.844768][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2736.850453][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2736.857441][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2736.864262][T15111] do_syscall_64+0xfa/0x760 [ 2736.871057][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2736.882197][T15111] RIP: 0033:0x45802a [ 2736.888011][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2736.912945][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2736.923642][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2736.934045][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2736.942640][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2736.953627][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2736.962692][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2736.977985][T15111] memory: usage 163676kB, limit 0kB, failcnt 583 [ 2736.984721][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2736.992473][T15111] Memory cgroup stats for /syz2: [ 2736.992572][T15111] anon 146206720 [ 2736.992572][T15111] file 36864 [ 2736.992572][T15111] kernel_stack 2228224 [ 2736.992572][T15111] slab 10498048 [ 2736.992572][T15111] sock 106496 [ 2736.992572][T15111] shmem 0 [ 2736.992572][T15111] file_mapped 0 [ 2736.992572][T15111] file_dirty 135168 [ 2736.992572][T15111] file_writeback 0 [ 2736.992572][T15111] anon_thp 132120576 [ 2736.992572][T15111] inactive_anon 245760 [ 2736.992572][T15111] active_anon 146210816 [ 2736.992572][T15111] inactive_file 118784 [ 2736.992572][T15111] active_file 65536 [ 2736.992572][T15111] unevictable 0 [ 2736.992572][T15111] slab_reclaimable 3379200 [ 2736.992572][T15111] slab_unreclaimable 7118848 [ 2736.992572][T15111] pgfault 396165 [ 2736.992572][T15111] pgmajfault 0 [ 2736.992572][T15111] workingset_refault 0 [ 2736.992572][T15111] workingset_activate 0 [ 2736.992572][T15111] workingset_nodereclaim 0 [ 2736.992572][T15111] pgrefill 74 [ 2736.992572][T15111] pgscan 1900 [ 2736.992572][T15111] pgsteal 1760 [ 2737.101150][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24954,uid=0 [ 2737.119753][T15111] Memory cgroup out of memory: Killed process 24954 (syz-executor.2) total-vm:72572kB, anon-rss:4248kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 2737.144691][ T1058] oom_reaper: reaped process 24954 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2737.161528][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2737.177125][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2737.186968][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2737.199137][T15111] Call Trace: [ 2737.202475][T15111] dump_stack+0x172/0x1f0 [ 2737.207026][T15111] dump_header+0x177/0x1152 [ 2737.211900][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2737.218502][T15111] ? ___ratelimit+0x2c8/0x595 [ 2737.223298][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2737.230176][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2737.236351][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2737.241572][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2737.247746][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2737.254185][T15111] ? ___ratelimit+0x60/0x595 [ 2737.259373][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2737.264768][T15111] oom_kill_process.cold+0x10/0x15 [ 2737.270006][T15111] out_of_memory+0x334/0x1340 [ 2737.275275][T15111] ? lock_downgrade+0x920/0x920 [ 2737.280607][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2737.287151][T15111] ? oom_killer_disable+0x280/0x280 [ 2737.293394][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2737.299838][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2737.305781][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2737.311381][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2737.316808][T15111] try_charge+0xf4b/0x1440 [ 2737.322005][T15111] ? find_held_lock+0x35/0x130 [ 2737.327657][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2737.337455][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2737.343130][T15111] ? find_held_lock+0x35/0x130 [ 2737.348567][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2737.354305][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2737.360846][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2737.366929][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2737.376334][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2737.382326][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2737.388607][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2737.394608][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2737.401353][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2737.406886][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2737.413500][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2737.418987][T15111] ? __kasan_check_read+0x11/0x20 [ 2737.424063][T15111] copy_process+0x3f8/0x6860 [ 2737.429306][T15111] ? __kasan_check_read+0x11/0x20 [ 2737.434595][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2737.439756][T15111] ? __kasan_check_read+0x11/0x20 [ 2737.445560][T15111] ? mark_lock+0xc2/0x1220 [ 2737.450454][T15111] ? __cleanup_sighand+0x60/0x60 [ 2737.455753][T15111] ? find_held_lock+0x35/0x130 [ 2737.461412][T15111] _do_fork+0x146/0xf90 [ 2737.466140][T15111] ? copy_init_mm+0x20/0x20 [ 2737.471098][T15111] ? __kasan_check_read+0x11/0x20 [ 2737.476821][T15111] ? _copy_to_user+0x118/0x160 [ 2737.481709][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2737.488063][T15111] ? put_timespec64+0xda/0x140 [ 2737.493187][T15111] __x64_sys_clone+0x18d/0x250 [ 2737.499000][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2737.504063][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2737.509386][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2737.515063][T15111] do_syscall_64+0xfa/0x760 [ 2737.520361][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2737.527215][T15111] RIP: 0033:0x45802a [ 2737.531373][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2737.553293][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2737.564389][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2737.576384][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2737.589659][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2737.603071][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2737.616077][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2737.630374][ C0] net_ratelimit: 12 callbacks suppressed [ 2737.630386][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2737.649872][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2737.663766][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2737.675499][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2737.685575][T15111] memory: usage 159304kB, limit 0kB, failcnt 589 [ 2737.695076][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2737.704416][T15111] Memory cgroup stats for /syz2: [ 2737.704539][T15111] anon 141893632 [ 2737.704539][T15111] file 36864 [ 2737.704539][T15111] kernel_stack 2162688 [ 2737.704539][T15111] slab 10498048 [ 2737.704539][T15111] sock 106496 [ 2737.704539][T15111] shmem 0 [ 2737.704539][T15111] file_mapped 0 [ 2737.704539][T15111] file_dirty 135168 [ 2737.704539][T15111] file_writeback 0 [ 2737.704539][T15111] anon_thp 127926272 [ 2737.704539][T15111] inactive_anon 245760 [ 2737.704539][T15111] active_anon 141897728 [ 2737.704539][T15111] inactive_file 118784 [ 2737.704539][T15111] active_file 65536 [ 2737.704539][T15111] unevictable 0 [ 2737.704539][T15111] slab_reclaimable 3379200 [ 2737.704539][T15111] slab_unreclaimable 7118848 [ 2737.704539][T15111] pgfault 396165 [ 2737.704539][T15111] pgmajfault 0 [ 2737.704539][T15111] workingset_refault 0 [ 2737.704539][T15111] workingset_activate 0 [ 2737.704539][T15111] workingset_nodereclaim 0 [ 2737.704539][T15111] pgrefill 74 [ 2737.704539][T15111] pgscan 1900 [ 2737.704539][T15111] pgsteal 1760 [ 2737.814936][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2737.815225][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2737.817393][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2737.821863][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17051,uid=0 [ 2737.829223][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2737.835145][T15111] Memory cgroup out of memory: Killed process 17051 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2737.889614][ T1058] oom_reaper: reaped process 17051 (syz-executor.2), now anon-rss:0kB, file-rss:34924kB, shmem-rss:0kB [ 2737.893728][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2737.915780][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2737.926958][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2737.937946][T15111] Call Trace: [ 2737.941459][T15111] dump_stack+0x172/0x1f0 [ 2737.945919][T15111] dump_header+0x177/0x1152 [ 2737.951997][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2737.958142][T15111] ? ___ratelimit+0x2c8/0x595 [ 2737.963455][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2737.969922][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2737.975600][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2737.980757][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2737.986509][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2737.992868][T15111] ? ___ratelimit+0x60/0x595 [ 2737.997504][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2738.002854][T15111] oom_kill_process.cold+0x10/0x15 [ 2738.008717][T15111] out_of_memory+0x334/0x1340 [ 2738.014488][T15111] ? lock_downgrade+0x920/0x920 [ 2738.019622][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2738.029271][T15111] ? oom_killer_disable+0x280/0x280 [ 2738.034972][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2738.040736][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2738.046092][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2738.052083][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2738.057408][T15111] try_charge+0xf4b/0x1440 [ 2738.061964][T15111] ? find_held_lock+0x35/0x130 [ 2738.067250][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2738.073439][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2738.079862][T15111] ? find_held_lock+0x35/0x130 [ 2738.084900][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2738.091004][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2738.097566][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2738.104122][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2738.110494][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2738.117762][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2738.123793][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2738.129925][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2738.136254][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2738.142104][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2738.147823][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2738.154016][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.159736][T15111] copy_process+0x3f8/0x6860 [ 2738.164359][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.170081][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2738.175628][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.181020][T15111] ? mark_lock+0xc2/0x1220 [ 2738.186467][T15111] ? __cleanup_sighand+0x60/0x60 [ 2738.192673][T15111] ? find_held_lock+0x35/0x130 [ 2738.197748][T15111] _do_fork+0x146/0xf90 [ 2738.202060][T15111] ? copy_init_mm+0x20/0x20 [ 2738.207064][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.212387][T15111] ? _copy_to_user+0x118/0x160 [ 2738.217465][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2738.225026][T15111] ? put_timespec64+0xda/0x140 [ 2738.230065][T15111] __x64_sys_clone+0x18d/0x250 [ 2738.235297][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2738.240302][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2738.245881][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2738.251266][T15111] do_syscall_64+0xfa/0x760 [ 2738.256113][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2738.262780][T15111] RIP: 0033:0x45802a [ 2738.266983][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2738.291144][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2738.300701][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2738.309636][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2738.318210][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2738.326747][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2738.336189][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2738.349324][T15111] memory: usage 156972kB, limit 0kB, failcnt 595 [ 2738.356460][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2738.367219][T15111] Memory cgroup stats for /syz2: [ 2738.367352][T15111] anon 139759616 [ 2738.367352][T15111] file 36864 [ 2738.367352][T15111] kernel_stack 2162688 [ 2738.367352][T15111] slab 10498048 [ 2738.367352][T15111] sock 106496 [ 2738.367352][T15111] shmem 0 [ 2738.367352][T15111] file_mapped 0 [ 2738.367352][T15111] file_dirty 135168 [ 2738.367352][T15111] file_writeback 0 [ 2738.367352][T15111] anon_thp 125829120 [ 2738.367352][T15111] inactive_anon 245760 [ 2738.367352][T15111] active_anon 139763712 [ 2738.367352][T15111] inactive_file 118784 [ 2738.367352][T15111] active_file 65536 [ 2738.367352][T15111] unevictable 0 [ 2738.367352][T15111] slab_reclaimable 3379200 [ 2738.367352][T15111] slab_unreclaimable 7118848 [ 2738.367352][T15111] pgfault 396165 [ 2738.367352][T15111] pgmajfault 0 [ 2738.367352][T15111] workingset_refault 0 [ 2738.367352][T15111] workingset_activate 0 [ 2738.367352][T15111] workingset_nodereclaim 0 [ 2738.367352][T15111] pgrefill 74 [ 2738.367352][T15111] pgscan 1900 [ 2738.367352][T15111] pgsteal 1760 [ 2738.470494][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17004,uid=0 [ 2738.487224][T15111] Memory cgroup out of memory: Killed process 17004 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2738.508130][ T1058] oom_reaper: reaped process 17004 (syz-executor.2), now anon-rss:0kB, file-rss:34924kB, shmem-rss:0kB [ 2738.509184][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2738.532889][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2738.542244][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2738.553110][T15111] Call Trace: [ 2738.556777][T15111] dump_stack+0x172/0x1f0 [ 2738.561340][T15111] dump_header+0x177/0x1152 [ 2738.566120][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2738.572317][T15111] ? ___ratelimit+0x2c8/0x595 [ 2738.577008][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2738.582852][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2738.588397][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2738.593857][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2738.599529][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2738.605358][T15111] ? ___ratelimit+0x60/0x595 [ 2738.609949][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2738.615459][T15111] oom_kill_process.cold+0x10/0x15 [ 2738.620634][T15111] out_of_memory+0x334/0x1340 [ 2738.626145][T15111] ? lock_downgrade+0x920/0x920 [ 2738.631476][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2738.637847][T15111] ? oom_killer_disable+0x280/0x280 [ 2738.643078][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2738.649125][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2738.654571][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2738.660063][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2738.665278][T15111] try_charge+0xf4b/0x1440 [ 2738.670077][T15111] ? find_held_lock+0x35/0x130 [ 2738.675553][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2738.681260][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2738.687659][T15111] ? find_held_lock+0x35/0x130 [ 2738.692721][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2738.698954][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2738.704623][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2738.711000][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2738.716913][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2738.722877][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2738.728973][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2738.735435][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2738.743230][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2738.749091][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2738.755280][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2738.757387][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2738.760779][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.768704][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2738.775099][T15111] copy_process+0x3f8/0x6860 [ 2738.786877][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.794593][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2738.802776][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.809475][T15111] ? mark_lock+0xc2/0x1220 [ 2738.816633][T15111] ? __cleanup_sighand+0x60/0x60 [ 2738.822663][T15111] ? find_held_lock+0x35/0x130 [ 2738.831896][T15111] _do_fork+0x146/0xf90 [ 2738.840635][T15111] ? copy_init_mm+0x20/0x20 [ 2738.849569][T15111] ? __kasan_check_read+0x11/0x20 [ 2738.857509][T15111] ? _copy_to_user+0x118/0x160 [ 2738.864519][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2738.871495][T15111] ? put_timespec64+0xda/0x140 [ 2738.877187][T15111] __x64_sys_clone+0x18d/0x250 [ 2738.882218][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2738.887134][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2738.892717][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2738.898347][T15111] do_syscall_64+0xfa/0x760 [ 2738.903156][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2738.911058][T15111] RIP: 0033:0x45802a [ 2738.915348][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2738.939047][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2738.948406][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2738.957484][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2738.967053][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2738.975869][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2738.985071][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2738.999936][T15111] memory: usage 154640kB, limit 0kB, failcnt 601 [ 2739.006912][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2739.017050][T15111] Memory cgroup stats for /syz2: [ 2739.017193][T15111] anon 137461760 [ 2739.017193][T15111] file 36864 [ 2739.017193][T15111] kernel_stack 2097152 [ 2739.017193][T15111] slab 10498048 [ 2739.017193][T15111] sock 106496 [ 2739.017193][T15111] shmem 0 [ 2739.017193][T15111] file_mapped 0 [ 2739.017193][T15111] file_dirty 135168 [ 2739.017193][T15111] file_writeback 0 [ 2739.017193][T15111] anon_thp 123731968 [ 2739.017193][T15111] inactive_anon 245760 [ 2739.017193][T15111] active_anon 137465856 [ 2739.017193][T15111] inactive_file 118784 [ 2739.017193][T15111] active_file 65536 [ 2739.017193][T15111] unevictable 0 [ 2739.017193][T15111] slab_reclaimable 3379200 [ 2739.017193][T15111] slab_unreclaimable 7118848 [ 2739.017193][T15111] pgfault 396165 [ 2739.017193][T15111] pgmajfault 0 [ 2739.017193][T15111] workingset_refault 0 [ 2739.017193][T15111] workingset_activate 0 [ 2739.017193][T15111] workingset_nodereclaim 0 [ 2739.017193][T15111] pgrefill 74 [ 2739.017193][T15111] pgscan 1900 [ 2739.017193][T15111] pgsteal 1760 [ 2739.123829][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16988,uid=0 [ 2739.142240][T15111] Memory cgroup out of memory: Killed process 16988 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2739.164073][ T1058] oom_reaper: reaped process 16988 (syz-executor.2), now anon-rss:0kB, file-rss:34924kB, shmem-rss:0kB [ 2739.165264][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2739.189411][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2739.199318][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2739.211537][T15111] Call Trace: [ 2739.216743][T15111] dump_stack+0x172/0x1f0 [ 2739.222775][T15111] dump_header+0x177/0x1152 [ 2739.229619][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2739.236542][T15111] ? ___ratelimit+0x2c8/0x595 [ 2739.241709][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2739.247968][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2739.253829][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2739.259059][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2739.266061][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2739.273943][T15111] ? ___ratelimit+0x60/0x595 [ 2739.279419][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2739.286232][T15111] oom_kill_process.cold+0x10/0x15 [ 2739.292058][T15111] out_of_memory+0x334/0x1340 [ 2739.299604][T15111] ? lock_downgrade+0x920/0x920 [ 2739.305183][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2739.312764][T15111] ? oom_killer_disable+0x280/0x280 [ 2739.318584][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2739.325228][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2739.330553][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2739.336451][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2739.341798][T15111] try_charge+0xf4b/0x1440 [ 2739.346563][T15111] ? find_held_lock+0x35/0x130 [ 2739.353353][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2739.359015][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2739.366126][T15111] ? find_held_lock+0x35/0x130 [ 2739.371915][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2739.379041][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2739.387135][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2739.392938][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2739.399597][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2739.404934][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2739.411273][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2739.417105][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2739.423405][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2739.430512][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2739.436271][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2739.442072][T15111] ? __kasan_check_read+0x11/0x20 [ 2739.447376][T15111] copy_process+0x3f8/0x6860 [ 2739.453226][T15111] ? __kasan_check_read+0x11/0x20 [ 2739.459748][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2739.466305][T15111] ? __kasan_check_read+0x11/0x20 [ 2739.472673][T15111] ? mark_lock+0xc2/0x1220 [ 2739.477718][T15111] ? __cleanup_sighand+0x60/0x60 [ 2739.483069][T15111] ? find_held_lock+0x35/0x130 [ 2739.489235][T15111] _do_fork+0x146/0xf90 [ 2739.494724][T15111] ? copy_init_mm+0x20/0x20 [ 2739.500442][T15111] ? __kasan_check_read+0x11/0x20 [ 2739.505782][T15111] ? _copy_to_user+0x118/0x160 [ 2739.511003][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2739.517960][T15111] ? put_timespec64+0xda/0x140 [ 2739.524074][T15111] __x64_sys_clone+0x18d/0x250 [ 2739.529892][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2739.535815][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2739.541845][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2739.547742][T15111] do_syscall_64+0xfa/0x760 [ 2739.553785][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2739.560526][T15111] RIP: 0033:0x45802a [ 2739.564545][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2739.587178][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2739.596267][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2739.605820][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2739.613985][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2739.623546][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2739.633231][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2739.647416][T15111] memory: usage 152192kB, limit 0kB, failcnt 607 [ 2739.656162][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2739.663312][T15111] Memory cgroup stats for /syz2: [ 2739.663407][T15111] anon 135241728 [ 2739.663407][T15111] file 36864 [ 2739.663407][T15111] kernel_stack 2097152 [ 2739.663407][T15111] slab 10498048 [ 2739.663407][T15111] sock 106496 [ 2739.663407][T15111] shmem 0 [ 2739.663407][T15111] file_mapped 0 [ 2739.663407][T15111] file_dirty 135168 [ 2739.663407][T15111] file_writeback 0 [ 2739.663407][T15111] anon_thp 121634816 [ 2739.663407][T15111] inactive_anon 245760 [ 2739.663407][T15111] active_anon 135245824 [ 2739.663407][T15111] inactive_file 118784 [ 2739.663407][T15111] active_file 65536 [ 2739.663407][T15111] unevictable 0 [ 2739.663407][T15111] slab_reclaimable 3379200 [ 2739.663407][T15111] slab_unreclaimable 7118848 [ 2739.663407][T15111] pgfault 396165 [ 2739.663407][T15111] pgmajfault 0 [ 2739.663407][T15111] workingset_refault 0 [ 2739.663407][T15111] workingset_activate 0 [ 2739.663407][T15111] workingset_nodereclaim 0 [ 2739.663407][T15111] pgrefill 74 [ 2739.663407][T15111] pgscan 1900 [ 2739.663407][T15111] pgsteal 1760 [ 2739.790225][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=32675,uid=0 [ 2739.810573][T15111] Memory cgroup out of memory: Killed process 32675 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2739.837127][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2739.839429][ T1058] oom_reaper: reaped process 32675 (syz-executor.2), now anon-rss:0kB, file-rss:34924kB, shmem-rss:0kB [ 2739.853279][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2739.880231][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2739.893035][T15111] Call Trace: [ 2739.897317][T15111] dump_stack+0x172/0x1f0 [ 2739.901668][T15111] dump_header+0x177/0x1152 [ 2739.906412][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2739.912706][T15111] ? ___ratelimit+0x2c8/0x595 [ 2739.920386][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2739.929066][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2739.935428][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2739.942197][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2739.948398][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2739.956670][T15111] ? ___ratelimit+0x60/0x595 [ 2739.963665][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2739.971888][T15111] oom_kill_process.cold+0x10/0x15 [ 2739.978742][T15111] out_of_memory+0x334/0x1340 [ 2739.983470][T15111] ? lock_downgrade+0x920/0x920 [ 2739.988868][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2739.994868][T15111] ? oom_killer_disable+0x280/0x280 [ 2740.001012][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2740.009164][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2740.015402][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2740.024641][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2740.029627][T15111] try_charge+0xf4b/0x1440 [ 2740.034655][T15111] ? find_held_lock+0x35/0x130 [ 2740.040265][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2740.046827][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2740.054172][T15111] ? find_held_lock+0x35/0x130 [ 2740.060921][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2740.068892][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2740.075198][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2740.081084][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2740.087659][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2740.093305][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2740.099173][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2740.105498][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2740.111542][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2740.118296][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2740.124145][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2740.130165][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.135235][T15111] copy_process+0x3f8/0x6860 [ 2740.140950][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.146846][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2740.152314][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.157750][T15111] ? mark_lock+0xc2/0x1220 [ 2740.162728][T15111] ? __cleanup_sighand+0x60/0x60 [ 2740.168282][T15111] ? find_held_lock+0x35/0x130 [ 2740.173421][T15111] _do_fork+0x146/0xf90 [ 2740.177797][T15111] ? copy_init_mm+0x20/0x20 [ 2740.184093][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.189857][T15111] ? _copy_to_user+0x118/0x160 [ 2740.195359][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2740.202090][T15111] ? put_timespec64+0xda/0x140 [ 2740.206875][T15111] __x64_sys_clone+0x18d/0x250 [ 2740.212727][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2740.218787][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2740.224184][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2740.230027][T15111] do_syscall_64+0xfa/0x760 [ 2740.234742][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2740.241244][T15111] RIP: 0033:0x45802a [ 2740.245614][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2740.266936][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2740.276202][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2740.285597][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2740.294256][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2740.303230][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2740.311626][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2740.328070][T15111] memory: usage 149860kB, limit 0kB, failcnt 613 [ 2740.335631][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2740.343677][T15111] Memory cgroup stats for /syz2: [ 2740.343792][T15111] anon 133021696 [ 2740.343792][T15111] file 36864 [ 2740.343792][T15111] kernel_stack 2031616 [ 2740.343792][T15111] slab 10498048 [ 2740.343792][T15111] sock 106496 [ 2740.343792][T15111] shmem 0 [ 2740.343792][T15111] file_mapped 0 [ 2740.343792][T15111] file_dirty 135168 [ 2740.343792][T15111] file_writeback 0 [ 2740.343792][T15111] anon_thp 119537664 [ 2740.343792][T15111] inactive_anon 245760 [ 2740.343792][T15111] active_anon 133025792 [ 2740.343792][T15111] inactive_file 118784 [ 2740.343792][T15111] active_file 65536 [ 2740.343792][T15111] unevictable 0 [ 2740.343792][T15111] slab_reclaimable 3379200 [ 2740.343792][T15111] slab_unreclaimable 7118848 [ 2740.343792][T15111] pgfault 396165 [ 2740.343792][T15111] pgmajfault 0 [ 2740.343792][T15111] workingset_refault 0 [ 2740.343792][T15111] workingset_activate 0 [ 2740.343792][T15111] workingset_nodereclaim 0 [ 2740.343792][T15111] pgrefill 74 [ 2740.343792][T15111] pgscan 1900 [ 2740.343792][T15111] pgsteal 1760 [ 2740.450803][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=20836,uid=0 [ 2740.468981][T15111] Memory cgroup out of memory: Killed process 20836 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35880kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2740.490945][ T1058] oom_reaper: reaped process 20836 (syz-executor.2), now anon-rss:0kB, file-rss:34920kB, shmem-rss:0kB [ 2740.491942][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2740.515333][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2740.524655][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2740.535370][T15111] Call Trace: [ 2740.539045][T15111] dump_stack+0x172/0x1f0 [ 2740.543449][T15111] dump_header+0x177/0x1152 [ 2740.548043][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2740.554028][T15111] ? ___ratelimit+0x2c8/0x595 [ 2740.558932][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2740.566305][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2740.571966][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2740.577196][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2740.583594][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2740.590589][T15111] ? ___ratelimit+0x60/0x595 [ 2740.598258][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2740.605437][T15111] oom_kill_process.cold+0x10/0x15 [ 2740.611427][T15111] out_of_memory+0x334/0x1340 [ 2740.616662][T15111] ? lock_downgrade+0x920/0x920 [ 2740.621652][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2740.628653][T15111] ? oom_killer_disable+0x280/0x280 [ 2740.634335][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2740.640367][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2740.645854][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2740.651711][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2740.657948][T15111] try_charge+0xf4b/0x1440 [ 2740.664409][T15111] ? find_held_lock+0x35/0x130 [ 2740.669662][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2740.676128][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2740.681794][T15111] ? find_held_lock+0x35/0x130 [ 2740.687365][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2740.693486][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2740.699863][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2740.706040][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2740.712137][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2740.718321][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2740.725229][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2740.731271][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2740.737822][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2740.743784][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2740.750168][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2740.755652][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.760740][T15111] copy_process+0x3f8/0x6860 [ 2740.765649][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.771077][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2740.776116][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.781299][T15111] ? mark_lock+0xc2/0x1220 [ 2740.785889][T15111] ? __cleanup_sighand+0x60/0x60 [ 2740.791100][T15111] ? find_held_lock+0x35/0x130 [ 2740.796483][T15111] _do_fork+0x146/0xf90 [ 2740.801147][T15111] ? copy_init_mm+0x20/0x20 [ 2740.805974][T15111] ? __kasan_check_read+0x11/0x20 [ 2740.811626][T15111] ? _copy_to_user+0x118/0x160 [ 2740.817050][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2740.823926][T15111] ? put_timespec64+0xda/0x140 [ 2740.829905][T15111] __x64_sys_clone+0x18d/0x250 [ 2740.835241][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2740.840821][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2740.846269][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2740.851902][T15111] do_syscall_64+0xfa/0x760 [ 2740.857049][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2740.864600][T15111] RIP: 0033:0x45802a [ 2740.868520][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2740.892484][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2740.901800][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2740.912950][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2740.921636][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2740.932457][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2740.941093][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2740.956182][T15111] memory: usage 147528kB, limit 0kB, failcnt 619 [ 2740.963350][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2740.970872][T15111] Memory cgroup stats for /syz2: [ 2740.970976][T15111] anon 130801664 [ 2740.970976][T15111] file 36864 [ 2740.970976][T15111] kernel_stack 2031616 [ 2740.970976][T15111] slab 10498048 [ 2740.970976][T15111] sock 106496 [ 2740.970976][T15111] shmem 0 [ 2740.970976][T15111] file_mapped 0 [ 2740.970976][T15111] file_dirty 135168 [ 2740.970976][T15111] file_writeback 0 [ 2740.970976][T15111] anon_thp 117440512 [ 2740.970976][T15111] inactive_anon 245760 [ 2740.970976][T15111] active_anon 130805760 [ 2740.970976][T15111] inactive_file 118784 [ 2740.970976][T15111] active_file 65536 [ 2740.970976][T15111] unevictable 0 [ 2740.970976][T15111] slab_reclaimable 3379200 [ 2740.970976][T15111] slab_unreclaimable 7118848 [ 2740.970976][T15111] pgfault 396165 [ 2740.970976][T15111] pgmajfault 0 [ 2740.970976][T15111] workingset_refault 0 [ 2740.970976][T15111] workingset_activate 0 [ 2740.970976][T15111] workingset_nodereclaim 0 [ 2740.970976][T15111] pgrefill 74 [ 2740.970976][T15111] pgscan 1900 [ 2740.970976][T15111] pgsteal 1760 [ 2741.072953][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24478,uid=0 [ 2741.091176][T15111] Memory cgroup out of memory: Killed process 24478 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35880kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2741.113071][ T1058] oom_reaper: reaped process 24478 (syz-executor.2), now anon-rss:0kB, file-rss:34920kB, shmem-rss:0kB [ 2741.114774][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2741.138705][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2741.149222][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2741.160242][T15111] Call Trace: [ 2741.163568][T15111] dump_stack+0x172/0x1f0 [ 2741.168555][T15111] dump_header+0x177/0x1152 [ 2741.174054][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2741.180547][T15111] ? ___ratelimit+0x2c8/0x595 [ 2741.185416][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2741.191425][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2741.196965][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2741.202108][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2741.207787][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2741.213640][T15111] ? ___ratelimit+0x60/0x595 [ 2741.218418][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2741.224182][T15111] oom_kill_process.cold+0x10/0x15 [ 2741.230001][T15111] out_of_memory+0x334/0x1340 [ 2741.236024][T15111] ? lock_downgrade+0x920/0x920 [ 2741.242075][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2741.248537][T15111] ? oom_killer_disable+0x280/0x280 [ 2741.255308][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2741.261299][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2741.266639][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2741.272340][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2741.278145][T15111] try_charge+0xf4b/0x1440 [ 2741.283442][T15111] ? find_held_lock+0x35/0x130 [ 2741.288502][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2741.294246][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2741.300175][T15111] ? find_held_lock+0x35/0x130 [ 2741.305388][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2741.311546][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2741.317355][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2741.322981][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2741.328747][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2741.334354][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2741.340784][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2741.346810][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2741.353151][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2741.359129][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2741.364680][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2741.370683][T15111] ? __kasan_check_read+0x11/0x20 [ 2741.376676][T15111] copy_process+0x3f8/0x6860 [ 2741.382356][T15111] ? __kasan_check_read+0x11/0x20 [ 2741.387736][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2741.392781][T15111] ? __kasan_check_read+0x11/0x20 [ 2741.398056][T15111] ? mark_lock+0xc2/0x1220 [ 2741.402595][T15111] ? __cleanup_sighand+0x60/0x60 [ 2741.407933][T15111] ? find_held_lock+0x35/0x130 [ 2741.412922][T15111] _do_fork+0x146/0xf90 [ 2741.418668][T15111] ? copy_init_mm+0x20/0x20 [ 2741.424663][T15111] ? __kasan_check_read+0x11/0x20 [ 2741.430280][T15111] ? _copy_to_user+0x118/0x160 [ 2741.435333][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2741.442945][T15111] ? put_timespec64+0xda/0x140 [ 2741.448219][T15111] __x64_sys_clone+0x18d/0x250 [ 2741.453433][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2741.458674][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2741.464332][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2741.469820][T15111] do_syscall_64+0xfa/0x760 [ 2741.474865][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2741.480877][T15111] RIP: 0033:0x45802a [ 2741.484988][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2741.506889][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2741.515842][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2741.524508][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2741.532806][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2741.541465][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2741.549891][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2741.563854][T15111] memory: usage 145200kB, limit 0kB, failcnt 625 [ 2741.571160][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2741.578608][T15111] Memory cgroup stats for /syz2: [ 2741.578721][T15111] anon 128585728 [ 2741.578721][T15111] file 36864 [ 2741.578721][T15111] kernel_stack 1966080 [ 2741.578721][T15111] slab 10498048 [ 2741.578721][T15111] sock 106496 [ 2741.578721][T15111] shmem 0 [ 2741.578721][T15111] file_mapped 0 [ 2741.578721][T15111] file_dirty 135168 [ 2741.578721][T15111] file_writeback 0 [ 2741.578721][T15111] anon_thp 115343360 [ 2741.578721][T15111] inactive_anon 245760 [ 2741.578721][T15111] active_anon 128589824 [ 2741.578721][T15111] inactive_file 118784 [ 2741.578721][T15111] active_file 65536 [ 2741.578721][T15111] unevictable 0 [ 2741.578721][T15111] slab_reclaimable 3379200 [ 2741.578721][T15111] slab_unreclaimable 7118848 [ 2741.578721][T15111] pgfault 396165 [ 2741.578721][T15111] pgmajfault 0 [ 2741.578721][T15111] workingset_refault 0 [ 2741.578721][T15111] workingset_activate 0 [ 2741.578721][T15111] workingset_nodereclaim 0 [ 2741.578721][T15111] pgrefill 74 [ 2741.578721][T15111] pgscan 1900 [ 2741.578721][T15111] pgsteal 1760 [ 2741.685541][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=32716,uid=0 [ 2741.704097][T15111] Memory cgroup out of memory: Killed process 32716 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35888kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2741.725620][ T1058] oom_reaper: reaped process 32716 (syz-executor.2), now anon-rss:0kB, file-rss:34928kB, shmem-rss:0kB [ 2741.726739][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2741.752086][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2741.761355][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2741.771736][T15111] Call Trace: [ 2741.775516][T15111] dump_stack+0x172/0x1f0 [ 2741.780432][T15111] dump_header+0x177/0x1152 [ 2741.785517][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2741.791557][T15111] ? ___ratelimit+0x2c8/0x595 [ 2741.797827][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2741.803772][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2741.809505][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2741.814551][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2741.820327][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2741.827074][T15111] ? ___ratelimit+0x60/0x595 [ 2741.832044][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2741.837312][T15111] oom_kill_process.cold+0x10/0x15 [ 2741.842693][T15111] out_of_memory+0x334/0x1340 [ 2741.847879][T15111] ? lock_downgrade+0x920/0x920 [ 2741.853005][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2741.859397][T15111] ? oom_killer_disable+0x280/0x280 [ 2741.865333][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2741.871042][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2741.878619][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2741.884253][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2741.889760][T15111] try_charge+0xf4b/0x1440 [ 2741.895440][T15111] ? find_held_lock+0x35/0x130 [ 2741.900532][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2741.906597][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2741.912499][T15111] ? find_held_lock+0x35/0x130 [ 2741.917293][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2741.923098][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2741.928750][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2741.934453][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2741.943680][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2741.948811][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2741.954699][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2741.960436][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2741.966272][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2741.971666][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2741.977891][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2741.983127][T15111] ? __kasan_check_read+0x11/0x20 [ 2741.988950][T15111] copy_process+0x3f8/0x6860 [ 2741.993868][T15111] ? __kasan_check_read+0x11/0x20 [ 2741.999175][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2742.004572][T15111] ? __kasan_check_read+0x11/0x20 [ 2742.010039][T15111] ? mark_lock+0xc2/0x1220 [ 2742.015498][T15111] ? __cleanup_sighand+0x60/0x60 [ 2742.021114][T15111] ? find_held_lock+0x35/0x130 [ 2742.026440][T15111] _do_fork+0x146/0xf90 [ 2742.030774][T15111] ? copy_init_mm+0x20/0x20 [ 2742.035538][T15111] ? __kasan_check_read+0x11/0x20 [ 2742.040682][T15111] ? _copy_to_user+0x118/0x160 [ 2742.045468][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2742.052560][T15111] ? put_timespec64+0xda/0x140 [ 2742.057508][T15111] __x64_sys_clone+0x18d/0x250 [ 2742.062972][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2742.068258][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2742.074575][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2742.079942][T15111] do_syscall_64+0xfa/0x760 [ 2742.084970][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2742.093437][T15111] RIP: 0033:0x45802a [ 2742.097502][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2742.117819][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2742.126820][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2742.135110][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2742.143532][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2742.151852][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2742.160529][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2742.175646][T15111] memory: usage 142872kB, limit 0kB, failcnt 631 [ 2742.182825][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2742.189962][T15111] Memory cgroup stats for /syz2: [ 2742.190095][T15111] anon 126369792 [ 2742.190095][T15111] file 36864 [ 2742.190095][T15111] kernel_stack 1966080 [ 2742.190095][T15111] slab 10362880 [ 2742.190095][T15111] sock 106496 [ 2742.190095][T15111] shmem 0 [ 2742.190095][T15111] file_mapped 0 [ 2742.190095][T15111] file_dirty 135168 [ 2742.190095][T15111] file_writeback 0 [ 2742.190095][T15111] anon_thp 113246208 [ 2742.190095][T15111] inactive_anon 245760 [ 2742.190095][T15111] active_anon 126373888 [ 2742.190095][T15111] inactive_file 118784 [ 2742.190095][T15111] active_file 65536 [ 2742.190095][T15111] unevictable 0 [ 2742.190095][T15111] slab_reclaimable 3379200 [ 2742.190095][T15111] slab_unreclaimable 6983680 [ 2742.190095][T15111] pgfault 396165 [ 2742.190095][T15111] pgmajfault 0 [ 2742.190095][T15111] workingset_refault 0 [ 2742.190095][T15111] workingset_activate 0 [ 2742.190095][T15111] workingset_nodereclaim 0 [ 2742.190095][T15111] pgrefill 74 [ 2742.190095][T15111] pgscan 1900 [ 2742.190095][T15111] pgsteal 1760 [ 2742.292205][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=32698,uid=0 [ 2742.308951][T15111] Memory cgroup out of memory: Killed process 32698 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35888kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2742.330669][ T1058] oom_reaper: reaped process 32698 (syz-executor.2), now anon-rss:0kB, file-rss:34928kB, shmem-rss:0kB [ 2742.331481][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2742.355805][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2742.366639][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2742.377822][T15111] Call Trace: [ 2742.382453][T15111] dump_stack+0x172/0x1f0 [ 2742.388471][T15111] dump_header+0x177/0x1152 [ 2742.394154][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2742.401506][T15111] ? ___ratelimit+0x2c8/0x595 [ 2742.407006][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2742.413145][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2742.419787][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2742.425327][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2742.432562][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2742.438703][T15111] ? ___ratelimit+0x60/0x595 [ 2742.443311][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2742.448593][T15111] oom_kill_process.cold+0x10/0x15 [ 2742.454184][T15111] out_of_memory+0x334/0x1340 [ 2742.459997][T15111] ? lock_downgrade+0x920/0x920 [ 2742.465239][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2742.471353][T15111] ? oom_killer_disable+0x280/0x280 [ 2742.476696][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2742.482264][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2742.487221][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2742.492347][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2742.497349][T15111] try_charge+0xf4b/0x1440 [ 2742.502182][T15111] ? find_held_lock+0x35/0x130 [ 2742.507974][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2742.514986][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2742.520579][T15111] ? find_held_lock+0x35/0x130 [ 2742.525938][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2742.532307][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2742.539381][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2742.545184][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2742.551132][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2742.556584][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2742.562511][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2742.568459][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2742.574637][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2742.579899][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2742.585730][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2742.590902][T15111] ? __kasan_check_read+0x11/0x20 [ 2742.596127][T15111] copy_process+0x3f8/0x6860 [ 2742.601024][T15111] ? __kasan_check_read+0x11/0x20 [ 2742.606791][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2742.612240][T15111] ? __kasan_check_read+0x11/0x20 [ 2742.617512][T15111] ? mark_lock+0xc2/0x1220 [ 2742.621966][T15111] ? __cleanup_sighand+0x60/0x60 [ 2742.627688][T15111] ? find_held_lock+0x35/0x130 [ 2742.632871][T15111] _do_fork+0x146/0xf90 [ 2742.637337][T15111] ? copy_init_mm+0x20/0x20 [ 2742.642046][T15111] ? __kasan_check_read+0x11/0x20 [ 2742.647459][T15111] ? _copy_to_user+0x118/0x160 [ 2742.652604][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2742.658920][T15111] ? put_timespec64+0xda/0x140 [ 2742.663799][T15111] __x64_sys_clone+0x18d/0x250 [ 2742.668742][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2742.673628][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2742.679330][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2742.684855][T15111] do_syscall_64+0xfa/0x760 [ 2742.689481][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2742.695825][T15111] RIP: 0033:0x45802a [ 2742.700179][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2742.720937][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2742.730065][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2742.738762][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2742.747945][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2742.756634][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2742.764935][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2742.777113][ C0] net_ratelimit: 16 callbacks suppressed [ 2742.777124][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2742.789166][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2742.797981][T15111] memory: usage 140552kB, limit 0kB, failcnt 637 [ 2742.805647][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2742.815692][T15111] Memory cgroup stats for /syz2: [ 2742.815785][T15111] anon 124162048 [ 2742.815785][T15111] file 36864 [ 2742.815785][T15111] kernel_stack 1900544 [ 2742.815785][T15111] slab 10362880 [ 2742.815785][T15111] sock 106496 [ 2742.815785][T15111] shmem 0 [ 2742.815785][T15111] file_mapped 0 [ 2742.815785][T15111] file_dirty 135168 [ 2742.815785][T15111] file_writeback 0 [ 2742.815785][T15111] anon_thp 111149056 [ 2742.815785][T15111] inactive_anon 245760 [ 2742.815785][T15111] active_anon 124166144 [ 2742.815785][T15111] inactive_file 118784 [ 2742.815785][T15111] active_file 65536 [ 2742.815785][T15111] unevictable 0 [ 2742.815785][T15111] slab_reclaimable 3379200 [ 2742.815785][T15111] slab_unreclaimable 6983680 [ 2742.815785][T15111] pgfault 396165 [ 2742.815785][T15111] pgmajfault 0 [ 2742.815785][T15111] workingset_refault 0 [ 2742.815785][T15111] workingset_activate 0 [ 2742.815785][T15111] workingset_nodereclaim 0 [ 2742.815785][T15111] pgrefill 74 [ 2742.815785][T15111] pgscan 1900 [ 2742.815785][T15111] pgsteal 1760 [ 2742.917397][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2742.917546][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2742.929498][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=20813,uid=0 [ 2742.945111][T15111] Memory cgroup out of memory: Killed process 20813 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35876kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2742.965548][ T1058] oom_reaper: reaped process 20813 (syz-executor.2), now anon-rss:0kB, file-rss:34916kB, shmem-rss:0kB [ 2742.973169][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2742.992221][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2743.001480][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2743.011648][T15111] Call Trace: [ 2743.014959][T15111] dump_stack+0x172/0x1f0 [ 2743.019280][T15111] dump_header+0x177/0x1152 [ 2743.023771][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2743.029564][T15111] ? ___ratelimit+0x2c8/0x595 [ 2743.034257][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2743.040077][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2743.045351][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2743.050407][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2743.056098][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2743.063498][T15111] ? ___ratelimit+0x60/0x595 [ 2743.068082][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2743.073183][T15111] oom_kill_process.cold+0x10/0x15 [ 2743.078433][T15111] out_of_memory+0x334/0x1340 [ 2743.083114][T15111] ? lock_downgrade+0x920/0x920 [ 2743.088136][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2743.094119][T15111] ? oom_killer_disable+0x280/0x280 [ 2743.099350][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2743.104908][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2743.109841][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2743.114958][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2743.119839][T15111] try_charge+0xf4b/0x1440 [ 2743.124275][T15111] ? find_held_lock+0x35/0x130 [ 2743.129049][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2743.134598][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2743.140333][T15111] ? find_held_lock+0x35/0x130 [ 2743.145110][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2743.150693][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2743.157008][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2743.162253][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2743.167812][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2743.172914][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2743.178299][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2743.183847][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2743.189697][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2743.195901][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2743.201188][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2743.206201][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.211237][T15111] copy_process+0x3f8/0x6860 [ 2743.215819][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.221289][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2743.226923][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.231950][T15111] ? mark_lock+0xc2/0x1220 [ 2743.236359][T15111] ? __cleanup_sighand+0x60/0x60 [ 2743.241305][T15111] ? find_held_lock+0x35/0x130 [ 2743.246088][T15111] _do_fork+0x146/0xf90 [ 2743.250241][T15111] ? copy_init_mm+0x20/0x20 [ 2743.254745][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.259764][T15111] ? _copy_to_user+0x118/0x160 [ 2743.264531][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2743.270790][T15111] ? put_timespec64+0xda/0x140 [ 2743.275700][T15111] __x64_sys_clone+0x18d/0x250 [ 2743.280484][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2743.285351][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2743.290633][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2743.295650][T15111] do_syscall_64+0xfa/0x760 [ 2743.300145][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2743.306048][T15111] RIP: 0033:0x45802a [ 2743.309938][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2743.329535][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2743.337947][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2743.346041][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2743.354018][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2743.362142][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2743.370111][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2743.378747][T15111] memory: usage 138204kB, limit 0kB, failcnt 643 [ 2743.385244][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2743.392232][T15111] Memory cgroup stats for /syz2: [ 2743.392326][T15111] anon 121933824 [ 2743.392326][T15111] file 36864 [ 2743.392326][T15111] kernel_stack 1900544 [ 2743.392326][T15111] slab 10362880 [ 2743.392326][T15111] sock 106496 [ 2743.392326][T15111] shmem 0 [ 2743.392326][T15111] file_mapped 0 [ 2743.392326][T15111] file_dirty 135168 [ 2743.392326][T15111] file_writeback 0 [ 2743.392326][T15111] anon_thp 109051904 [ 2743.392326][T15111] inactive_anon 245760 [ 2743.392326][T15111] active_anon 121937920 [ 2743.392326][T15111] inactive_file 118784 [ 2743.392326][T15111] active_file 65536 [ 2743.392326][T15111] unevictable 0 [ 2743.392326][T15111] slab_reclaimable 3379200 [ 2743.392326][T15111] slab_unreclaimable 6983680 [ 2743.392326][T15111] pgfault 396165 [ 2743.392326][T15111] pgmajfault 0 [ 2743.392326][T15111] workingset_refault 0 [ 2743.392326][T15111] workingset_activate 0 [ 2743.392326][T15111] workingset_nodereclaim 0 [ 2743.392326][T15111] pgrefill 74 [ 2743.392326][T15111] pgscan 1900 [ 2743.392326][T15111] pgsteal 1760 [ 2743.489788][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16963,uid=0 [ 2743.512592][T15111] Memory cgroup out of memory: Killed process 16963 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35884kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2743.541465][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2743.553994][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2743.563085][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2743.573162][T15111] Call Trace: [ 2743.576456][T15111] dump_stack+0x172/0x1f0 [ 2743.580789][T15111] dump_header+0x177/0x1152 [ 2743.585300][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2743.591109][T15111] ? ___ratelimit+0x2c8/0x595 [ 2743.595774][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2743.601579][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2743.606852][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2743.611910][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2743.617551][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2743.623357][T15111] ? ___ratelimit+0x60/0x595 [ 2743.627943][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2743.633065][T15111] oom_kill_process.cold+0x10/0x15 [ 2743.638198][T15111] out_of_memory+0x334/0x1340 [ 2743.642883][T15111] ? lock_downgrade+0x920/0x920 [ 2743.647758][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2743.653569][T15111] ? oom_killer_disable+0x280/0x280 [ 2743.658795][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2743.664345][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2743.669297][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2743.674433][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2743.679452][T15111] try_charge+0xf4b/0x1440 [ 2743.683869][T15111] ? find_held_lock+0x35/0x130 [ 2743.688653][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2743.694229][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2743.699788][T15111] ? find_held_lock+0x35/0x130 [ 2743.704542][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2743.710115][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2743.715653][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2743.720855][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2743.726405][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2743.731513][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2743.736890][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2743.742454][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2743.748176][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2743.753470][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2743.759550][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2743.764583][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.769624][T15111] copy_process+0x3f8/0x6860 [ 2743.774234][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.779296][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2743.784323][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.789357][T15111] ? mark_lock+0xc2/0x1220 [ 2743.793777][T15111] ? __cleanup_sighand+0x60/0x60 [ 2743.798715][T15111] ? find_held_lock+0x35/0x130 [ 2743.803505][T15111] _do_fork+0x146/0xf90 [ 2743.807861][T15111] ? copy_init_mm+0x20/0x20 [ 2743.812389][T15111] ? __kasan_check_read+0x11/0x20 [ 2743.817434][T15111] ? _copy_to_user+0x118/0x160 [ 2743.822287][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2743.828533][T15111] ? put_timespec64+0xda/0x140 [ 2743.833562][T15111] __x64_sys_clone+0x18d/0x250 [ 2743.838355][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2743.843226][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2743.848518][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2743.853550][T15111] do_syscall_64+0xfa/0x760 [ 2743.858083][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2743.863989][T15111] RIP: 0033:0x45802a [ 2743.867887][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2743.887507][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2743.896135][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2743.904108][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2743.912151][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2743.921095][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2743.929508][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2743.942968][T15111] memory: usage 135788kB, limit 0kB, failcnt 649 [ 2743.949525][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2743.956491][T15111] Memory cgroup stats for /syz2: [ 2743.956590][T15111] anon 119717888 [ 2743.956590][T15111] file 36864 [ 2743.956590][T15111] kernel_stack 1835008 [ 2743.956590][T15111] slab 10227712 [ 2743.956590][T15111] sock 106496 [ 2743.956590][T15111] shmem 0 [ 2743.956590][T15111] file_mapped 0 [ 2743.956590][T15111] file_dirty 135168 [ 2743.956590][T15111] file_writeback 0 [ 2743.956590][T15111] anon_thp 106954752 [ 2743.956590][T15111] inactive_anon 245760 [ 2743.956590][T15111] active_anon 119721984 [ 2743.956590][T15111] inactive_file 118784 [ 2743.956590][T15111] active_file 65536 [ 2743.956590][T15111] unevictable 0 [ 2743.956590][T15111] slab_reclaimable 3244032 [ 2743.956590][T15111] slab_unreclaimable 6983680 [ 2743.956590][T15111] pgfault 396165 [ 2743.956590][T15111] pgmajfault 0 [ 2743.956590][T15111] workingset_refault 0 [ 2743.956590][T15111] workingset_activate 0 [ 2743.956590][T15111] workingset_nodereclaim 0 [ 2743.956590][T15111] pgrefill 74 [ 2743.956590][T15111] pgscan 1900 [ 2743.956590][T15111] pgsteal 1760 [ 2744.037182][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2744.055270][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24600,uid=0 [ 2744.060060][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2744.085353][T15111] Memory cgroup out of memory: Killed process 24600 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35880kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2744.106962][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2744.108922][ T1058] oom_reaper: reaped process 24600 (syz-executor.2), now anon-rss:0kB, file-rss:34920kB, shmem-rss:0kB [ 2744.119183][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2744.119194][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2744.119199][T15111] Call Trace: [ 2744.119230][T15111] dump_stack+0x172/0x1f0 [ 2744.119253][T15111] dump_header+0x177/0x1152 [ 2744.119279][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2744.171854][T15111] ? ___ratelimit+0x2c8/0x595 [ 2744.176579][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2744.182641][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2744.187936][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2744.192969][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2744.198605][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2744.204424][T15111] ? ___ratelimit+0x60/0x595 [ 2744.209019][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2744.214154][T15111] oom_kill_process.cold+0x10/0x15 [ 2744.219260][T15111] out_of_memory+0x334/0x1340 [ 2744.223921][T15111] ? lock_downgrade+0x920/0x920 [ 2744.228778][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2744.235302][T15111] ? oom_killer_disable+0x280/0x280 [ 2744.240506][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2744.246057][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2744.251011][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2744.256148][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2744.261001][T15111] try_charge+0xf4b/0x1440 [ 2744.265401][T15111] ? find_held_lock+0x35/0x130 [ 2744.270314][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2744.276040][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2744.281613][T15111] ? find_held_lock+0x35/0x130 [ 2744.286390][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2744.291961][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2744.297526][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2744.302764][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2744.308528][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2744.313815][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2744.319189][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2744.324726][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2744.330446][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2744.335824][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2744.341295][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2744.346549][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.351862][T15111] copy_process+0x3f8/0x6860 [ 2744.356481][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.362390][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2744.367527][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.372753][T15111] ? mark_lock+0xc2/0x1220 [ 2744.377163][T15111] ? __cleanup_sighand+0x60/0x60 [ 2744.382082][T15111] ? find_held_lock+0x35/0x130 [ 2744.386854][T15111] _do_fork+0x146/0xf90 [ 2744.391024][T15111] ? copy_init_mm+0x20/0x20 [ 2744.395888][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.400913][T15111] ? _copy_to_user+0x118/0x160 [ 2744.406105][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2744.412479][T15111] ? put_timespec64+0xda/0x140 [ 2744.417786][T15111] __x64_sys_clone+0x18d/0x250 [ 2744.422720][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2744.427591][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2744.432875][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2744.438241][T15111] do_syscall_64+0xfa/0x760 [ 2744.442958][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2744.448844][T15111] RIP: 0033:0x45802a [ 2744.453265][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2744.472983][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2744.481408][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2744.489406][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2744.497465][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2744.505429][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2744.513659][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2744.525609][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2744.531696][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2744.537981][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2744.543881][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2744.551534][T15111] memory: usage 133468kB, limit 0kB, failcnt 655 [ 2744.558233][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2744.565269][T15111] Memory cgroup stats for /syz2: [ 2744.565359][T15111] anon 117510144 [ 2744.565359][T15111] file 36864 [ 2744.565359][T15111] kernel_stack 1835008 [ 2744.565359][T15111] slab 10227712 [ 2744.565359][T15111] sock 106496 [ 2744.565359][T15111] shmem 0 [ 2744.565359][T15111] file_mapped 0 [ 2744.565359][T15111] file_dirty 135168 [ 2744.565359][T15111] file_writeback 0 [ 2744.565359][T15111] anon_thp 104857600 [ 2744.565359][T15111] inactive_anon 245760 [ 2744.565359][T15111] active_anon 117514240 [ 2744.565359][T15111] inactive_file 118784 [ 2744.565359][T15111] active_file 65536 [ 2744.565359][T15111] unevictable 0 [ 2744.565359][T15111] slab_reclaimable 3244032 [ 2744.565359][T15111] slab_unreclaimable 6983680 [ 2744.565359][T15111] pgfault 396165 [ 2744.565359][T15111] pgmajfault 0 [ 2744.565359][T15111] workingset_refault 0 [ 2744.565359][T15111] workingset_activate 0 [ 2744.565359][T15111] workingset_nodereclaim 0 [ 2744.565359][T15111] pgrefill 74 [ 2744.565359][T15111] pgscan 1900 [ 2744.565359][T15111] pgsteal 1760 [ 2744.661482][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17038,uid=0 [ 2744.678979][T15111] Memory cgroup out of memory: Killed process 17038 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35872kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2744.701987][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2744.704529][ T1058] oom_reaper: reaped process 17038 (syz-executor.2), now anon-rss:0kB, file-rss:34912kB, shmem-rss:0kB [ 2744.714496][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2744.735019][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2744.745093][T15111] Call Trace: [ 2744.748514][T15111] dump_stack+0x172/0x1f0 [ 2744.752853][T15111] dump_header+0x177/0x1152 [ 2744.757388][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2744.763196][T15111] ? ___ratelimit+0x2c8/0x595 [ 2744.767980][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2744.773807][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2744.779393][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2744.784416][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2744.790079][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2744.796753][T15111] ? ___ratelimit+0x60/0x595 [ 2744.801371][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2744.806568][T15111] oom_kill_process.cold+0x10/0x15 [ 2744.811675][T15111] out_of_memory+0x334/0x1340 [ 2744.816341][T15111] ? lock_downgrade+0x920/0x920 [ 2744.821184][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2744.827164][T15111] ? oom_killer_disable+0x280/0x280 [ 2744.832463][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2744.838187][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2744.843122][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2744.848242][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2744.853091][T15111] try_charge+0xf4b/0x1440 [ 2744.860282][T15111] ? find_held_lock+0x35/0x130 [ 2744.865057][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2744.870603][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2744.878169][T15111] ? find_held_lock+0x35/0x130 [ 2744.882950][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2744.888525][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2744.894675][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2744.899862][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2744.905396][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2744.910689][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2744.916180][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2744.921759][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2744.927647][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2744.932888][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2744.938171][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2744.943183][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.948326][T15111] copy_process+0x3f8/0x6860 [ 2744.952932][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.958231][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2744.963286][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.968414][T15111] ? mark_lock+0xc2/0x1220 [ 2744.972849][T15111] ? __cleanup_sighand+0x60/0x60 [ 2744.977786][T15111] ? find_held_lock+0x35/0x130 [ 2744.982591][T15111] _do_fork+0x146/0xf90 [ 2744.986744][T15111] ? copy_init_mm+0x20/0x20 [ 2744.991858][T15111] ? __kasan_check_read+0x11/0x20 [ 2744.996962][T15111] ? _copy_to_user+0x118/0x160 [ 2745.001741][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2745.008156][T15111] ? put_timespec64+0xda/0x140 [ 2745.013711][T15111] __x64_sys_clone+0x18d/0x250 [ 2745.018482][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2745.023584][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2745.028906][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2745.034044][T15111] do_syscall_64+0xfa/0x760 [ 2745.038558][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2745.044877][T15111] RIP: 0033:0x45802a [ 2745.048769][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2745.068903][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2745.077535][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2745.085951][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2745.094016][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2745.101980][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2745.109946][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2745.122415][T15111] memory: usage 131136kB, limit 0kB, failcnt 661 [ 2745.129318][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2745.136388][T15111] Memory cgroup stats for /syz2: [ 2745.136485][T15111] anon 115298304 [ 2745.136485][T15111] file 36864 [ 2745.136485][T15111] kernel_stack 1769472 [ 2745.136485][T15111] slab 10227712 [ 2745.136485][T15111] sock 106496 [ 2745.136485][T15111] shmem 0 [ 2745.136485][T15111] file_mapped 0 [ 2745.136485][T15111] file_dirty 135168 [ 2745.136485][T15111] file_writeback 0 [ 2745.136485][T15111] anon_thp 102760448 [ 2745.136485][T15111] inactive_anon 245760 [ 2745.136485][T15111] active_anon 115302400 [ 2745.136485][T15111] inactive_file 118784 [ 2745.136485][T15111] active_file 65536 [ 2745.136485][T15111] unevictable 0 [ 2745.136485][T15111] slab_reclaimable 3244032 [ 2745.136485][T15111] slab_unreclaimable 6983680 [ 2745.136485][T15111] pgfault 396165 [ 2745.136485][T15111] pgmajfault 0 [ 2745.136485][T15111] workingset_refault 0 [ 2745.136485][T15111] workingset_activate 0 [ 2745.136485][T15111] workingset_nodereclaim 0 [ 2745.136485][T15111] pgrefill 74 [ 2745.136485][T15111] pgscan 1900 [ 2745.136485][T15111] pgsteal 1760 [ 2745.233372][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=24767,uid=0 [ 2745.249848][T15111] Memory cgroup out of memory: Killed process 24767 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35876kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2745.270367][ T1058] oom_reaper: reaped process 24767 (syz-executor.2), now anon-rss:0kB, file-rss:34916kB, shmem-rss:0kB [ 2745.271280][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2745.295880][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2745.305033][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2745.315105][T15111] Call Trace: [ 2745.318421][T15111] dump_stack+0x172/0x1f0 [ 2745.322760][T15111] dump_header+0x177/0x1152 [ 2745.327378][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2745.333891][T15111] ? ___ratelimit+0x2c8/0x595 [ 2745.338826][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2745.344648][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2745.350023][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2745.355057][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2745.360880][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2745.366691][T15111] ? ___ratelimit+0x60/0x595 [ 2745.371273][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2745.377085][T15111] oom_kill_process.cold+0x10/0x15 [ 2745.382198][T15111] out_of_memory+0x334/0x1340 [ 2745.386863][T15111] ? lock_downgrade+0x920/0x920 [ 2745.391718][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2745.397519][T15111] ? oom_killer_disable+0x280/0x280 [ 2745.402739][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2745.408289][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2745.413312][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2745.418432][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2745.423284][T15111] try_charge+0xf4b/0x1440 [ 2745.427704][T15111] ? find_held_lock+0x35/0x130 [ 2745.432667][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2745.438223][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2745.443785][T15111] ? find_held_lock+0x35/0x130 [ 2745.448554][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2745.454294][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2745.459860][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2745.465056][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2745.470590][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2745.475691][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2745.481064][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2745.486611][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2745.492335][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2745.497543][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2745.502837][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2745.507859][T15111] ? __kasan_check_read+0x11/0x20 [ 2745.512903][T15111] copy_process+0x3f8/0x6860 [ 2745.517547][T15111] ? __kasan_check_read+0x11/0x20 [ 2745.522585][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2745.527610][T15111] ? __kasan_check_read+0x11/0x20 [ 2745.532630][T15111] ? mark_lock+0xc2/0x1220 [ 2745.537065][T15111] ? __cleanup_sighand+0x60/0x60 [ 2745.541994][T15111] ? find_held_lock+0x35/0x130 [ 2745.546840][T15111] _do_fork+0x146/0xf90 [ 2745.550999][T15111] ? copy_init_mm+0x20/0x20 [ 2745.555505][T15111] ? __kasan_check_read+0x11/0x20 [ 2745.560655][T15111] ? _copy_to_user+0x118/0x160 [ 2745.565614][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2745.572126][T15111] ? put_timespec64+0xda/0x140 [ 2745.576967][T15111] __x64_sys_clone+0x18d/0x250 [ 2745.581916][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2745.586758][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2745.592031][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2745.597070][T15111] do_syscall_64+0xfa/0x760 [ 2745.601582][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2745.607493][T15111] RIP: 0033:0x45802a [ 2745.611388][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2745.631086][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2745.639512][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2745.647500][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2745.655611][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2745.663584][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2745.671660][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2745.686923][T15111] memory: usage 128816kB, limit 0kB, failcnt 667 [ 2745.693464][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2745.700546][T15111] Memory cgroup stats for /syz2: [ 2745.700639][T15111] anon 113082368 [ 2745.700639][T15111] file 36864 [ 2745.700639][T15111] kernel_stack 1769472 [ 2745.700639][T15111] slab 10227712 [ 2745.700639][T15111] sock 106496 [ 2745.700639][T15111] shmem 0 [ 2745.700639][T15111] file_mapped 0 [ 2745.700639][T15111] file_dirty 135168 [ 2745.700639][T15111] file_writeback 0 [ 2745.700639][T15111] anon_thp 100663296 [ 2745.700639][T15111] inactive_anon 245760 [ 2745.700639][T15111] active_anon 113086464 [ 2745.700639][T15111] inactive_file 118784 [ 2745.700639][T15111] active_file 65536 [ 2745.700639][T15111] unevictable 0 [ 2745.700639][T15111] slab_reclaimable 3244032 [ 2745.700639][T15111] slab_unreclaimable 6983680 [ 2745.700639][T15111] pgfault 396165 [ 2745.700639][T15111] pgmajfault 0 [ 2745.700639][T15111] workingset_refault 0 [ 2745.700639][T15111] workingset_activate 0 [ 2745.700639][T15111] workingset_nodereclaim 0 [ 2745.700639][T15111] pgrefill 74 [ 2745.700639][T15111] pgscan 1900 [ 2745.700639][T15111] pgsteal 1760 [ 2745.801752][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=20429,uid=0 [ 2745.821754][T15111] Memory cgroup out of memory: Killed process 20429 (syz-executor.2) total-vm:72836kB, anon-rss:2216kB, file-rss:35844kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2745.849179][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2745.861637][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2745.870920][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2745.880989][T15111] Call Trace: [ 2745.884290][T15111] dump_stack+0x172/0x1f0 [ 2745.888697][T15111] dump_header+0x177/0x1152 [ 2745.893196][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2745.899941][T15111] ? ___ratelimit+0x2c8/0x595 [ 2745.904620][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2745.910420][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2745.915790][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2745.921260][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2745.927065][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2745.932859][T15111] ? ___ratelimit+0x60/0x595 [ 2745.937781][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2745.942998][T15111] oom_kill_process.cold+0x10/0x15 [ 2745.948370][T15111] out_of_memory+0x334/0x1340 [ 2745.953053][T15111] ? lock_downgrade+0x920/0x920 [ 2745.957908][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2745.963700][T15111] ? oom_killer_disable+0x280/0x280 [ 2745.969175][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2745.974726][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2745.979684][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2745.984818][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2745.989771][T15111] try_charge+0xf4b/0x1440 [ 2745.994281][T15111] ? find_held_lock+0x35/0x130 [ 2745.999086][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2746.004647][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2746.010296][T15111] ? find_held_lock+0x35/0x130 [ 2746.015240][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2746.020961][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2746.026588][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2746.031784][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2746.037351][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2746.042578][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2746.048066][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2746.053878][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2746.059586][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2746.064858][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2746.070297][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2746.075337][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.080367][T15111] copy_process+0x3f8/0x6860 [ 2746.084947][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.089966][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2746.094991][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.100045][T15111] ? mark_lock+0xc2/0x1220 [ 2746.104641][T15111] ? __cleanup_sighand+0x60/0x60 [ 2746.109576][T15111] ? find_held_lock+0x35/0x130 [ 2746.114788][T15111] _do_fork+0x146/0xf90 [ 2746.119051][T15111] ? copy_init_mm+0x20/0x20 [ 2746.123722][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.128752][T15111] ? _copy_to_user+0x118/0x160 [ 2746.133519][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2746.139752][T15111] ? put_timespec64+0xda/0x140 [ 2746.144653][T15111] __x64_sys_clone+0x18d/0x250 [ 2746.149423][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2746.154282][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2746.159649][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2746.164828][T15111] do_syscall_64+0xfa/0x760 [ 2746.169350][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2746.175232][T15111] RIP: 0033:0x45802a [ 2746.179894][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2746.199579][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2746.208402][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2746.216387][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2746.224444][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2746.232503][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2746.240561][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2746.249610][T15111] memory: usage 126472kB, limit 0kB, failcnt 673 [ 2746.256013][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2746.262998][T15111] Memory cgroup stats for /syz2: [ 2746.263094][T15111] anon 110895104 [ 2746.263094][T15111] file 36864 [ 2746.263094][T15111] kernel_stack 1769472 [ 2746.263094][T15111] slab 10227712 [ 2746.263094][T15111] sock 106496 [ 2746.263094][T15111] shmem 0 [ 2746.263094][T15111] file_mapped 0 [ 2746.263094][T15111] file_dirty 135168 [ 2746.263094][T15111] file_writeback 0 [ 2746.263094][T15111] anon_thp 98566144 [ 2746.263094][T15111] inactive_anon 245760 [ 2746.263094][T15111] active_anon 110899200 [ 2746.263094][T15111] inactive_file 118784 [ 2746.263094][T15111] active_file 65536 [ 2746.263094][T15111] unevictable 0 [ 2746.263094][T15111] slab_reclaimable 3244032 [ 2746.263094][T15111] slab_unreclaimable 6983680 [ 2746.263094][T15111] pgfault 396165 [ 2746.263094][T15111] pgmajfault 0 [ 2746.263094][T15111] workingset_refault 0 [ 2746.263094][T15111] workingset_activate 0 [ 2746.263094][T15111] workingset_nodereclaim 0 [ 2746.263094][T15111] pgrefill 74 [ 2746.263094][T15111] pgscan 1900 [ 2746.263094][T15111] pgsteal 1760 [ 2746.360696][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=20598,uid=0 [ 2746.376616][T15111] Memory cgroup out of memory: Killed process 20598 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35852kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2746.396379][ T1058] oom_reaper: reaped process 20598 (syz-executor.2), now anon-rss:0kB, file-rss:34892kB, shmem-rss:0kB [ 2746.404091][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2746.422323][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2746.431389][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2746.441451][T15111] Call Trace: [ 2746.444758][T15111] dump_stack+0x172/0x1f0 [ 2746.449081][T15111] dump_header+0x177/0x1152 [ 2746.453575][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2746.460845][T15111] ? ___ratelimit+0x2c8/0x595 [ 2746.465521][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2746.471327][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2746.476615][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2746.481654][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2746.487277][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2746.493073][T15111] ? ___ratelimit+0x60/0x595 [ 2746.497649][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2746.502770][T15111] oom_kill_process.cold+0x10/0x15 [ 2746.507887][T15111] out_of_memory+0x334/0x1340 [ 2746.512552][T15111] ? lock_downgrade+0x920/0x920 [ 2746.517396][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2746.523256][T15111] ? oom_killer_disable+0x280/0x280 [ 2746.528470][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2746.534007][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2746.538938][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2746.544044][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2746.548888][T15111] try_charge+0xf4b/0x1440 [ 2746.553289][T15111] ? find_held_lock+0x35/0x130 [ 2746.558056][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2746.563588][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2746.569122][T15111] ? find_held_lock+0x35/0x130 [ 2746.573875][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2746.579420][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2746.584957][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2746.590329][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2746.595971][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2746.601085][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2746.606463][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2746.612009][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2746.617717][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2746.622912][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2746.628186][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2746.634065][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.639090][T15111] copy_process+0x3f8/0x6860 [ 2746.643715][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.648988][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2746.654001][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.659017][T15111] ? mark_lock+0xc2/0x1220 [ 2746.663448][T15111] ? __cleanup_sighand+0x60/0x60 [ 2746.668460][T15111] ? find_held_lock+0x35/0x130 [ 2746.673232][T15111] _do_fork+0x146/0xf90 [ 2746.677387][T15111] ? copy_init_mm+0x20/0x20 [ 2746.682422][T15111] ? __kasan_check_read+0x11/0x20 [ 2746.687542][T15111] ? _copy_to_user+0x118/0x160 [ 2746.692863][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2746.699355][T15111] ? put_timespec64+0xda/0x140 [ 2746.704116][T15111] __x64_sys_clone+0x18d/0x250 [ 2746.708878][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2746.713724][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2746.718997][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2746.724034][T15111] do_syscall_64+0xfa/0x760 [ 2746.728535][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2746.734417][T15111] RIP: 0033:0x45802a [ 2746.738301][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2746.758498][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2746.767010][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2746.775493][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2746.783455][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2746.791870][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2746.800013][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2746.816229][T15111] memory: usage 124180kB, limit 0kB, failcnt 679 [ 2746.837161][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2746.844397][T15111] Memory cgroup stats for /syz2: [ 2746.844493][T15111] anon 108748800 [ 2746.844493][T15111] file 36864 [ 2746.844493][T15111] kernel_stack 1769472 [ 2746.844493][T15111] slab 10227712 [ 2746.844493][T15111] sock 106496 [ 2746.844493][T15111] shmem 0 [ 2746.844493][T15111] file_mapped 0 [ 2746.844493][T15111] file_dirty 135168 [ 2746.844493][T15111] file_writeback 0 [ 2746.844493][T15111] anon_thp 96468992 [ 2746.844493][T15111] inactive_anon 245760 [ 2746.844493][T15111] active_anon 108752896 [ 2746.844493][T15111] inactive_file 118784 [ 2746.844493][T15111] active_file 65536 [ 2746.844493][T15111] unevictable 0 [ 2746.844493][T15111] slab_reclaimable 3244032 [ 2746.844493][T15111] slab_unreclaimable 6983680 [ 2746.844493][T15111] pgfault 396165 [ 2746.844493][T15111] pgmajfault 0 [ 2746.844493][T15111] workingset_refault 0 [ 2746.844493][T15111] workingset_activate 0 [ 2746.844493][T15111] workingset_nodereclaim 0 [ 2746.844493][T15111] pgrefill 74 [ 2746.844493][T15111] pgscan 1900 [ 2746.844493][T15111] pgsteal 1760 [ 2746.941931][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16982,uid=0 [ 2746.964734][T15111] Memory cgroup out of memory: Killed process 16982 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35852kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2747.000762][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2747.012857][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2747.021878][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2747.031949][T15111] Call Trace: [ 2747.035425][T15111] dump_stack+0x172/0x1f0 [ 2747.039748][T15111] dump_header+0x177/0x1152 [ 2747.044261][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2747.050059][T15111] ? ___ratelimit+0x2c8/0x595 [ 2747.054799][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2747.060631][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2747.065995][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2747.071022][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2747.076671][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2747.082494][T15111] ? ___ratelimit+0x60/0x595 [ 2747.087096][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2747.092300][T15111] oom_kill_process.cold+0x10/0x15 [ 2747.097637][T15111] out_of_memory+0x334/0x1340 [ 2747.102937][T15111] ? lock_downgrade+0x920/0x920 [ 2747.107786][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2747.113859][T15111] ? oom_killer_disable+0x280/0x280 [ 2747.119065][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2747.124598][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2747.129526][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2747.134641][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2747.139784][T15111] try_charge+0xf4b/0x1440 [ 2747.144310][T15111] ? find_held_lock+0x35/0x130 [ 2747.149198][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2747.154824][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2747.160534][T15111] ? find_held_lock+0x35/0x130 [ 2747.165283][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2747.170833][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2747.176449][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2747.181667][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2747.187288][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2747.192385][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2747.197930][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2747.203463][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2747.209164][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2747.214359][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2747.220514][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2747.225523][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.230540][T15111] copy_process+0x3f8/0x6860 [ 2747.235217][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.240252][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2747.245257][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.250268][T15111] ? mark_lock+0xc2/0x1220 [ 2747.254688][T15111] ? __cleanup_sighand+0x60/0x60 [ 2747.259609][T15111] ? find_held_lock+0x35/0x130 [ 2747.264390][T15111] _do_fork+0x146/0xf90 [ 2747.268531][T15111] ? copy_init_mm+0x20/0x20 [ 2747.273044][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.278066][T15111] ? _copy_to_user+0x118/0x160 [ 2747.282819][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2747.289057][T15111] ? put_timespec64+0xda/0x140 [ 2747.293828][T15111] __x64_sys_clone+0x18d/0x250 [ 2747.298576][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2747.303512][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2747.308792][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2747.313809][T15111] do_syscall_64+0xfa/0x760 [ 2747.318421][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2747.324302][T15111] RIP: 0033:0x45802a [ 2747.328308][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2747.347917][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2747.356507][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2747.364476][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2747.372517][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2747.380472][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2747.388428][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2747.398653][T15111] memory: usage 121816kB, limit 0kB, failcnt 685 [ 2747.405018][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2747.412099][T15111] Memory cgroup stats for /syz2: [ 2747.412201][T15111] anon 106430464 [ 2747.412201][T15111] file 36864 [ 2747.412201][T15111] kernel_stack 1703936 [ 2747.412201][T15111] slab 10227712 [ 2747.412201][T15111] sock 106496 [ 2747.412201][T15111] shmem 0 [ 2747.412201][T15111] file_mapped 0 [ 2747.412201][T15111] file_dirty 135168 [ 2747.412201][T15111] file_writeback 0 [ 2747.412201][T15111] anon_thp 94371840 [ 2747.412201][T15111] inactive_anon 245760 [ 2747.412201][T15111] active_anon 106434560 [ 2747.412201][T15111] inactive_file 118784 [ 2747.412201][T15111] active_file 65536 [ 2747.412201][T15111] unevictable 0 [ 2747.412201][T15111] slab_reclaimable 3244032 [ 2747.412201][T15111] slab_unreclaimable 6983680 [ 2747.412201][T15111] pgfault 396165 [ 2747.412201][T15111] pgmajfault 0 [ 2747.412201][T15111] workingset_refault 0 [ 2747.412201][T15111] workingset_activate 0 [ 2747.412201][T15111] workingset_nodereclaim 0 [ 2747.412201][T15111] pgrefill 74 [ 2747.412201][T15111] pgscan 1900 [ 2747.412201][T15111] pgsteal 1760 [ 2747.508300][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26899,uid=0 [ 2747.523954][T15111] Memory cgroup out of memory: Killed process 26899 (syz-executor.2) total-vm:72836kB, anon-rss:2216kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2747.544086][ T1058] oom_reaper: reaped process 26899 (syz-executor.2), now anon-rss:0kB, file-rss:34876kB, shmem-rss:0kB [ 2747.558443][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2747.570503][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2747.579930][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2747.590067][T15111] Call Trace: [ 2747.593378][T15111] dump_stack+0x172/0x1f0 [ 2747.597707][T15111] dump_header+0x177/0x1152 [ 2747.602203][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2747.607993][T15111] ? ___ratelimit+0x2c8/0x595 [ 2747.612668][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2747.618655][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2747.623962][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2747.629015][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2747.634663][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2747.640653][T15111] ? ___ratelimit+0x60/0x595 [ 2747.645405][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2747.650523][T15111] oom_kill_process.cold+0x10/0x15 [ 2747.655622][T15111] out_of_memory+0x334/0x1340 [ 2747.660283][T15111] ? lock_downgrade+0x920/0x920 [ 2747.665138][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2747.670961][T15111] ? oom_killer_disable+0x280/0x280 [ 2747.676189][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2747.681733][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2747.686671][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2747.691864][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2747.697734][T15111] try_charge+0xf4b/0x1440 [ 2747.702171][T15111] ? find_held_lock+0x35/0x130 [ 2747.706948][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2747.712504][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2747.718083][T15111] ? find_held_lock+0x35/0x130 [ 2747.722846][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2747.728394][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2747.733932][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2747.739121][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2747.744681][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2747.749798][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2747.755156][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2747.760691][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2747.766400][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2747.771622][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2747.776932][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2747.781957][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.786989][T15111] copy_process+0x3f8/0x6860 [ 2747.791578][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.796607][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2747.801618][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.806749][T15111] ? mark_lock+0xc2/0x1220 [ 2747.811182][T15111] ? __cleanup_sighand+0x60/0x60 [ 2747.816139][T15111] ? find_held_lock+0x35/0x130 [ 2747.821051][T15111] _do_fork+0x146/0xf90 [ 2747.825332][T15111] ? copy_init_mm+0x20/0x20 [ 2747.829866][T15111] ? __kasan_check_read+0x11/0x20 [ 2747.834898][T15111] ? _copy_to_user+0x118/0x160 [ 2747.839655][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2747.845920][T15111] ? put_timespec64+0xda/0x140 [ 2747.850686][T15111] __x64_sys_clone+0x18d/0x250 [ 2747.855629][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2747.860650][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2747.866083][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2747.871384][T15111] do_syscall_64+0xfa/0x760 [ 2747.875911][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2747.882201][T15111] RIP: 0033:0x45802a [ 2747.886179][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2747.905771][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2747.914173][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2747.922332][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2747.931348][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2747.939314][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2747.947273][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2747.955777][T15111] memory: usage 119476kB, limit 0kB, failcnt 691 [ 2747.962220][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2747.969201][T15111] Memory cgroup stats for /syz2: [ 2747.969309][T15111] anon 104194048 [ 2747.969309][T15111] file 36864 [ 2747.969309][T15111] kernel_stack 1638400 [ 2747.969309][T15111] slab 10227712 [ 2747.969309][T15111] sock 106496 [ 2747.969309][T15111] shmem 0 [ 2747.969309][T15111] file_mapped 0 [ 2747.969309][T15111] file_dirty 135168 [ 2747.969309][T15111] file_writeback 0 [ 2747.969309][T15111] anon_thp 92274688 [ 2747.969309][T15111] inactive_anon 245760 [ 2747.969309][T15111] active_anon 104202240 [ 2747.969309][T15111] inactive_file 118784 [ 2747.969309][T15111] active_file 65536 [ 2747.969309][T15111] unevictable 0 [ 2747.969309][T15111] slab_reclaimable 3244032 [ 2747.969309][T15111] slab_unreclaimable 6983680 [ 2747.969309][T15111] pgfault 396165 [ 2747.969309][T15111] pgmajfault 0 [ 2747.969309][T15111] workingset_refault 0 [ 2747.969309][T15111] workingset_activate 0 [ 2747.969309][T15111] workingset_nodereclaim 0 [ 2747.969309][T15111] pgrefill 74 [ 2747.969309][T15111] pgscan 1900 [ 2747.969309][T15111] pgsteal 1760 [ 2748.064150][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26825,uid=0 [ 2748.079847][T15111] Memory cgroup out of memory: Killed process 26825 (syz-executor.2) total-vm:72836kB, anon-rss:2216kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2748.100507][ T1058] oom_reaper: reaped process 26825 (syz-executor.2), now anon-rss:0kB, file-rss:34876kB, shmem-rss:0kB [ 2748.101772][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2748.123830][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2748.132873][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2748.142942][T15111] Call Trace: [ 2748.146363][T15111] dump_stack+0x172/0x1f0 [ 2748.150747][T15111] dump_header+0x177/0x1152 [ 2748.155298][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2748.161123][T15111] ? ___ratelimit+0x2c8/0x595 [ 2748.165801][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2748.171603][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2748.176876][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2748.181888][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2748.187530][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2748.193340][T15111] ? ___ratelimit+0x60/0x595 [ 2748.197911][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2748.203800][T15111] oom_kill_process.cold+0x10/0x15 [ 2748.208899][T15111] out_of_memory+0x334/0x1340 [ 2748.213561][T15111] ? lock_downgrade+0x920/0x920 [ 2748.218418][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2748.224234][T15111] ? oom_killer_disable+0x280/0x280 [ 2748.229429][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2748.234976][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2748.239936][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2748.245043][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2748.249886][T15111] try_charge+0xf4b/0x1440 [ 2748.254288][T15111] ? find_held_lock+0x35/0x130 [ 2748.259228][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2748.264775][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2748.270348][T15111] ? find_held_lock+0x35/0x130 [ 2748.275129][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2748.280704][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2748.286249][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2748.291451][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2748.297011][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2748.302148][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2748.307556][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2748.313170][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2748.319045][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2748.324357][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2748.329832][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2748.334861][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.339958][T15111] copy_process+0x3f8/0x6860 [ 2748.344538][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.349560][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2748.354570][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.359624][T15111] ? mark_lock+0xc2/0x1220 [ 2748.364061][T15111] ? __cleanup_sighand+0x60/0x60 [ 2748.369106][T15111] ? find_held_lock+0x35/0x130 [ 2748.373940][T15111] _do_fork+0x146/0xf90 [ 2748.378094][T15111] ? copy_init_mm+0x20/0x20 [ 2748.382585][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.387597][T15111] ? _copy_to_user+0x118/0x160 [ 2748.392350][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2748.398607][T15111] ? put_timespec64+0xda/0x140 [ 2748.403371][T15111] __x64_sys_clone+0x18d/0x250 [ 2748.408123][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2748.412980][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2748.418275][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2748.423288][T15111] do_syscall_64+0xfa/0x760 [ 2748.427780][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2748.433657][T15111] RIP: 0033:0x45802a [ 2748.437539][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2748.457292][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2748.466392][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2748.474358][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2748.482326][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2748.490308][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2748.498262][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2748.506502][ C1] net_ratelimit: 14 callbacks suppressed [ 2748.506513][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2748.518112][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2748.524188][T15111] memory: usage 117100kB, limit 0kB, failcnt 697 [ 2748.531124][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2748.538333][T15111] Memory cgroup stats for /syz2: [ 2748.538459][T15111] anon 101994496 [ 2748.538459][T15111] file 36864 [ 2748.538459][T15111] kernel_stack 1638400 [ 2748.538459][T15111] slab 10092544 [ 2748.538459][T15111] sock 106496 [ 2748.538459][T15111] shmem 0 [ 2748.538459][T15111] file_mapped 0 [ 2748.538459][T15111] file_dirty 135168 [ 2748.538459][T15111] file_writeback 0 [ 2748.538459][T15111] anon_thp 90177536 [ 2748.538459][T15111] inactive_anon 245760 [ 2748.538459][T15111] active_anon 101998592 [ 2748.538459][T15111] inactive_file 118784 [ 2748.538459][T15111] active_file 65536 [ 2748.538459][T15111] unevictable 0 [ 2748.538459][T15111] slab_reclaimable 3244032 [ 2748.538459][T15111] slab_unreclaimable 6848512 [ 2748.538459][T15111] pgfault 396165 [ 2748.538459][T15111] pgmajfault 0 [ 2748.538459][T15111] workingset_refault 0 [ 2748.538459][T15111] workingset_activate 0 [ 2748.538459][T15111] workingset_nodereclaim 0 [ 2748.538459][T15111] pgrefill 74 [ 2748.538459][T15111] pgscan 1900 [ 2748.538459][T15111] pgsteal 1760 [ 2748.634217][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26770,uid=0 [ 2748.651454][T15111] Memory cgroup out of memory: Killed process 26770 (syz-executor.2) total-vm:72836kB, anon-rss:2216kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2748.671910][ T1058] oom_reaper: reaped process 26770 (syz-executor.2), now anon-rss:0kB, file-rss:34876kB, shmem-rss:0kB [ 2748.678161][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2748.697793][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2748.706839][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2748.717325][T15111] Call Trace: [ 2748.720635][T15111] dump_stack+0x172/0x1f0 [ 2748.724967][T15111] dump_header+0x177/0x1152 [ 2748.729465][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2748.735254][T15111] ? ___ratelimit+0x2c8/0x595 [ 2748.739933][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2748.745764][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2748.751041][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2748.756410][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2748.762062][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2748.767881][T15111] ? ___ratelimit+0x60/0x595 [ 2748.772473][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2748.777677][T15111] oom_kill_process.cold+0x10/0x15 [ 2748.782815][T15111] out_of_memory+0x334/0x1340 [ 2748.788203][T15111] ? lock_downgrade+0x920/0x920 [ 2748.793084][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2748.798905][T15111] ? oom_killer_disable+0x280/0x280 [ 2748.804151][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2748.809702][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2748.814637][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2748.819935][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2748.824838][T15111] try_charge+0xf4b/0x1440 [ 2748.829368][T15111] ? find_held_lock+0x35/0x130 [ 2748.834376][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2748.840065][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2748.845718][T15111] ? find_held_lock+0x35/0x130 [ 2748.850518][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2748.856207][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2748.861802][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2748.867021][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2748.872737][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2748.879046][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2748.884432][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2748.889972][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2748.895697][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2748.900913][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2748.906217][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2748.911237][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.916259][T15111] copy_process+0x3f8/0x6860 [ 2748.920865][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.925909][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2748.930928][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.936007][T15111] ? mark_lock+0xc2/0x1220 [ 2748.940642][T15111] ? __cleanup_sighand+0x60/0x60 [ 2748.945604][T15111] ? find_held_lock+0x35/0x130 [ 2748.950628][T15111] _do_fork+0x146/0xf90 [ 2748.954888][T15111] ? copy_init_mm+0x20/0x20 [ 2748.959442][T15111] ? __kasan_check_read+0x11/0x20 [ 2748.964501][T15111] ? _copy_to_user+0x118/0x160 [ 2748.969314][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2748.975568][T15111] ? put_timespec64+0xda/0x140 [ 2748.980458][T15111] __x64_sys_clone+0x18d/0x250 [ 2748.985333][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2748.990202][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2748.995639][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2749.000701][T15111] do_syscall_64+0xfa/0x760 [ 2749.005346][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2749.011260][T15111] RIP: 0033:0x45802a [ 2749.015148][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2749.035730][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2749.044155][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2749.052129][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2749.060111][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2749.068088][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2749.076171][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2749.088437][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2749.094330][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2749.100920][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2749.107109][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2749.114696][T15111] memory: usage 114756kB, limit 0kB, failcnt 703 [ 2749.121296][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2749.128472][T15111] Memory cgroup stats for /syz2: [ 2749.128664][T15111] anon 99770368 [ 2749.128664][T15111] file 36864 [ 2749.128664][T15111] kernel_stack 1572864 [ 2749.128664][T15111] slab 10092544 [ 2749.128664][T15111] sock 106496 [ 2749.128664][T15111] shmem 0 [ 2749.128664][T15111] file_mapped 0 [ 2749.128664][T15111] file_dirty 135168 [ 2749.128664][T15111] file_writeback 0 [ 2749.128664][T15111] anon_thp 88080384 [ 2749.128664][T15111] inactive_anon 245760 [ 2749.128664][T15111] active_anon 99774464 [ 2749.128664][T15111] inactive_file 118784 [ 2749.128664][T15111] active_file 65536 [ 2749.128664][T15111] unevictable 0 [ 2749.128664][T15111] slab_reclaimable 3244032 [ 2749.128664][T15111] slab_unreclaimable 6848512 [ 2749.128664][T15111] pgfault 396165 [ 2749.128664][T15111] pgmajfault 0 [ 2749.128664][T15111] workingset_refault 0 [ 2749.128664][T15111] workingset_activate 0 [ 2749.128664][T15111] workingset_nodereclaim 0 [ 2749.128664][T15111] pgrefill 74 [ 2749.128664][T15111] pgscan 1900 [ 2749.128664][T15111] pgsteal 1760 [ 2749.224790][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=27073,uid=0 [ 2749.242837][T15111] Memory cgroup out of memory: Killed process 27073 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2749.263311][ T1058] oom_reaper: reaped process 27073 (syz-executor.2), now anon-rss:0kB, file-rss:34876kB, shmem-rss:0kB [ 2749.278680][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2749.290864][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2749.299929][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2749.310102][T15111] Call Trace: [ 2749.313414][T15111] dump_stack+0x172/0x1f0 [ 2749.317748][T15111] dump_header+0x177/0x1152 [ 2749.322255][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2749.328051][T15111] ? ___ratelimit+0x2c8/0x595 [ 2749.332725][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2749.338539][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2749.343824][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2749.348852][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2749.354569][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2749.360513][T15111] ? ___ratelimit+0x60/0x595 [ 2749.365115][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2749.371049][T15111] oom_kill_process.cold+0x10/0x15 [ 2749.376168][T15111] out_of_memory+0x334/0x1340 [ 2749.380849][T15111] ? lock_downgrade+0x920/0x920 [ 2749.385961][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2749.391795][T15111] ? oom_killer_disable+0x280/0x280 [ 2749.397025][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2749.397225][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2749.402605][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2749.408445][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2749.413238][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2749.424667][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2749.429535][T15111] try_charge+0xf4b/0x1440 [ 2749.433937][T15111] ? find_held_lock+0x35/0x130 [ 2749.438708][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2749.444249][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2749.449795][T15111] ? find_held_lock+0x35/0x130 [ 2749.454559][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2749.460158][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2749.465723][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2749.470924][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2749.476912][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2749.482031][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2749.487410][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2749.492972][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2749.498689][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2749.503904][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2749.509199][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2749.514208][T15111] ? __kasan_check_read+0x11/0x20 [ 2749.519234][T15111] copy_process+0x3f8/0x6860 [ 2749.523823][T15111] ? __kasan_check_read+0x11/0x20 [ 2749.529022][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2749.534024][T15111] ? __kasan_check_read+0x11/0x20 [ 2749.539212][T15111] ? mark_lock+0xc2/0x1220 [ 2749.543721][T15111] ? __cleanup_sighand+0x60/0x60 [ 2749.548758][T15111] ? find_held_lock+0x35/0x130 [ 2749.553599][T15111] _do_fork+0x146/0xf90 [ 2749.557756][T15111] ? copy_init_mm+0x20/0x20 [ 2749.562271][T15111] ? __kasan_check_read+0x11/0x20 [ 2749.567291][T15111] ? _copy_to_user+0x118/0x160 [ 2749.572041][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2749.578282][T15111] ? put_timespec64+0xda/0x140 [ 2749.583048][T15111] __x64_sys_clone+0x18d/0x250 [ 2749.587797][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2749.592633][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2749.597917][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2749.602951][T15111] do_syscall_64+0xfa/0x760 [ 2749.607545][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2749.615096][T15111] RIP: 0033:0x45802a [ 2749.619000][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2749.638616][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2749.647052][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2749.655015][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2749.662979][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2749.671032][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2749.679017][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2749.691227][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2749.697226][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2749.704356][T15111] memory: usage 112428kB, limit 0kB, failcnt 709 [ 2749.710871][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2749.717923][T15111] Memory cgroup stats for /syz2: [ 2749.718079][T15111] anon 97611776 [ 2749.718079][T15111] file 36864 [ 2749.718079][T15111] kernel_stack 1507328 [ 2749.718079][T15111] slab 10092544 [ 2749.718079][T15111] sock 106496 [ 2749.718079][T15111] shmem 0 [ 2749.718079][T15111] file_mapped 0 [ 2749.718079][T15111] file_dirty 135168 [ 2749.718079][T15111] file_writeback 0 [ 2749.718079][T15111] anon_thp 85983232 [ 2749.718079][T15111] inactive_anon 245760 [ 2749.718079][T15111] active_anon 97615872 [ 2749.718079][T15111] inactive_file 118784 [ 2749.718079][T15111] active_file 65536 [ 2749.718079][T15111] unevictable 0 [ 2749.718079][T15111] slab_reclaimable 3244032 [ 2749.718079][T15111] slab_unreclaimable 6848512 [ 2749.718079][T15111] pgfault 396165 [ 2749.718079][T15111] pgmajfault 0 [ 2749.718079][T15111] workingset_refault 0 [ 2749.718079][T15111] workingset_activate 0 [ 2749.718079][T15111] workingset_nodereclaim 0 [ 2749.718079][T15111] pgrefill 74 [ 2749.718079][T15111] pgscan 1900 [ 2749.718079][T15111] pgsteal 1760 [ 2749.814347][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26994,uid=0 [ 2749.833475][T15111] Memory cgroup out of memory: Killed process 26994 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2749.862041][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2749.874107][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2749.885833][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2749.895881][T15111] Call Trace: [ 2749.899174][T15111] dump_stack+0x172/0x1f0 [ 2749.903492][T15111] dump_header+0x177/0x1152 [ 2749.907980][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2749.913801][T15111] ? ___ratelimit+0x2c8/0x595 [ 2749.918463][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2749.924261][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2749.929532][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2749.934544][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2749.940166][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2749.945957][T15111] ? ___ratelimit+0x60/0x595 [ 2749.950530][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2749.955628][T15111] oom_kill_process.cold+0x10/0x15 [ 2749.960739][T15111] out_of_memory+0x334/0x1340 [ 2749.965404][T15111] ? lock_downgrade+0x920/0x920 [ 2749.970262][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2749.976677][T15111] ? oom_killer_disable+0x280/0x280 [ 2749.981894][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2749.987437][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2749.992363][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2749.997527][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2750.003081][T15111] try_charge+0xf4b/0x1440 [ 2750.007585][T15111] ? find_held_lock+0x35/0x130 [ 2750.012354][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2750.017888][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2750.023424][T15111] ? find_held_lock+0x35/0x130 [ 2750.028195][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2750.033749][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2750.039285][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2750.044486][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2750.050037][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2750.055145][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2750.060505][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2750.066061][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2750.071765][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2750.076957][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2750.082256][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2750.087280][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.092298][T15111] copy_process+0x3f8/0x6860 [ 2750.097161][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.102532][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2750.107801][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.113012][T15111] ? mark_lock+0xc2/0x1220 [ 2750.117433][T15111] ? __cleanup_sighand+0x60/0x60 [ 2750.122356][T15111] ? find_held_lock+0x35/0x130 [ 2750.127113][T15111] _do_fork+0x146/0xf90 [ 2750.131262][T15111] ? copy_init_mm+0x20/0x20 [ 2750.135751][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.140788][T15111] ? _copy_to_user+0x118/0x160 [ 2750.145542][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2750.151806][T15111] ? put_timespec64+0xda/0x140 [ 2750.156573][T15111] __x64_sys_clone+0x18d/0x250 [ 2750.161428][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2750.166361][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2750.171655][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2750.176685][T15111] do_syscall_64+0xfa/0x760 [ 2750.181216][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2750.187299][T15111] RIP: 0033:0x45802a [ 2750.191210][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2750.210961][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2750.219385][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2750.227342][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2750.235299][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2750.243269][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2750.251226][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2750.260356][T15111] memory: usage 110100kB, limit 0kB, failcnt 715 [ 2750.267352][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2750.274221][T15111] Memory cgroup stats for /syz2: [ 2750.274357][T15111] anon 95330304 [ 2750.274357][T15111] file 36864 [ 2750.274357][T15111] kernel_stack 1507328 [ 2750.274357][T15111] slab 10092544 [ 2750.274357][T15111] sock 106496 [ 2750.274357][T15111] shmem 0 [ 2750.274357][T15111] file_mapped 0 [ 2750.274357][T15111] file_dirty 135168 [ 2750.274357][T15111] file_writeback 0 [ 2750.274357][T15111] anon_thp 83886080 [ 2750.274357][T15111] inactive_anon 245760 [ 2750.274357][T15111] active_anon 95334400 [ 2750.274357][T15111] inactive_file 118784 [ 2750.274357][T15111] active_file 65536 [ 2750.274357][T15111] unevictable 0 [ 2750.274357][T15111] slab_reclaimable 3244032 [ 2750.274357][T15111] slab_unreclaimable 6848512 [ 2750.274357][T15111] pgfault 396165 [ 2750.274357][T15111] pgmajfault 0 [ 2750.274357][T15111] workingset_refault 0 [ 2750.274357][T15111] workingset_activate 0 [ 2750.274357][T15111] workingset_nodereclaim 0 [ 2750.274357][T15111] pgrefill 74 [ 2750.274357][T15111] pgscan 1900 [ 2750.274357][T15111] pgsteal 1760 [ 2750.369526][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26855,uid=0 [ 2750.385115][T15111] Memory cgroup out of memory: Killed process 26855 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35836kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2750.405214][ T1058] oom_reaper: reaped process 26855 (syz-executor.2), now anon-rss:0kB, file-rss:34876kB, shmem-rss:0kB [ 2750.406906][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2750.429610][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2750.438653][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2750.448729][T15111] Call Trace: [ 2750.452023][T15111] dump_stack+0x172/0x1f0 [ 2750.456347][T15111] dump_header+0x177/0x1152 [ 2750.460881][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2750.466699][T15111] ? ___ratelimit+0x2c8/0x595 [ 2750.471362][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2750.477168][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2750.482467][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2750.487502][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2750.493142][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2750.498957][T15111] ? ___ratelimit+0x60/0x595 [ 2750.503541][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2750.508641][T15111] oom_kill_process.cold+0x10/0x15 [ 2750.513754][T15111] out_of_memory+0x334/0x1340 [ 2750.518424][T15111] ? lock_downgrade+0x920/0x920 [ 2750.523286][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2750.529076][T15111] ? oom_killer_disable+0x280/0x280 [ 2750.534261][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2750.539817][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2750.544751][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2750.549880][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2750.554735][T15111] try_charge+0xf4b/0x1440 [ 2750.559152][T15111] ? find_held_lock+0x35/0x130 [ 2750.563926][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2750.569461][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2750.574994][T15111] ? find_held_lock+0x35/0x130 [ 2750.579787][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2750.585388][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2750.590938][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2750.596124][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2750.601779][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2750.606903][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2750.612268][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2750.617811][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2750.623560][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2750.628794][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2750.634258][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2750.639287][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.644319][T15111] copy_process+0x3f8/0x6860 [ 2750.648905][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.653924][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2750.658944][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.663972][T15111] ? mark_lock+0xc2/0x1220 [ 2750.668442][T15111] ? __cleanup_sighand+0x60/0x60 [ 2750.673740][T15111] ? find_held_lock+0x35/0x130 [ 2750.678518][T15111] _do_fork+0x146/0xf90 [ 2750.682771][T15111] ? copy_init_mm+0x20/0x20 [ 2750.688316][T15111] ? __kasan_check_read+0x11/0x20 [ 2750.693422][T15111] ? _copy_to_user+0x118/0x160 [ 2750.698445][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2750.704768][T15111] ? put_timespec64+0xda/0x140 [ 2750.709528][T15111] __x64_sys_clone+0x18d/0x250 [ 2750.714296][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2750.719180][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2750.724756][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2750.729800][T15111] do_syscall_64+0xfa/0x760 [ 2750.734475][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2750.740373][T15111] RIP: 0033:0x45802a [ 2750.744278][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2750.764047][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2750.772450][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2750.780418][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2750.788445][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2750.796409][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2750.804365][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2750.817144][T15111] memory: usage 107764kB, limit 0kB, failcnt 721 [ 2750.823512][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2750.831628][T15111] Memory cgroup stats for /syz2: [ 2750.831718][T15111] anon 93196288 [ 2750.831718][T15111] file 36864 [ 2750.831718][T15111] kernel_stack 1507328 [ 2750.831718][T15111] slab 10092544 [ 2750.831718][T15111] sock 106496 [ 2750.831718][T15111] shmem 0 [ 2750.831718][T15111] file_mapped 0 [ 2750.831718][T15111] file_dirty 135168 [ 2750.831718][T15111] file_writeback 0 [ 2750.831718][T15111] anon_thp 81788928 [ 2750.831718][T15111] inactive_anon 245760 [ 2750.831718][T15111] active_anon 93200384 [ 2750.831718][T15111] inactive_file 118784 [ 2750.831718][T15111] active_file 65536 [ 2750.831718][T15111] unevictable 0 [ 2750.831718][T15111] slab_reclaimable 3244032 [ 2750.831718][T15111] slab_unreclaimable 6848512 [ 2750.831718][T15111] pgfault 396165 [ 2750.831718][T15111] pgmajfault 0 [ 2750.831718][T15111] workingset_refault 0 [ 2750.831718][T15111] workingset_activate 0 [ 2750.831718][T15111] workingset_nodereclaim 0 [ 2750.831718][T15111] pgrefill 74 [ 2750.831718][T15111] pgscan 1900 [ 2750.831718][T15111] pgsteal 1760 [ 2750.929300][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23549,uid=0 [ 2750.945372][T15111] Memory cgroup out of memory: Killed process 23549 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35832kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2750.965128][ T1058] oom_reaper: reaped process 23549 (syz-executor.2), now anon-rss:0kB, file-rss:34872kB, shmem-rss:0kB [ 2750.973756][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2750.992933][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2751.002985][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2751.013169][T15111] Call Trace: [ 2751.016587][T15111] dump_stack+0x172/0x1f0 [ 2751.020922][T15111] dump_header+0x177/0x1152 [ 2751.025427][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2751.031218][T15111] ? ___ratelimit+0x2c8/0x595 [ 2751.035883][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2751.044404][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2751.049689][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2751.054743][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2751.060447][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2751.066251][T15111] ? ___ratelimit+0x60/0x595 [ 2751.070843][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2751.075945][T15111] oom_kill_process.cold+0x10/0x15 [ 2751.081046][T15111] out_of_memory+0x334/0x1340 [ 2751.085712][T15111] ? lock_downgrade+0x920/0x920 [ 2751.090704][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2751.096562][T15111] ? oom_killer_disable+0x280/0x280 [ 2751.101832][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2751.107565][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2751.112521][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2751.117675][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2751.122666][T15111] try_charge+0xf4b/0x1440 [ 2751.127111][T15111] ? find_held_lock+0x35/0x130 [ 2751.131906][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2751.137495][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2751.143103][T15111] ? find_held_lock+0x35/0x130 [ 2751.147910][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2751.153491][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2751.159047][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2751.164254][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2751.169808][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2751.174908][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2751.180290][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2751.185861][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2751.191704][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2751.196907][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2751.202182][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2751.207191][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.212206][T15111] copy_process+0x3f8/0x6860 [ 2751.216855][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.221893][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2751.226994][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.232017][T15111] ? mark_lock+0xc2/0x1220 [ 2751.236425][T15111] ? __cleanup_sighand+0x60/0x60 [ 2751.241348][T15111] ? find_held_lock+0x35/0x130 [ 2751.246106][T15111] _do_fork+0x146/0xf90 [ 2751.250255][T15111] ? copy_init_mm+0x20/0x20 [ 2751.254749][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.259848][T15111] ? _copy_to_user+0x118/0x160 [ 2751.264601][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2751.270852][T15111] ? put_timespec64+0xda/0x140 [ 2751.275639][T15111] __x64_sys_clone+0x18d/0x250 [ 2751.280412][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2751.285358][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2751.290630][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2751.295643][T15111] do_syscall_64+0xfa/0x760 [ 2751.300223][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2751.306094][T15111] RIP: 0033:0x45802a [ 2751.309989][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2751.329587][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2751.337989][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2751.345951][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2751.353924][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2751.361881][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2751.369942][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2751.383330][T15111] memory: usage 105448kB, limit 0kB, failcnt 727 [ 2751.389832][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2751.396815][T15111] Memory cgroup stats for /syz2: [ 2751.396937][T15111] anon 90923008 [ 2751.396937][T15111] file 36864 [ 2751.396937][T15111] kernel_stack 1441792 [ 2751.396937][T15111] slab 10092544 [ 2751.396937][T15111] sock 106496 [ 2751.396937][T15111] shmem 0 [ 2751.396937][T15111] file_mapped 0 [ 2751.396937][T15111] file_dirty 135168 [ 2751.396937][T15111] file_writeback 0 [ 2751.396937][T15111] anon_thp 79691776 [ 2751.396937][T15111] inactive_anon 245760 [ 2751.396937][T15111] active_anon 90939392 [ 2751.396937][T15111] inactive_file 118784 [ 2751.396937][T15111] active_file 65536 [ 2751.396937][T15111] unevictable 0 [ 2751.396937][T15111] slab_reclaimable 3244032 [ 2751.396937][T15111] slab_unreclaimable 6848512 [ 2751.396937][T15111] pgfault 396165 [ 2751.396937][T15111] pgmajfault 0 [ 2751.396937][T15111] workingset_refault 0 [ 2751.396937][T15111] workingset_activate 0 [ 2751.396937][T15111] workingset_nodereclaim 0 [ 2751.396937][T15111] pgrefill 74 [ 2751.396937][T15111] pgscan 1900 [ 2751.396937][T15111] pgsteal 1760 [ 2751.492438][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23431,uid=0 [ 2751.509992][T15111] Memory cgroup out of memory: Killed process 23431 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35832kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2751.529877][ T1058] oom_reaper: reaped process 23431 (syz-executor.2), now anon-rss:0kB, file-rss:34872kB, shmem-rss:0kB [ 2751.532147][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2751.553265][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2751.562298][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2751.572365][T15111] Call Trace: [ 2751.575670][T15111] dump_stack+0x172/0x1f0 [ 2751.580013][T15111] dump_header+0x177/0x1152 [ 2751.584521][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2751.590327][T15111] ? ___ratelimit+0x2c8/0x595 [ 2751.595003][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2751.601449][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2751.606898][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2751.612000][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2751.617662][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2751.623750][T15111] ? ___ratelimit+0x60/0x595 [ 2751.628859][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2751.633981][T15111] oom_kill_process.cold+0x10/0x15 [ 2751.639288][T15111] out_of_memory+0x334/0x1340 [ 2751.643971][T15111] ? lock_downgrade+0x920/0x920 [ 2751.648819][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2751.654611][T15111] ? oom_killer_disable+0x280/0x280 [ 2751.659825][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2751.665380][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2751.670336][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2751.675719][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2751.680579][T15111] try_charge+0xf4b/0x1440 [ 2751.684997][T15111] ? find_held_lock+0x35/0x130 [ 2751.689761][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2751.695464][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2751.701014][T15111] ? find_held_lock+0x35/0x130 [ 2751.705965][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2751.711593][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2751.717424][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2751.722661][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2751.728351][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2751.733463][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2751.738866][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2751.744424][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2751.750139][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2751.755354][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2751.760647][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2751.765697][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.770744][T15111] copy_process+0x3f8/0x6860 [ 2751.775331][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.780374][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2751.785470][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.790541][T15111] ? mark_lock+0xc2/0x1220 [ 2751.795740][T15111] ? __cleanup_sighand+0x60/0x60 [ 2751.800700][T15111] ? find_held_lock+0x35/0x130 [ 2751.805494][T15111] _do_fork+0x146/0xf90 [ 2751.809665][T15111] ? copy_init_mm+0x20/0x20 [ 2751.814176][T15111] ? __kasan_check_read+0x11/0x20 [ 2751.819306][T15111] ? _copy_to_user+0x118/0x160 [ 2751.824083][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2751.830366][T15111] ? put_timespec64+0xda/0x140 [ 2751.835191][T15111] __x64_sys_clone+0x18d/0x250 [ 2751.839980][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2751.844855][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2751.850132][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2751.855354][T15111] do_syscall_64+0xfa/0x760 [ 2751.859895][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2751.866109][T15111] RIP: 0033:0x45802a [ 2751.870008][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2751.890481][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2751.898908][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2751.907539][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2751.915573][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2751.923560][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2751.931829][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2751.945616][T15111] memory: usage 103132kB, limit 0kB, failcnt 733 [ 2751.952329][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2751.959611][T15111] Memory cgroup stats for /syz2: [ 2751.959736][T15111] anon 88739840 [ 2751.959736][T15111] file 36864 [ 2751.959736][T15111] kernel_stack 1441792 [ 2751.959736][T15111] slab 10092544 [ 2751.959736][T15111] sock 106496 [ 2751.959736][T15111] shmem 0 [ 2751.959736][T15111] file_mapped 0 [ 2751.959736][T15111] file_dirty 135168 [ 2751.959736][T15111] file_writeback 0 [ 2751.959736][T15111] anon_thp 77594624 [ 2751.959736][T15111] inactive_anon 245760 [ 2751.959736][T15111] active_anon 88756224 [ 2751.959736][T15111] inactive_file 118784 [ 2751.959736][T15111] active_file 65536 [ 2751.959736][T15111] unevictable 0 [ 2751.959736][T15111] slab_reclaimable 3244032 [ 2751.959736][T15111] slab_unreclaimable 6848512 [ 2751.959736][T15111] pgfault 396165 [ 2751.959736][T15111] pgmajfault 0 [ 2751.959736][T15111] workingset_refault 0 [ 2751.959736][T15111] workingset_activate 0 [ 2751.959736][T15111] workingset_nodereclaim 0 [ 2751.959736][T15111] pgrefill 74 [ 2751.959736][T15111] pgscan 1900 [ 2751.959736][T15111] pgsteal 1760 [ 2752.055125][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23485,uid=0 [ 2752.071959][T15111] Memory cgroup out of memory: Killed process 23485 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35828kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2752.092349][ T1058] oom_reaper: reaped process 23485 (syz-executor.2), now anon-rss:0kB, file-rss:34868kB, shmem-rss:0kB [ 2752.093467][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2752.116816][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2752.125852][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2752.136155][T15111] Call Trace: [ 2752.139595][T15111] dump_stack+0x172/0x1f0 [ 2752.143968][T15111] dump_header+0x177/0x1152 [ 2752.148627][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2752.154516][T15111] ? ___ratelimit+0x2c8/0x595 [ 2752.159211][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2752.165384][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2752.170692][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2752.175830][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2752.181706][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2752.187604][T15111] ? ___ratelimit+0x60/0x595 [ 2752.192333][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2752.198444][T15111] oom_kill_process.cold+0x10/0x15 [ 2752.203573][T15111] out_of_memory+0x334/0x1340 [ 2752.208254][T15111] ? lock_downgrade+0x920/0x920 [ 2752.213144][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2752.218989][T15111] ? oom_killer_disable+0x280/0x280 [ 2752.224207][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2752.229798][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2752.234787][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2752.239904][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2752.244774][T15111] try_charge+0xf4b/0x1440 [ 2752.249213][T15111] ? find_held_lock+0x35/0x130 [ 2752.254008][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2752.259664][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2752.265204][T15111] ? find_held_lock+0x35/0x130 [ 2752.269990][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2752.275729][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2752.281291][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2752.286477][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2752.292018][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2752.297126][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2752.302497][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2752.308041][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2752.313757][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2752.318994][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2752.324331][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2752.329365][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.334415][T15111] copy_process+0x3f8/0x6860 [ 2752.339016][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.344042][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2752.349163][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.354400][T15111] ? mark_lock+0xc2/0x1220 [ 2752.358848][T15111] ? __cleanup_sighand+0x60/0x60 [ 2752.363800][T15111] ? find_held_lock+0x35/0x130 [ 2752.369115][T15111] _do_fork+0x146/0xf90 [ 2752.373281][T15111] ? copy_init_mm+0x20/0x20 [ 2752.377881][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.382905][T15111] ? _copy_to_user+0x118/0x160 [ 2752.387703][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2752.394015][T15111] ? put_timespec64+0xda/0x140 [ 2752.398879][T15111] __x64_sys_clone+0x18d/0x250 [ 2752.404216][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2752.409098][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2752.414396][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2752.419416][T15111] do_syscall_64+0xfa/0x760 [ 2752.423909][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2752.429797][T15111] RIP: 0033:0x45802a [ 2752.433703][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2752.453323][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2752.461730][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2752.469718][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2752.477845][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2752.485837][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2752.493813][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2752.507481][T15111] memory: usage 100812kB, limit 0kB, failcnt 739 [ 2752.513951][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2752.521096][T15111] Memory cgroup stats for /syz2: [ 2752.521199][T15111] anon 86556672 [ 2752.521199][T15111] file 36864 [ 2752.521199][T15111] kernel_stack 1376256 [ 2752.521199][T15111] slab 10092544 [ 2752.521199][T15111] sock 106496 [ 2752.521199][T15111] shmem 0 [ 2752.521199][T15111] file_mapped 0 [ 2752.521199][T15111] file_dirty 135168 [ 2752.521199][T15111] file_writeback 0 [ 2752.521199][T15111] anon_thp 75497472 [ 2752.521199][T15111] inactive_anon 245760 [ 2752.521199][T15111] active_anon 86573056 [ 2752.521199][T15111] inactive_file 118784 [ 2752.521199][T15111] active_file 65536 [ 2752.521199][T15111] unevictable 0 [ 2752.521199][T15111] slab_reclaimable 3244032 [ 2752.521199][T15111] slab_unreclaimable 6848512 [ 2752.521199][T15111] pgfault 396165 [ 2752.521199][T15111] pgmajfault 0 [ 2752.521199][T15111] workingset_refault 0 [ 2752.521199][T15111] workingset_activate 0 [ 2752.521199][T15111] workingset_nodereclaim 0 [ 2752.521199][T15111] pgrefill 74 [ 2752.521199][T15111] pgscan 1900 [ 2752.521199][T15111] pgsteal 1760 [ 2752.618534][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23507,uid=0 [ 2752.634492][T15111] Memory cgroup out of memory: Killed process 23507 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35824kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2752.655600][ T1058] oom_reaper: reaped process 23507 (syz-executor.2), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB [ 2752.656658][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2752.679337][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2752.688428][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2752.698520][T15111] Call Trace: [ 2752.701944][T15111] dump_stack+0x172/0x1f0 [ 2752.706267][T15111] dump_header+0x177/0x1152 [ 2752.710792][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2752.716649][T15111] ? ___ratelimit+0x2c8/0x595 [ 2752.721344][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2752.727312][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2752.732621][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2752.737665][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2752.743429][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2752.749263][T15111] ? ___ratelimit+0x60/0x595 [ 2752.753948][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2752.759057][T15111] oom_kill_process.cold+0x10/0x15 [ 2752.764180][T15111] out_of_memory+0x334/0x1340 [ 2752.768866][T15111] ? lock_downgrade+0x920/0x920 [ 2752.773725][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2752.779608][T15111] ? oom_killer_disable+0x280/0x280 [ 2752.784811][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2752.790371][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2752.795353][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2752.800460][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2752.805336][T15111] try_charge+0xf4b/0x1440 [ 2752.809753][T15111] ? find_held_lock+0x35/0x130 [ 2752.814549][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2752.820079][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2752.826312][T15111] ? find_held_lock+0x35/0x130 [ 2752.831084][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2752.836728][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2752.842281][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2752.847507][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2752.853053][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2752.858162][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2752.863672][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2752.869221][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2752.874944][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2752.880157][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2752.885429][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2752.890453][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.895485][T15111] copy_process+0x3f8/0x6860 [ 2752.900071][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.905083][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2752.910137][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.915278][T15111] ? mark_lock+0xc2/0x1220 [ 2752.919692][T15111] ? __cleanup_sighand+0x60/0x60 [ 2752.924651][T15111] ? find_held_lock+0x35/0x130 [ 2752.929450][T15111] _do_fork+0x146/0xf90 [ 2752.933616][T15111] ? copy_init_mm+0x20/0x20 [ 2752.938140][T15111] ? __kasan_check_read+0x11/0x20 [ 2752.943164][T15111] ? _copy_to_user+0x118/0x160 [ 2752.947939][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2752.954186][T15111] ? put_timespec64+0xda/0x140 [ 2752.958950][T15111] __x64_sys_clone+0x18d/0x250 [ 2752.963702][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2752.968565][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2752.973850][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2752.978877][T15111] do_syscall_64+0xfa/0x760 [ 2752.983366][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2752.989252][T15111] RIP: 0033:0x45802a [ 2752.993154][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2753.014246][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2753.022779][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2753.031451][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2753.039421][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2753.047396][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2753.055941][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2753.069854][T15111] memory: usage 98496kB, limit 0kB, failcnt 745 [ 2753.076761][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2753.083785][T15111] Memory cgroup stats for /syz2: [ 2753.083915][T15111] anon 84353024 [ 2753.083915][T15111] file 36864 [ 2753.083915][T15111] kernel_stack 1376256 [ 2753.083915][T15111] slab 10092544 [ 2753.083915][T15111] sock 106496 [ 2753.083915][T15111] shmem 0 [ 2753.083915][T15111] file_mapped 0 [ 2753.083915][T15111] file_dirty 135168 [ 2753.083915][T15111] file_writeback 0 [ 2753.083915][T15111] anon_thp 73400320 [ 2753.083915][T15111] inactive_anon 245760 [ 2753.083915][T15111] active_anon 84369408 [ 2753.083915][T15111] inactive_file 118784 [ 2753.083915][T15111] active_file 65536 [ 2753.083915][T15111] unevictable 0 [ 2753.083915][T15111] slab_reclaimable 3244032 [ 2753.083915][T15111] slab_unreclaimable 6848512 [ 2753.083915][T15111] pgfault 396165 [ 2753.083915][T15111] pgmajfault 0 [ 2753.083915][T15111] workingset_refault 0 [ 2753.083915][T15111] workingset_activate 0 [ 2753.083915][T15111] workingset_nodereclaim 0 [ 2753.083915][T15111] pgrefill 74 [ 2753.083915][T15111] pgscan 1900 [ 2753.083915][T15111] pgsteal 1760 [ 2753.179507][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=31044,uid=0 [ 2753.195338][T15111] Memory cgroup out of memory: Killed process 31044 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35808kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2753.216862][ T1058] oom_reaper: reaped process 31044 (syz-executor.2), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB [ 2753.217553][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2753.248187][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2753.257228][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2753.267294][T15111] Call Trace: [ 2753.270602][T15111] dump_stack+0x172/0x1f0 [ 2753.274951][T15111] dump_header+0x177/0x1152 [ 2753.279588][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2753.285426][T15111] ? ___ratelimit+0x2c8/0x595 [ 2753.290119][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2753.295972][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2753.301269][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2753.306331][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2753.311989][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2753.317943][T15111] ? ___ratelimit+0x60/0x595 [ 2753.322702][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2753.327843][T15111] oom_kill_process.cold+0x10/0x15 [ 2753.332977][T15111] out_of_memory+0x334/0x1340 [ 2753.337650][T15111] ? lock_downgrade+0x920/0x920 [ 2753.342510][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2753.348312][T15111] ? oom_killer_disable+0x280/0x280 [ 2753.353526][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2753.359072][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2753.364010][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2753.369153][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2753.374134][T15111] try_charge+0xf4b/0x1440 [ 2753.378560][T15111] ? find_held_lock+0x35/0x130 [ 2753.383327][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2753.388872][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2753.394430][T15111] ? find_held_lock+0x35/0x130 [ 2753.399218][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2753.404774][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2753.410346][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2753.415578][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2753.421115][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2753.426227][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2753.431598][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2753.437233][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2753.442936][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2753.448145][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2753.453428][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2753.458436][T15111] ? __kasan_check_read+0x11/0x20 [ 2753.463472][T15111] copy_process+0x3f8/0x6860 [ 2753.468087][T15111] ? __kasan_check_read+0x11/0x20 [ 2753.473137][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2753.478157][T15111] ? __kasan_check_read+0x11/0x20 [ 2753.483191][T15111] ? mark_lock+0xc2/0x1220 [ 2753.487631][T15111] ? __cleanup_sighand+0x60/0x60 [ 2753.492571][T15111] ? find_held_lock+0x35/0x130 [ 2753.497339][T15111] _do_fork+0x146/0xf90 [ 2753.501518][T15111] ? copy_init_mm+0x20/0x20 [ 2753.506067][T15111] ? __kasan_check_read+0x11/0x20 [ 2753.511106][T15111] ? _copy_to_user+0x118/0x160 [ 2753.515899][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2753.522400][T15111] ? put_timespec64+0xda/0x140 [ 2753.527198][T15111] __x64_sys_clone+0x18d/0x250 [ 2753.531979][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2753.536843][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2753.542125][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2753.547155][T15111] do_syscall_64+0xfa/0x760 [ 2753.551676][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2753.557147][ C1] net_ratelimit: 12 callbacks suppressed [ 2753.557157][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2753.557574][T15111] RIP: 0033:0x45802a [ 2753.557590][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2753.563285][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2753.568913][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2753.568925][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2753.568932][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2753.568938][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2753.568945][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2753.568951][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2753.572474][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2753.653744][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2753.659744][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2753.665652][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2753.673684][T15111] memory: usage 96148kB, limit 0kB, failcnt 751 [ 2753.680144][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2753.687221][T15111] Memory cgroup stats for /syz2: [ 2753.687330][T15111] anon 82145280 [ 2753.687330][T15111] file 36864 [ 2753.687330][T15111] kernel_stack 1310720 [ 2753.687330][T15111] slab 10092544 [ 2753.687330][T15111] sock 106496 [ 2753.687330][T15111] shmem 0 [ 2753.687330][T15111] file_mapped 0 [ 2753.687330][T15111] file_dirty 135168 [ 2753.687330][T15111] file_writeback 0 [ 2753.687330][T15111] anon_thp 71303168 [ 2753.687330][T15111] inactive_anon 245760 [ 2753.687330][T15111] active_anon 82161664 [ 2753.687330][T15111] inactive_file 118784 [ 2753.687330][T15111] active_file 65536 [ 2753.687330][T15111] unevictable 0 [ 2753.687330][T15111] slab_reclaimable 3244032 [ 2753.687330][T15111] slab_unreclaimable 6848512 [ 2753.687330][T15111] pgfault 396165 [ 2753.687330][T15111] pgmajfault 0 [ 2753.687330][T15111] workingset_refault 0 [ 2753.687330][T15111] workingset_activate 0 [ 2753.687330][T15111] workingset_nodereclaim 0 [ 2753.687330][T15111] pgrefill 74 [ 2753.687330][T15111] pgscan 1900 [ 2753.687330][T15111] pgsteal 1760 [ 2753.783032][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26850,uid=0 [ 2753.802402][T15111] Memory cgroup out of memory: Killed process 26850 (syz-executor.2) total-vm:72572kB, anon-rss:2188kB, file-rss:35824kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2753.829337][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2753.841527][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2753.850550][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2753.860924][T15111] Call Trace: [ 2753.864226][T15111] dump_stack+0x172/0x1f0 [ 2753.868581][T15111] dump_header+0x177/0x1152 [ 2753.873262][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2753.879079][T15111] ? ___ratelimit+0x2c8/0x595 [ 2753.883769][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2753.889592][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2753.894872][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2753.899883][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2753.905506][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2753.911322][T15111] ? ___ratelimit+0x60/0x595 [ 2753.915917][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2753.921156][T15111] oom_kill_process.cold+0x10/0x15 [ 2753.926263][T15111] out_of_memory+0x334/0x1340 [ 2753.930931][T15111] ? lock_downgrade+0x920/0x920 [ 2753.935773][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2753.941571][T15111] ? oom_killer_disable+0x280/0x280 [ 2753.946764][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2753.952296][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2753.957221][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2753.962323][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2753.967159][T15111] try_charge+0xf4b/0x1440 [ 2753.971561][T15111] ? find_held_lock+0x35/0x130 [ 2753.976319][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2753.981864][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2753.987557][T15111] ? find_held_lock+0x35/0x130 [ 2753.992503][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2753.998061][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2754.003600][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2754.008808][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2754.014353][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2754.020433][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2754.025820][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2754.031385][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2754.037112][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2754.042306][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2754.047583][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2754.052587][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.057597][T15111] copy_process+0x3f8/0x6860 [ 2754.062189][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.067205][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2754.072213][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.077224][T15111] ? mark_lock+0xc2/0x1220 [ 2754.081628][T15111] ? __cleanup_sighand+0x60/0x60 [ 2754.086547][T15111] ? find_held_lock+0x35/0x130 [ 2754.091302][T15111] _do_fork+0x146/0xf90 [ 2754.095459][T15111] ? copy_init_mm+0x20/0x20 [ 2754.099950][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.104965][T15111] ? _copy_to_user+0x118/0x160 [ 2754.109719][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2754.115964][T15111] ? put_timespec64+0xda/0x140 [ 2754.120724][T15111] __x64_sys_clone+0x18d/0x250 [ 2754.125510][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2754.130389][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2754.136201][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2754.141222][T15111] do_syscall_64+0xfa/0x760 [ 2754.145804][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2754.151955][T15111] RIP: 0033:0x45802a [ 2754.155863][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2754.175486][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2754.183902][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2754.191860][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2754.199816][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2754.207774][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2754.215730][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2754.225294][T15111] memory: usage 93840kB, limit 0kB, failcnt 757 [ 2754.227304][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2754.231893][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2754.237878][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2754.244728][T15111] Memory cgroup stats for /syz2: [ 2754.244855][T15111] anon 79904768 [ 2754.244855][T15111] file 36864 [ 2754.244855][T15111] kernel_stack 1245184 [ 2754.244855][T15111] slab 10092544 [ 2754.244855][T15111] sock 106496 [ 2754.244855][T15111] shmem 0 [ 2754.244855][T15111] file_mapped 0 [ 2754.244855][T15111] file_dirty 135168 [ 2754.244855][T15111] file_writeback 0 [ 2754.244855][T15111] anon_thp 71303168 [ 2754.244855][T15111] inactive_anon 245760 [ 2754.244855][T15111] active_anon 79998976 [ 2754.244855][T15111] inactive_file 118784 [ 2754.244855][T15111] active_file 65536 [ 2754.244855][T15111] unevictable 0 [ 2754.244855][T15111] slab_reclaimable 3244032 [ 2754.244855][T15111] slab_unreclaimable 6848512 [ 2754.244855][T15111] pgfault 396165 [ 2754.244855][T15111] pgmajfault 0 [ 2754.244855][T15111] workingset_refault 0 [ 2754.244855][T15111] workingset_activate 0 [ 2754.244855][T15111] workingset_nodereclaim 0 [ 2754.244855][T15111] pgrefill 74 [ 2754.244855][T15111] pgscan 1900 [ 2754.244855][T15111] pgsteal 1760 [ 2754.346895][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26826,uid=0 [ 2754.363160][T15111] Memory cgroup out of memory: Killed process 26826 (syz-executor.2) total-vm:72572kB, anon-rss:2188kB, file-rss:35824kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2754.385506][ T1058] oom_reaper: reaped process 26826 (syz-executor.2), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB [ 2754.386102][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2754.410213][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2754.419242][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2754.429301][T15111] Call Trace: [ 2754.432640][T15111] dump_stack+0x172/0x1f0 [ 2754.436967][T15111] dump_header+0x177/0x1152 [ 2754.441745][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2754.447717][T15111] ? ___ratelimit+0x2c8/0x595 [ 2754.453262][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2754.459441][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2754.464771][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2754.469933][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2754.475592][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2754.481478][T15111] ? ___ratelimit+0x60/0x595 [ 2754.486068][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2754.491190][T15111] oom_kill_process.cold+0x10/0x15 [ 2754.497388][T15111] out_of_memory+0x334/0x1340 [ 2754.502063][T15111] ? lock_downgrade+0x920/0x920 [ 2754.506912][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2754.512742][T15111] ? oom_killer_disable+0x280/0x280 [ 2754.517957][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2754.523874][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2754.528921][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2754.534042][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2754.538888][T15111] try_charge+0xf4b/0x1440 [ 2754.543299][T15111] ? find_held_lock+0x35/0x130 [ 2754.548067][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2754.553658][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2754.560063][T15111] ? find_held_lock+0x35/0x130 [ 2754.565064][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2754.570650][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2754.576230][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2754.581417][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2754.586958][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2754.592948][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2754.598325][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2754.603857][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2754.609572][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2754.614793][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2754.620068][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2754.625080][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.630112][T15111] copy_process+0x3f8/0x6860 [ 2754.634735][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.639754][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2754.644771][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.649792][T15111] ? mark_lock+0xc2/0x1220 [ 2754.654232][T15111] ? __cleanup_sighand+0x60/0x60 [ 2754.659162][T15111] ? find_held_lock+0x35/0x130 [ 2754.663941][T15111] _do_fork+0x146/0xf90 [ 2754.668098][T15111] ? copy_init_mm+0x20/0x20 [ 2754.672702][T15111] ? __kasan_check_read+0x11/0x20 [ 2754.677732][T15111] ? _copy_to_user+0x118/0x160 [ 2754.682499][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2754.688856][T15111] ? put_timespec64+0xda/0x140 [ 2754.693669][T15111] __x64_sys_clone+0x18d/0x250 [ 2754.698731][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2754.703663][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2754.708984][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2754.714097][T15111] do_syscall_64+0xfa/0x760 [ 2754.718653][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2754.724706][T15111] RIP: 0033:0x45802a [ 2754.728599][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2754.750596][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2754.757255][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2754.760096][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2754.767257][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2754.776914][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2754.776931][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2754.800816][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2754.809161][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2754.822005][T15111] memory: usage 91536kB, limit 0kB, failcnt 763 [ 2754.830170][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2754.838572][T15111] Memory cgroup stats for /syz2: [ 2754.838678][T15111] anon 77733888 [ 2754.838678][T15111] file 36864 [ 2754.838678][T15111] kernel_stack 1245184 [ 2754.838678][T15111] slab 10092544 [ 2754.838678][T15111] sock 106496 [ 2754.838678][T15111] shmem 0 [ 2754.838678][T15111] file_mapped 0 [ 2754.838678][T15111] file_dirty 135168 [ 2754.838678][T15111] file_writeback 0 [ 2754.838678][T15111] anon_thp 71303168 [ 2754.838678][T15111] inactive_anon 245760 [ 2754.838678][T15111] active_anon 77701120 [ 2754.838678][T15111] inactive_file 118784 [ 2754.838678][T15111] active_file 65536 [ 2754.838678][T15111] unevictable 0 [ 2754.838678][T15111] slab_reclaimable 3244032 [ 2754.838678][T15111] slab_unreclaimable 6848512 [ 2754.838678][T15111] pgfault 396165 [ 2754.838678][T15111] pgmajfault 0 [ 2754.838678][T15111] workingset_refault 0 [ 2754.838678][T15111] workingset_activate 0 [ 2754.838678][T15111] workingset_nodereclaim 0 [ 2754.838678][T15111] pgrefill 74 [ 2754.838678][T15111] pgscan 1900 [ 2754.838678][T15111] pgsteal 1760 [ 2754.936858][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14580,uid=0 [ 2754.953173][T15111] Memory cgroup out of memory: Killed process 14580 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35808kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2754.974252][ T1058] oom_reaper: reaped process 14580 (syz-executor.2), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB [ 2754.975295][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2754.997954][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2755.007456][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2755.017875][T15111] Call Trace: [ 2755.023997][T15111] dump_stack+0x172/0x1f0 [ 2755.028479][T15111] dump_header+0x177/0x1152 [ 2755.033433][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2755.039256][T15111] ? ___ratelimit+0x2c8/0x595 [ 2755.043953][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2755.049782][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2755.055090][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2755.060113][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2755.065740][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2755.071552][T15111] ? ___ratelimit+0x60/0x595 [ 2755.076169][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2755.081404][T15111] oom_kill_process.cold+0x10/0x15 [ 2755.086518][T15111] out_of_memory+0x334/0x1340 [ 2755.091227][T15111] ? lock_downgrade+0x920/0x920 [ 2755.096245][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2755.102090][T15111] ? oom_killer_disable+0x280/0x280 [ 2755.107308][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2755.112887][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2755.118046][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2755.123469][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2755.128338][T15111] try_charge+0xf4b/0x1440 [ 2755.132758][T15111] ? find_held_lock+0x35/0x130 [ 2755.137563][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2755.143359][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2755.148946][T15111] ? find_held_lock+0x35/0x130 [ 2755.153735][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2755.159470][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2755.165016][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2755.170230][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2755.175885][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2755.182017][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2755.187391][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2755.192970][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2755.198745][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2755.203951][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2755.209242][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2755.214266][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.219299][T15111] copy_process+0x3f8/0x6860 [ 2755.223907][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.228950][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2755.233986][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.239025][T15111] ? mark_lock+0xc2/0x1220 [ 2755.243454][T15111] ? __cleanup_sighand+0x60/0x60 [ 2755.248384][T15111] ? find_held_lock+0x35/0x130 [ 2755.253167][T15111] _do_fork+0x146/0xf90 [ 2755.257330][T15111] ? copy_init_mm+0x20/0x20 [ 2755.261834][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.266850][T15111] ? _copy_to_user+0x118/0x160 [ 2755.271646][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2755.277884][T15111] ? put_timespec64+0xda/0x140 [ 2755.282651][T15111] __x64_sys_clone+0x18d/0x250 [ 2755.287413][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2755.292282][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2755.297563][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2755.302586][T15111] do_syscall_64+0xfa/0x760 [ 2755.307127][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2755.313030][T15111] RIP: 0033:0x45802a [ 2755.316928][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2755.336705][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2755.345129][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2755.353192][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2755.361291][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2755.369386][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2755.377376][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2755.390925][T15111] memory: usage 89220kB, limit 0kB, failcnt 769 [ 2755.397547][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2755.404461][T15111] Memory cgroup stats for /syz2: [ 2755.404556][T15111] anon 75550720 [ 2755.404556][T15111] file 36864 [ 2755.404556][T15111] kernel_stack 1179648 [ 2755.404556][T15111] slab 10092544 [ 2755.404556][T15111] sock 106496 [ 2755.404556][T15111] shmem 0 [ 2755.404556][T15111] file_mapped 0 [ 2755.404556][T15111] file_dirty 135168 [ 2755.404556][T15111] file_writeback 0 [ 2755.404556][T15111] anon_thp 69206016 [ 2755.404556][T15111] inactive_anon 245760 [ 2755.404556][T15111] active_anon 75509760 [ 2755.404556][T15111] inactive_file 118784 [ 2755.404556][T15111] active_file 65536 [ 2755.404556][T15111] unevictable 0 [ 2755.404556][T15111] slab_reclaimable 3244032 [ 2755.404556][T15111] slab_unreclaimable 6848512 [ 2755.404556][T15111] pgfault 396165 [ 2755.404556][T15111] pgmajfault 0 [ 2755.404556][T15111] workingset_refault 0 [ 2755.404556][T15111] workingset_activate 0 [ 2755.404556][T15111] workingset_nodereclaim 0 [ 2755.404556][T15111] pgrefill 74 [ 2755.404556][T15111] pgscan 1900 [ 2755.404556][T15111] pgsteal 1760 [ 2755.501494][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=30854,uid=0 [ 2755.522316][T15111] Memory cgroup out of memory: Killed process 30854 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2755.542518][ T1058] oom_reaper: reaped process 30854 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 2755.543509][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2755.566455][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2755.575511][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2755.585595][T15111] Call Trace: [ 2755.588947][T15111] dump_stack+0x172/0x1f0 [ 2755.593424][T15111] dump_header+0x177/0x1152 [ 2755.598269][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2755.604115][T15111] ? ___ratelimit+0x2c8/0x595 [ 2755.608803][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2755.614632][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2755.619917][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2755.625001][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2755.630662][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2755.636623][T15111] ? ___ratelimit+0x60/0x595 [ 2755.641232][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2755.646465][T15111] oom_kill_process.cold+0x10/0x15 [ 2755.651609][T15111] out_of_memory+0x334/0x1340 [ 2755.656453][T15111] ? lock_downgrade+0x920/0x920 [ 2755.661349][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2755.667153][T15111] ? oom_killer_disable+0x280/0x280 [ 2755.672368][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2755.678200][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2755.683149][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2755.688569][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2755.693530][T15111] try_charge+0xf4b/0x1440 [ 2755.698305][T15111] ? find_held_lock+0x35/0x130 [ 2755.703095][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2755.708753][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2755.715280][T15111] ? find_held_lock+0x35/0x130 [ 2755.720273][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2755.725910][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2755.731476][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2755.736684][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2755.743377][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2755.748883][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2755.754899][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2755.760546][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2755.766265][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2755.771570][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2755.776858][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2755.781964][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.787026][T15111] copy_process+0x3f8/0x6860 [ 2755.791623][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.796649][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2755.801687][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.806756][T15111] ? mark_lock+0xc2/0x1220 [ 2755.811275][T15111] ? __cleanup_sighand+0x60/0x60 [ 2755.816218][T15111] ? find_held_lock+0x35/0x130 [ 2755.820986][T15111] _do_fork+0x146/0xf90 [ 2755.825411][T15111] ? copy_init_mm+0x20/0x20 [ 2755.831145][T15111] ? __kasan_check_read+0x11/0x20 [ 2755.836160][T15111] ? _copy_to_user+0x118/0x160 [ 2755.842156][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2755.848398][T15111] ? put_timespec64+0xda/0x140 [ 2755.853254][T15111] __x64_sys_clone+0x18d/0x250 [ 2755.858020][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2755.863056][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2755.868536][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2755.876170][T15111] do_syscall_64+0xfa/0x760 [ 2755.880688][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2755.886565][T15111] RIP: 0033:0x45802a [ 2755.890543][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2755.913460][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2755.922015][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2755.929989][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2755.938102][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2755.946379][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2755.954349][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2755.967965][T15111] memory: usage 86904kB, limit 0kB, failcnt 775 [ 2755.974382][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2755.981419][T15111] Memory cgroup stats for /syz2: [ 2755.981515][T15111] anon 73322496 [ 2755.981515][T15111] file 36864 [ 2755.981515][T15111] kernel_stack 1179648 [ 2755.981515][T15111] slab 10092544 [ 2755.981515][T15111] sock 106496 [ 2755.981515][T15111] shmem 0 [ 2755.981515][T15111] file_mapped 0 [ 2755.981515][T15111] file_dirty 135168 [ 2755.981515][T15111] file_writeback 0 [ 2755.981515][T15111] anon_thp 67108864 [ 2755.981515][T15111] inactive_anon 245760 [ 2755.981515][T15111] active_anon 73281536 [ 2755.981515][T15111] inactive_file 118784 [ 2755.981515][T15111] active_file 65536 [ 2755.981515][T15111] unevictable 0 [ 2755.981515][T15111] slab_reclaimable 3244032 [ 2755.981515][T15111] slab_unreclaimable 6848512 [ 2755.981515][T15111] pgfault 396165 [ 2755.981515][T15111] pgmajfault 0 [ 2755.981515][T15111] workingset_refault 0 [ 2755.981515][T15111] workingset_activate 0 [ 2755.981515][T15111] workingset_nodereclaim 0 [ 2755.981515][T15111] pgrefill 74 [ 2755.981515][T15111] pgscan 1900 [ 2755.981515][T15111] pgsteal 1760 [ 2756.077793][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26792,uid=0 [ 2756.093548][T15111] Memory cgroup out of memory: Killed process 26792 (syz-executor.2) total-vm:72572kB, anon-rss:2188kB, file-rss:35820kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2756.116199][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2756.116307][ T1058] oom_reaper: reaped process 26792 (syz-executor.2), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB [ 2756.128366][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2756.148329][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2756.158939][T15111] Call Trace: [ 2756.158977][T15111] dump_stack+0x172/0x1f0 [ 2756.158996][T15111] dump_header+0x177/0x1152 [ 2756.159013][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2756.159025][T15111] ? ___ratelimit+0x2c8/0x595 [ 2756.159036][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2756.159052][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2756.159067][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2756.159080][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2756.159093][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2756.159105][T15111] ? ___ratelimit+0x60/0x595 [ 2756.159116][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2756.159133][T15111] oom_kill_process.cold+0x10/0x15 [ 2756.159148][T15111] out_of_memory+0x334/0x1340 [ 2756.159160][T15111] ? lock_downgrade+0x920/0x920 [ 2756.159181][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2756.159196][T15111] ? oom_killer_disable+0x280/0x280 [ 2756.159216][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2756.159236][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2756.159252][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2756.159265][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2756.159280][T15111] try_charge+0xf4b/0x1440 [ 2756.275805][T15111] ? find_held_lock+0x35/0x130 [ 2756.280596][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2756.286596][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2756.292176][T15111] ? find_held_lock+0x35/0x130 [ 2756.297094][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2756.302822][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2756.308391][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2756.313655][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2756.319207][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2756.324338][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2756.329882][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2756.335417][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2756.341277][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2756.346519][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2756.351911][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2756.356994][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.362032][T15111] copy_process+0x3f8/0x6860 [ 2756.366625][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.371926][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2756.377153][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.382358][T15111] ? mark_lock+0xc2/0x1220 [ 2756.386950][T15111] ? __cleanup_sighand+0x60/0x60 [ 2756.392175][T15111] ? find_held_lock+0x35/0x130 [ 2756.397000][T15111] _do_fork+0x146/0xf90 [ 2756.401177][T15111] ? copy_init_mm+0x20/0x20 [ 2756.405681][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.411161][T15111] ? _copy_to_user+0x118/0x160 [ 2756.415919][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2756.422248][T15111] ? put_timespec64+0xda/0x140 [ 2756.427988][T15111] __x64_sys_clone+0x18d/0x250 [ 2756.432787][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2756.437663][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2756.443319][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2756.448546][T15111] do_syscall_64+0xfa/0x760 [ 2756.453053][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2756.459049][T15111] RIP: 0033:0x45802a [ 2756.462957][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2756.482882][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2756.491293][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2756.499440][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2756.507419][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2756.515929][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2756.523899][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2756.537508][T15111] memory: usage 84552kB, limit 0kB, failcnt 781 [ 2756.543875][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2756.550845][T15111] Memory cgroup stats for /syz2: [ 2756.550936][T15111] anon 71110656 [ 2756.550936][T15111] file 36864 [ 2756.550936][T15111] kernel_stack 1114112 [ 2756.550936][T15111] slab 10092544 [ 2756.550936][T15111] sock 106496 [ 2756.550936][T15111] shmem 0 [ 2756.550936][T15111] file_mapped 0 [ 2756.550936][T15111] file_dirty 135168 [ 2756.550936][T15111] file_writeback 0 [ 2756.550936][T15111] anon_thp 67108864 [ 2756.550936][T15111] inactive_anon 245760 [ 2756.550936][T15111] active_anon 71118848 [ 2756.550936][T15111] inactive_file 118784 [ 2756.550936][T15111] active_file 65536 [ 2756.550936][T15111] unevictable 0 [ 2756.550936][T15111] slab_reclaimable 3244032 [ 2756.550936][T15111] slab_unreclaimable 6848512 [ 2756.550936][T15111] pgfault 396165 [ 2756.550936][T15111] pgmajfault 0 [ 2756.550936][T15111] workingset_refault 0 [ 2756.550936][T15111] workingset_activate 0 [ 2756.550936][T15111] workingset_nodereclaim 0 [ 2756.550936][T15111] pgrefill 74 [ 2756.550936][T15111] pgscan 1900 [ 2756.550936][T15111] pgsteal 1760 [ 2756.650057][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14598,uid=0 [ 2756.666466][T15111] Memory cgroup out of memory: Killed process 14598 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2756.687491][ T1058] oom_reaper: reaped process 14598 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 2756.688640][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2756.711004][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2756.720126][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2756.730210][T15111] Call Trace: [ 2756.733501][T15111] dump_stack+0x172/0x1f0 [ 2756.737828][T15111] dump_header+0x177/0x1152 [ 2756.742334][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2756.748128][T15111] ? ___ratelimit+0x2c8/0x595 [ 2756.752795][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2756.758607][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2756.763888][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2756.768902][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2756.774516][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2756.780321][T15111] ? ___ratelimit+0x60/0x595 [ 2756.784902][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2756.790010][T15111] oom_kill_process.cold+0x10/0x15 [ 2756.795131][T15111] out_of_memory+0x334/0x1340 [ 2756.799804][T15111] ? lock_downgrade+0x920/0x920 [ 2756.804663][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2756.810643][T15111] ? oom_killer_disable+0x280/0x280 [ 2756.815840][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2756.821406][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2756.826349][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2756.831626][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2756.836646][T15111] try_charge+0xf4b/0x1440 [ 2756.841066][T15111] ? find_held_lock+0x35/0x130 [ 2756.846366][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2756.851900][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2756.857471][T15111] ? find_held_lock+0x35/0x130 [ 2756.862237][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2756.868629][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2756.874513][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2756.879798][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2756.885339][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2756.890455][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2756.895992][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2756.901555][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2756.907296][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2756.912511][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2756.917969][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2756.923169][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.928222][T15111] copy_process+0x3f8/0x6860 [ 2756.932811][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.937840][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2756.942881][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.947898][T15111] ? mark_lock+0xc2/0x1220 [ 2756.952391][T15111] ? __cleanup_sighand+0x60/0x60 [ 2756.958214][T15111] ? find_held_lock+0x35/0x130 [ 2756.963014][T15111] _do_fork+0x146/0xf90 [ 2756.967205][T15111] ? copy_init_mm+0x20/0x20 [ 2756.971709][T15111] ? __kasan_check_read+0x11/0x20 [ 2756.976829][T15111] ? _copy_to_user+0x118/0x160 [ 2756.981699][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2756.987957][T15111] ? put_timespec64+0xda/0x140 [ 2756.992802][T15111] __x64_sys_clone+0x18d/0x250 [ 2756.997564][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2757.002434][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2757.007905][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2757.013002][T15111] do_syscall_64+0xfa/0x760 [ 2757.018030][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2757.024044][T15111] RIP: 0033:0x45802a [ 2757.027925][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2757.047515][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2757.055926][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2757.065471][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2757.073615][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2757.081581][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2757.089904][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2757.103891][T15111] memory: usage 82236kB, limit 0kB, failcnt 787 [ 2757.110453][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2757.117799][T15111] Memory cgroup stats for /syz2: [ 2757.117896][T15111] anon 68907008 [ 2757.117896][T15111] file 36864 [ 2757.117896][T15111] kernel_stack 1114112 [ 2757.117896][T15111] slab 10092544 [ 2757.117896][T15111] sock 106496 [ 2757.117896][T15111] shmem 0 [ 2757.117896][T15111] file_mapped 0 [ 2757.117896][T15111] file_dirty 135168 [ 2757.117896][T15111] file_writeback 0 [ 2757.117896][T15111] anon_thp 65011712 [ 2757.117896][T15111] inactive_anon 245760 [ 2757.117896][T15111] active_anon 68861952 [ 2757.117896][T15111] inactive_file 118784 [ 2757.117896][T15111] active_file 65536 [ 2757.117896][T15111] unevictable 0 [ 2757.117896][T15111] slab_reclaimable 3244032 [ 2757.117896][T15111] slab_unreclaimable 6848512 [ 2757.117896][T15111] pgfault 396165 [ 2757.117896][T15111] pgmajfault 0 [ 2757.117896][T15111] workingset_refault 0 [ 2757.117896][T15111] workingset_activate 0 [ 2757.117896][T15111] workingset_nodereclaim 0 [ 2757.117896][T15111] pgrefill 74 [ 2757.117896][T15111] pgscan 1900 [ 2757.117896][T15111] pgsteal 1760 [ 2757.216122][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14523,uid=0 [ 2757.232978][T15111] Memory cgroup out of memory: Killed process 14523 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2757.270826][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2757.283036][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2757.292535][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2757.303048][T15111] Call Trace: [ 2757.306400][T15111] dump_stack+0x172/0x1f0 [ 2757.311911][T15111] dump_header+0x177/0x1152 [ 2757.316737][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2757.324259][T15111] ? ___ratelimit+0x2c8/0x595 [ 2757.329142][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2757.335003][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2757.341116][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2757.346185][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2757.351876][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2757.357717][T15111] ? ___ratelimit+0x60/0x595 [ 2757.362325][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2757.367647][T15111] oom_kill_process.cold+0x10/0x15 [ 2757.372790][T15111] out_of_memory+0x334/0x1340 [ 2757.377493][T15111] ? lock_downgrade+0x920/0x920 [ 2757.382377][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2757.388393][T15111] ? oom_killer_disable+0x280/0x280 [ 2757.393645][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2757.399487][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2757.404475][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2757.409626][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2757.414530][T15111] try_charge+0xf4b/0x1440 [ 2757.418979][T15111] ? find_held_lock+0x35/0x130 [ 2757.423790][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2757.429364][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2757.434949][T15111] ? find_held_lock+0x35/0x130 [ 2757.439757][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2757.445797][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2757.451535][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2757.456804][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2757.464477][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2757.469626][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2757.475119][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2757.481011][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2757.486849][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2757.492382][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2757.497983][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2757.503013][T15111] ? __kasan_check_read+0x11/0x20 [ 2757.508071][T15111] copy_process+0x3f8/0x6860 [ 2757.512673][T15111] ? __kasan_check_read+0x11/0x20 [ 2757.517859][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2757.523681][T15111] ? __kasan_check_read+0x11/0x20 [ 2757.528717][T15111] ? mark_lock+0xc2/0x1220 [ 2757.533331][T15111] ? __cleanup_sighand+0x60/0x60 [ 2757.538284][T15111] ? find_held_lock+0x35/0x130 [ 2757.543054][T15111] _do_fork+0x146/0xf90 [ 2757.547227][T15111] ? copy_init_mm+0x20/0x20 [ 2757.551929][T15111] ? __kasan_check_read+0x11/0x20 [ 2757.556991][T15111] ? _copy_to_user+0x118/0x160 [ 2757.561813][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2757.569741][T15111] ? put_timespec64+0xda/0x140 [ 2757.574734][T15111] __x64_sys_clone+0x18d/0x250 [ 2757.579567][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2757.584526][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2757.589830][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2757.594892][T15111] do_syscall_64+0xfa/0x760 [ 2757.599432][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2757.605419][T15111] RIP: 0033:0x45802a [ 2757.609311][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2757.629484][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2757.637921][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2757.646152][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2757.655275][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2757.663263][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2757.671692][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2757.684429][T15111] memory: usage 79624kB, limit 0kB, failcnt 793 [ 2757.691601][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2757.698635][T15111] Memory cgroup stats for /syz2: [ 2757.698736][T15111] anon 66641920 [ 2757.698736][T15111] file 36864 [ 2757.698736][T15111] kernel_stack 1114112 [ 2757.698736][T15111] slab 9842688 [ 2757.698736][T15111] sock 106496 [ 2757.698736][T15111] shmem 0 [ 2757.698736][T15111] file_mapped 0 [ 2757.698736][T15111] file_dirty 135168 [ 2757.698736][T15111] file_writeback 0 [ 2757.698736][T15111] anon_thp 62914560 [ 2757.698736][T15111] inactive_anon 245760 [ 2757.698736][T15111] active_anon 66641920 [ 2757.698736][T15111] inactive_file 118784 [ 2757.698736][T15111] active_file 65536 [ 2757.698736][T15111] unevictable 0 [ 2757.698736][T15111] slab_reclaimable 3244032 [ 2757.698736][T15111] slab_unreclaimable 6598656 [ 2757.698736][T15111] pgfault 396165 [ 2757.698736][T15111] pgmajfault 0 [ 2757.698736][T15111] workingset_refault 0 [ 2757.698736][T15111] workingset_activate 0 [ 2757.698736][T15111] workingset_nodereclaim 0 [ 2757.698736][T15111] pgrefill 74 [ 2757.698736][T15111] pgscan 1900 [ 2757.698736][T15111] pgsteal 1760 [ 2757.796666][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=755,uid=0 [ 2757.813745][T15111] Memory cgroup out of memory: Killed process 755 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2757.835538][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2757.839169][ T1058] oom_reaper: reaped process 755 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 2757.847856][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2757.868493][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2757.879000][T15111] Call Trace: [ 2757.882313][T15111] dump_stack+0x172/0x1f0 [ 2757.886700][T15111] dump_header+0x177/0x1152 [ 2757.891772][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2757.897731][T15111] ? ___ratelimit+0x2c8/0x595 [ 2757.902436][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2757.908348][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2757.913811][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2757.918881][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2757.924521][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2757.930655][T15111] ? ___ratelimit+0x60/0x595 [ 2757.935813][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2757.941298][T15111] oom_kill_process.cold+0x10/0x15 [ 2757.946578][T15111] out_of_memory+0x334/0x1340 [ 2757.951264][T15111] ? lock_downgrade+0x920/0x920 [ 2757.956409][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2757.962431][T15111] ? oom_killer_disable+0x280/0x280 [ 2757.967891][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2757.973770][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2757.978718][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2757.984044][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2757.989836][T15111] try_charge+0xf4b/0x1440 [ 2757.995930][T15111] ? find_held_lock+0x35/0x130 [ 2758.002143][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2758.008063][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2758.015586][T15111] ? find_held_lock+0x35/0x130 [ 2758.021613][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2758.027900][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2758.033836][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2758.039535][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2758.045374][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2758.052020][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2758.058161][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2758.063851][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2758.069807][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2758.075652][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2758.081072][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2758.086987][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.092216][T15111] copy_process+0x3f8/0x6860 [ 2758.097201][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.102234][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2758.107734][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.113137][T15111] ? mark_lock+0xc2/0x1220 [ 2758.118491][T15111] ? __cleanup_sighand+0x60/0x60 [ 2758.123711][T15111] ? find_held_lock+0x35/0x130 [ 2758.129681][T15111] _do_fork+0x146/0xf90 [ 2758.134137][T15111] ? copy_init_mm+0x20/0x20 [ 2758.138742][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.143883][T15111] ? _copy_to_user+0x118/0x160 [ 2758.148684][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2758.155612][T15111] ? put_timespec64+0xda/0x140 [ 2758.162006][T15111] __x64_sys_clone+0x18d/0x250 [ 2758.167480][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2758.173118][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2758.178652][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2758.183705][T15111] do_syscall_64+0xfa/0x760 [ 2758.188208][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2758.194359][T15111] RIP: 0033:0x45802a [ 2758.198257][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2758.218417][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2758.226940][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2758.234928][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2758.242933][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2758.251052][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2758.259125][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2758.271764][T15111] memory: usage 77296kB, limit 0kB, failcnt 799 [ 2758.278268][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2758.285256][T15111] Memory cgroup stats for /syz2: [ 2758.285358][T15111] anon 64434176 [ 2758.285358][T15111] file 36864 [ 2758.285358][T15111] kernel_stack 1048576 [ 2758.285358][T15111] slab 9842688 [ 2758.285358][T15111] sock 106496 [ 2758.285358][T15111] shmem 0 [ 2758.285358][T15111] file_mapped 0 [ 2758.285358][T15111] file_dirty 135168 [ 2758.285358][T15111] file_writeback 0 [ 2758.285358][T15111] anon_thp 60817408 [ 2758.285358][T15111] inactive_anon 245760 [ 2758.285358][T15111] active_anon 64434176 [ 2758.285358][T15111] inactive_file 118784 [ 2758.285358][T15111] active_file 65536 [ 2758.285358][T15111] unevictable 0 [ 2758.285358][T15111] slab_reclaimable 3244032 [ 2758.285358][T15111] slab_unreclaimable 6598656 [ 2758.285358][T15111] pgfault 396165 [ 2758.285358][T15111] pgmajfault 0 [ 2758.285358][T15111] workingset_refault 0 [ 2758.285358][T15111] workingset_activate 0 [ 2758.285358][T15111] workingset_nodereclaim 0 [ 2758.285358][T15111] pgrefill 74 [ 2758.285358][T15111] pgscan 1900 [ 2758.285358][T15111] pgsteal 1760 [ 2758.383116][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=720,uid=0 [ 2758.399566][T15111] Memory cgroup out of memory: Killed process 720 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2758.419626][ T1058] oom_reaper: reaped process 720 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 2758.420788][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2758.444168][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2758.453241][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2758.463310][T15111] Call Trace: [ 2758.466791][T15111] dump_stack+0x172/0x1f0 [ 2758.471145][T15111] dump_header+0x177/0x1152 [ 2758.475662][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2758.481470][T15111] ? ___ratelimit+0x2c8/0x595 [ 2758.486150][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2758.491967][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2758.497284][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2758.502338][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2758.508042][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2758.513875][T15111] ? ___ratelimit+0x60/0x595 [ 2758.518475][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2758.523611][T15111] oom_kill_process.cold+0x10/0x15 [ 2758.529790][T15111] out_of_memory+0x334/0x1340 [ 2758.534473][T15111] ? lock_downgrade+0x920/0x920 [ 2758.539319][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2758.545125][T15111] ? oom_killer_disable+0x280/0x280 [ 2758.550334][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2758.555918][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2758.561055][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2758.566325][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2758.571217][T15111] try_charge+0xf4b/0x1440 [ 2758.576073][T15111] ? find_held_lock+0x35/0x130 [ 2758.580844][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2758.586396][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2758.591951][T15111] ? find_held_lock+0x35/0x130 [ 2758.596715][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2758.602406][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2758.608111][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2758.613319][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2758.618866][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2758.624075][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2758.629560][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2758.635221][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2758.640941][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2758.646236][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2758.651536][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2758.656562][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.661585][T15111] copy_process+0x3f8/0x6860 [ 2758.666162][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.671203][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2758.676239][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.681278][T15111] ? mark_lock+0xc2/0x1220 [ 2758.685720][T15111] ? __cleanup_sighand+0x60/0x60 [ 2758.690676][T15111] ? find_held_lock+0x35/0x130 [ 2758.695580][T15111] _do_fork+0x146/0xf90 [ 2758.699733][T15111] ? copy_init_mm+0x20/0x20 [ 2758.704224][T15111] ? __kasan_check_read+0x11/0x20 [ 2758.709253][T15111] ? _copy_to_user+0x118/0x160 [ 2758.714023][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2758.720254][T15111] ? put_timespec64+0xda/0x140 [ 2758.725098][T15111] __x64_sys_clone+0x18d/0x250 [ 2758.729880][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2758.734735][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2758.740014][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2758.745031][T15111] do_syscall_64+0xfa/0x760 [ 2758.749546][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2758.755438][T15111] RIP: 0033:0x45802a [ 2758.759431][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2758.779049][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2758.787476][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2758.795573][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2758.803547][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2758.811534][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2758.819513][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2758.832061][ C0] net_ratelimit: 16 callbacks suppressed [ 2758.832072][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2758.843911][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2758.851006][T15111] memory: usage 74968kB, limit 0kB, failcnt 805 [ 2758.857588][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2758.864680][T15111] Memory cgroup stats for /syz2: [ 2758.864780][T15111] anon 62218240 [ 2758.864780][T15111] file 36864 [ 2758.864780][T15111] kernel_stack 1048576 [ 2758.864780][T15111] slab 9842688 [ 2758.864780][T15111] sock 106496 [ 2758.864780][T15111] shmem 0 [ 2758.864780][T15111] file_mapped 0 [ 2758.864780][T15111] file_dirty 135168 [ 2758.864780][T15111] file_writeback 0 [ 2758.864780][T15111] anon_thp 58720256 [ 2758.864780][T15111] inactive_anon 245760 [ 2758.864780][T15111] active_anon 62218240 [ 2758.864780][T15111] inactive_file 118784 [ 2758.864780][T15111] active_file 65536 [ 2758.864780][T15111] unevictable 0 [ 2758.864780][T15111] slab_reclaimable 3244032 [ 2758.864780][T15111] slab_unreclaimable 6598656 [ 2758.864780][T15111] pgfault 396165 [ 2758.864780][T15111] pgmajfault 0 [ 2758.864780][T15111] workingset_refault 0 [ 2758.864780][T15111] workingset_activate 0 [ 2758.864780][T15111] workingset_nodereclaim 0 [ 2758.864780][T15111] pgrefill 74 [ 2758.864780][T15111] pgscan 1900 [ 2758.864780][T15111] pgsteal 1760 [ 2758.960249][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2758.960337][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2758.972040][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=685,uid=0 [ 2758.987503][T15111] Memory cgroup out of memory: Killed process 685 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2759.006790][ T1058] oom_reaper: reaped process 685 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 2759.019758][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2759.031744][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2759.040771][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2759.050936][T15111] Call Trace: [ 2759.054424][T15111] dump_stack+0x172/0x1f0 [ 2759.059269][T15111] dump_header+0x177/0x1152 [ 2759.063767][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2759.069561][T15111] ? ___ratelimit+0x2c8/0x595 [ 2759.074331][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2759.080165][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2759.085610][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2759.090627][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2759.096386][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2759.102201][T15111] ? ___ratelimit+0x60/0x595 [ 2759.106825][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2759.111961][T15111] oom_kill_process.cold+0x10/0x15 [ 2759.117076][T15111] out_of_memory+0x334/0x1340 [ 2759.121789][T15111] ? lock_downgrade+0x920/0x920 [ 2759.126695][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2759.132524][T15111] ? oom_killer_disable+0x280/0x280 [ 2759.137864][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2759.143409][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2759.148338][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2759.153603][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2759.158485][T15111] try_charge+0xf4b/0x1440 [ 2759.162970][T15111] ? find_held_lock+0x35/0x130 [ 2759.167754][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2759.173354][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2759.178906][T15111] ? find_held_lock+0x35/0x130 [ 2759.183663][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2759.189203][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2759.194823][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2759.200009][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2759.205546][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2759.210660][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2759.216026][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2759.221597][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2759.227327][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2759.232536][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2759.237807][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2759.242814][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.247838][T15111] copy_process+0x3f8/0x6860 [ 2759.252422][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.257448][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2759.262475][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.267488][T15111] ? mark_lock+0xc2/0x1220 [ 2759.271914][T15111] ? __cleanup_sighand+0x60/0x60 [ 2759.276839][T15111] ? find_held_lock+0x35/0x130 [ 2759.281599][T15111] _do_fork+0x146/0xf90 [ 2759.285758][T15111] ? copy_init_mm+0x20/0x20 [ 2759.290444][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.295501][T15111] ? _copy_to_user+0x118/0x160 [ 2759.300393][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2759.306681][T15111] ? put_timespec64+0xda/0x140 [ 2759.311486][T15111] __x64_sys_clone+0x18d/0x250 [ 2759.316309][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2759.321233][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2759.326541][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2759.331866][T15111] do_syscall_64+0xfa/0x760 [ 2759.336498][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2759.342393][T15111] RIP: 0033:0x45802a [ 2759.346370][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2759.366472][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2759.375097][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2759.383205][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2759.391184][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2759.399143][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2759.407114][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2759.417723][T15111] memory: usage 72636kB, limit 0kB, failcnt 811 [ 2759.424037][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2759.430990][T15111] Memory cgroup stats for /syz2: [ 2759.431088][T15111] anon 60063744 [ 2759.431088][T15111] file 36864 [ 2759.431088][T15111] kernel_stack 983040 [ 2759.431088][T15111] slab 9842688 [ 2759.431088][T15111] sock 106496 [ 2759.431088][T15111] shmem 0 [ 2759.431088][T15111] file_mapped 0 [ 2759.431088][T15111] file_dirty 135168 [ 2759.431088][T15111] file_writeback 0 [ 2759.431088][T15111] anon_thp 56623104 [ 2759.431088][T15111] inactive_anon 245760 [ 2759.431088][T15111] active_anon 60063744 [ 2759.431088][T15111] inactive_file 118784 [ 2759.431088][T15111] active_file 65536 [ 2759.431088][T15111] unevictable 0 [ 2759.431088][T15111] slab_reclaimable 3244032 [ 2759.431088][T15111] slab_unreclaimable 6598656 [ 2759.431088][T15111] pgfault 396165 [ 2759.431088][T15111] pgmajfault 0 [ 2759.431088][T15111] workingset_refault 0 [ 2759.431088][T15111] workingset_activate 0 [ 2759.431088][T15111] workingset_nodereclaim 0 [ 2759.431088][T15111] pgrefill 74 [ 2759.431088][T15111] pgscan 1900 [ 2759.431088][T15111] pgsteal 1760 [ 2759.526511][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=657,uid=0 [ 2759.542249][T15111] Memory cgroup out of memory: Killed process 657 (syz-executor.2) total-vm:72836kB, anon-rss:2216kB, file-rss:35784kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2759.565155][ T1058] oom_reaper: reaped process 657 (syz-executor.2), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 2759.565989][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2759.588461][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2759.597503][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2759.607569][T15111] Call Trace: [ 2759.610966][T15111] dump_stack+0x172/0x1f0 [ 2759.615733][T15111] dump_header+0x177/0x1152 [ 2759.620234][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2759.626063][T15111] ? ___ratelimit+0x2c8/0x595 [ 2759.630750][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2759.636570][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2759.642050][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2759.647109][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2759.652780][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2759.658618][T15111] ? ___ratelimit+0x60/0x595 [ 2759.663776][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2759.668913][T15111] oom_kill_process.cold+0x10/0x15 [ 2759.674038][T15111] out_of_memory+0x334/0x1340 [ 2759.678711][T15111] ? lock_downgrade+0x920/0x920 [ 2759.683556][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2759.690506][T15111] ? oom_killer_disable+0x280/0x280 [ 2759.695943][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2759.701762][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2759.706716][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2759.711840][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2759.716769][T15111] try_charge+0xf4b/0x1440 [ 2759.721186][T15111] ? find_held_lock+0x35/0x130 [ 2759.725943][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2759.731497][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2759.737049][T15111] ? find_held_lock+0x35/0x130 [ 2759.741916][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2759.747463][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2759.753067][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2759.758415][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2759.763955][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2759.769065][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2759.774603][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2759.780153][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2759.785862][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2759.791156][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2759.796474][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2759.801486][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.806520][T15111] copy_process+0x3f8/0x6860 [ 2759.811117][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.816131][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2759.821142][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.826161][T15111] ? mark_lock+0xc2/0x1220 [ 2759.830570][T15111] ? __cleanup_sighand+0x60/0x60 [ 2759.836070][T15111] ? find_held_lock+0x35/0x130 [ 2759.840870][T15111] _do_fork+0x146/0xf90 [ 2759.845262][T15111] ? copy_init_mm+0x20/0x20 [ 2759.849801][T15111] ? __kasan_check_read+0x11/0x20 [ 2759.854833][T15111] ? _copy_to_user+0x118/0x160 [ 2759.859603][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2759.866526][T15111] ? put_timespec64+0xda/0x140 [ 2759.871284][T15111] __x64_sys_clone+0x18d/0x250 [ 2759.876358][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2759.881518][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2759.886897][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2759.891934][T15111] do_syscall_64+0xfa/0x760 [ 2759.896426][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2759.902327][T15111] RIP: 0033:0x45802a [ 2759.906210][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2759.925953][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2759.934511][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2759.942920][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2759.950890][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2759.958845][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2759.966822][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2759.976060][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2759.981960][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2759.988401][T15111] memory: usage 70248kB, limit 0kB, failcnt 817 [ 2759.994710][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2760.001692][T15111] Memory cgroup stats for /syz2: [ 2760.001793][T15111] anon 57737216 [ 2760.001793][T15111] file 36864 [ 2760.001793][T15111] kernel_stack 917504 [ 2760.001793][T15111] slab 9842688 [ 2760.001793][T15111] sock 106496 [ 2760.001793][T15111] shmem 0 [ 2760.001793][T15111] file_mapped 0 [ 2760.001793][T15111] file_dirty 135168 [ 2760.001793][T15111] file_writeback 0 [ 2760.001793][T15111] anon_thp 54525952 [ 2760.001793][T15111] inactive_anon 245760 [ 2760.001793][T15111] active_anon 57737216 [ 2760.001793][T15111] inactive_file 118784 [ 2760.001793][T15111] active_file 65536 [ 2760.001793][T15111] unevictable 0 [ 2760.001793][T15111] slab_reclaimable 3244032 [ 2760.001793][T15111] slab_unreclaimable 6598656 [ 2760.001793][T15111] pgfault 396165 [ 2760.001793][T15111] pgmajfault 0 [ 2760.001793][T15111] workingset_refault 0 [ 2760.001793][T15111] workingset_activate 0 [ 2760.001793][T15111] workingset_nodereclaim 0 [ 2760.001793][T15111] pgrefill 74 [ 2760.001793][T15111] pgscan 1900 [ 2760.001793][T15111] pgsteal 1760 [ 2760.097090][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=28491,uid=0 [ 2760.112733][T15111] Memory cgroup out of memory: Killed process 28491 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2760.132537][ T1058] oom_reaper: reaped process 28491 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 2760.133896][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2760.155788][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2760.164906][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2760.174963][T15111] Call Trace: [ 2760.178262][T15111] dump_stack+0x172/0x1f0 [ 2760.182583][T15111] dump_header+0x177/0x1152 [ 2760.187083][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2760.193641][T15111] ? ___ratelimit+0x2c8/0x595 [ 2760.198405][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2760.204209][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2760.209613][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2760.214629][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2760.220267][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2760.226187][T15111] ? ___ratelimit+0x60/0x595 [ 2760.230783][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2760.236193][T15111] oom_kill_process.cold+0x10/0x15 [ 2760.241300][T15111] out_of_memory+0x334/0x1340 [ 2760.245972][T15111] ? lock_downgrade+0x920/0x920 [ 2760.250828][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2760.256624][T15111] ? oom_killer_disable+0x280/0x280 [ 2760.261817][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2760.267402][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2760.272365][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2760.277485][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2760.282364][T15111] try_charge+0xf4b/0x1440 [ 2760.286883][T15111] ? find_held_lock+0x35/0x130 [ 2760.291649][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2760.297227][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2760.302792][T15111] ? find_held_lock+0x35/0x130 [ 2760.307545][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2760.313085][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2760.318637][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2760.323831][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2760.329399][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2760.334505][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2760.339879][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2760.346029][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2760.351750][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2760.356971][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2760.362281][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2760.367296][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.372816][T15111] copy_process+0x3f8/0x6860 [ 2760.377526][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.382569][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2760.387677][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.392747][T15111] ? mark_lock+0xc2/0x1220 [ 2760.397166][T15111] ? __cleanup_sighand+0x60/0x60 [ 2760.402117][T15111] ? find_held_lock+0x35/0x130 [ 2760.406913][T15111] _do_fork+0x146/0xf90 [ 2760.411202][T15111] ? copy_init_mm+0x20/0x20 [ 2760.415880][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.420977][T15111] ? _copy_to_user+0x118/0x160 [ 2760.425780][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2760.432015][T15111] ? put_timespec64+0xda/0x140 [ 2760.436782][T15111] __x64_sys_clone+0x18d/0x250 [ 2760.441536][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2760.446376][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2760.451770][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2760.456937][T15111] do_syscall_64+0xfa/0x760 [ 2760.461576][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2760.467466][T15111] RIP: 0033:0x45802a [ 2760.471586][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2760.491309][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2760.499993][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2760.507957][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2760.515913][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2760.523870][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2760.531837][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2760.540402][T15111] memory: usage 67920kB, limit 0kB, failcnt 823 [ 2760.546738][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2760.547304][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2760.553698][T15111] Memory cgroup stats for /syz2: [ 2760.553807][T15111] anon 55562240 [ 2760.553807][T15111] file 36864 [ 2760.553807][T15111] kernel_stack 851968 [ 2760.553807][T15111] slab 9842688 [ 2760.553807][T15111] sock 106496 [ 2760.553807][T15111] shmem 0 [ 2760.553807][T15111] file_mapped 0 [ 2760.553807][T15111] file_dirty 135168 [ 2760.553807][T15111] file_writeback 0 [ 2760.553807][T15111] anon_thp 52428800 [ 2760.553807][T15111] inactive_anon 245760 [ 2760.553807][T15111] active_anon 55533568 [ 2760.553807][T15111] inactive_file 118784 [ 2760.553807][T15111] active_file 65536 [ 2760.553807][T15111] unevictable 0 [ 2760.553807][T15111] slab_reclaimable 3244032 [ 2760.553807][T15111] slab_unreclaimable 6598656 [ 2760.553807][T15111] pgfault 396165 [ 2760.553807][T15111] pgmajfault 0 [ 2760.553807][T15111] workingset_refault 0 [ 2760.553807][T15111] workingset_activate 0 [ 2760.553807][T15111] workingset_nodereclaim 0 [ 2760.553807][T15111] pgrefill 74 [ 2760.553807][T15111] pgscan 1900 [ 2760.553807][T15111] pgsteal 1760 [ 2760.559574][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2760.564491][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=28438,uid=0 [ 2760.655242][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2760.660488][T15111] Memory cgroup out of memory: Killed process 28438 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2760.676255][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2760.701077][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2760.718674][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2760.728433][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2760.738593][T15111] Call Trace: [ 2760.742274][T15111] dump_stack+0x172/0x1f0 [ 2760.747394][T15111] dump_header+0x177/0x1152 [ 2760.752462][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2760.758458][T15111] ? ___ratelimit+0x2c8/0x595 [ 2760.763605][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2760.770579][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2760.776263][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2760.781597][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2760.787851][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2760.793939][T15111] ? ___ratelimit+0x60/0x595 [ 2760.798643][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2760.803795][T15111] oom_kill_process.cold+0x10/0x15 [ 2760.809076][T15111] out_of_memory+0x334/0x1340 [ 2760.813740][T15111] ? lock_downgrade+0x920/0x920 [ 2760.818605][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2760.825112][T15111] ? oom_killer_disable+0x280/0x280 [ 2760.830307][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2760.835891][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2760.840866][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2760.845995][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2760.850867][T15111] try_charge+0xf4b/0x1440 [ 2760.855442][T15111] ? find_held_lock+0x35/0x130 [ 2760.860240][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2760.865924][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2760.871505][T15111] ? find_held_lock+0x35/0x130 [ 2760.876379][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2760.881924][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2760.887465][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2760.892665][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2760.898204][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2760.903337][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2760.908711][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2760.914269][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2760.920239][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2760.925429][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2760.930702][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2760.935712][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.940745][T15111] copy_process+0x3f8/0x6860 [ 2760.945327][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.950413][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2760.955436][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.960455][T15111] ? mark_lock+0xc2/0x1220 [ 2760.964948][T15111] ? __cleanup_sighand+0x60/0x60 [ 2760.969870][T15111] ? find_held_lock+0x35/0x130 [ 2760.974670][T15111] _do_fork+0x146/0xf90 [ 2760.979035][T15111] ? copy_init_mm+0x20/0x20 [ 2760.983533][T15111] ? __kasan_check_read+0x11/0x20 [ 2760.988711][T15111] ? _copy_to_user+0x118/0x160 [ 2760.993484][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2760.999713][T15111] ? put_timespec64+0xda/0x140 [ 2761.004470][T15111] __x64_sys_clone+0x18d/0x250 [ 2761.009272][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2761.014165][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2761.019442][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2761.024544][T15111] do_syscall_64+0xfa/0x760 [ 2761.029084][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2761.034980][T15111] RIP: 0033:0x45802a [ 2761.038866][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2761.058540][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2761.067079][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2761.075048][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2761.083033][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2761.091208][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2761.099542][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2761.114319][T15111] memory: usage 65592kB, limit 0kB, failcnt 829 [ 2761.121125][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2761.128324][T15111] Memory cgroup stats for /syz2: [ 2761.128420][T15111] anon 53374976 [ 2761.128420][T15111] file 36864 [ 2761.128420][T15111] kernel_stack 851968 [ 2761.128420][T15111] slab 9842688 [ 2761.128420][T15111] sock 106496 [ 2761.128420][T15111] shmem 0 [ 2761.128420][T15111] file_mapped 0 [ 2761.128420][T15111] file_dirty 135168 [ 2761.128420][T15111] file_writeback 0 [ 2761.128420][T15111] anon_thp 50331648 [ 2761.128420][T15111] inactive_anon 245760 [ 2761.128420][T15111] active_anon 53346304 [ 2761.128420][T15111] inactive_file 118784 [ 2761.128420][T15111] active_file 65536 [ 2761.128420][T15111] unevictable 0 [ 2761.128420][T15111] slab_reclaimable 3244032 [ 2761.128420][T15111] slab_unreclaimable 6598656 [ 2761.128420][T15111] pgfault 396165 [ 2761.128420][T15111] pgmajfault 0 [ 2761.128420][T15111] workingset_refault 0 [ 2761.128420][T15111] workingset_activate 0 [ 2761.128420][T15111] workingset_nodereclaim 0 [ 2761.128420][T15111] pgrefill 74 [ 2761.128420][T15111] pgscan 1900 [ 2761.128420][T15111] pgsteal 1760 [ 2761.224877][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=28407,uid=0 [ 2761.240776][T15111] Memory cgroup out of memory: Killed process 28407 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2761.262941][ T1058] oom_reaper: reaped process 28407 (syz-executor.2), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 2761.264049][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2761.288110][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2761.297891][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2761.309535][T15111] Call Trace: [ 2761.313492][T15111] dump_stack+0x172/0x1f0 [ 2761.318007][T15111] dump_header+0x177/0x1152 [ 2761.322909][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2761.328777][T15111] ? ___ratelimit+0x2c8/0x595 [ 2761.334407][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2761.340405][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2761.345684][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2761.350809][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2761.357491][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2761.363384][T15111] ? ___ratelimit+0x60/0x595 [ 2761.369091][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2761.374984][T15111] oom_kill_process.cold+0x10/0x15 [ 2761.380181][T15111] out_of_memory+0x334/0x1340 [ 2761.385006][T15111] ? lock_downgrade+0x920/0x920 [ 2761.390750][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2761.396665][T15111] ? oom_killer_disable+0x280/0x280 [ 2761.401967][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2761.408370][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2761.414211][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2761.419416][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2761.424257][T15111] try_charge+0xf4b/0x1440 [ 2761.428657][T15111] ? find_held_lock+0x35/0x130 [ 2761.433608][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2761.439158][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2761.444795][T15111] ? find_held_lock+0x35/0x130 [ 2761.449977][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2761.455529][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2761.461070][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2761.466698][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2761.472791][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2761.477891][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2761.483245][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2761.488773][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2761.494486][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2761.499739][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2761.505059][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2761.510097][T15111] ? __kasan_check_read+0x11/0x20 [ 2761.515228][T15111] copy_process+0x3f8/0x6860 [ 2761.519827][T15111] ? __kasan_check_read+0x11/0x20 [ 2761.526751][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2761.531757][T15111] ? __kasan_check_read+0x11/0x20 [ 2761.536786][T15111] ? mark_lock+0xc2/0x1220 [ 2761.541205][T15111] ? __cleanup_sighand+0x60/0x60 [ 2761.546141][T15111] ? find_held_lock+0x35/0x130 [ 2761.550914][T15111] _do_fork+0x146/0xf90 [ 2761.555068][T15111] ? copy_init_mm+0x20/0x20 [ 2761.560084][T15111] ? __kasan_check_read+0x11/0x20 [ 2761.565100][T15111] ? _copy_to_user+0x118/0x160 [ 2761.569852][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2761.576257][T15111] ? put_timespec64+0xda/0x140 [ 2761.581147][T15111] __x64_sys_clone+0x18d/0x250 [ 2761.585948][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2761.590874][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2761.596262][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2761.601372][T15111] do_syscall_64+0xfa/0x760 [ 2761.605874][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2761.611754][T15111] RIP: 0033:0x45802a [ 2761.615644][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2761.636351][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2761.644844][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2761.653020][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2761.660997][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2761.668973][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2761.676936][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2761.688129][T15111] memory: usage 63196kB, limit 0kB, failcnt 835 [ 2761.703031][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2761.710188][T15111] Memory cgroup stats for /syz2: [ 2761.710311][T15111] anon 51097600 [ 2761.710311][T15111] file 36864 [ 2761.710311][T15111] kernel_stack 851968 [ 2761.710311][T15111] slab 9703424 [ 2761.710311][T15111] sock 106496 [ 2761.710311][T15111] shmem 0 [ 2761.710311][T15111] file_mapped 0 [ 2761.710311][T15111] file_dirty 135168 [ 2761.710311][T15111] file_writeback 0 [ 2761.710311][T15111] anon_thp 48234496 [ 2761.710311][T15111] inactive_anon 245760 [ 2761.710311][T15111] active_anon 51097600 [ 2761.710311][T15111] inactive_file 118784 [ 2761.710311][T15111] active_file 65536 [ 2761.710311][T15111] unevictable 0 [ 2761.710311][T15111] slab_reclaimable 3244032 [ 2761.710311][T15111] slab_unreclaimable 6459392 [ 2761.710311][T15111] pgfault 396165 [ 2761.710311][T15111] pgmajfault 0 [ 2761.710311][T15111] workingset_refault 0 [ 2761.710311][T15111] workingset_activate 0 [ 2761.710311][T15111] workingset_nodereclaim 0 [ 2761.710311][T15111] pgrefill 74 [ 2761.710311][T15111] pgscan 1900 [ 2761.710311][T15111] pgsteal 1760 [ 2761.805512][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16237,uid=0 [ 2761.821113][T15111] Memory cgroup out of memory: Killed process 16237 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35800kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2761.842943][ T1058] oom_reaper: reaped process 16237 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 2761.843382][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2761.867139][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2761.876353][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2761.887038][T15111] Call Trace: [ 2761.890368][T15111] dump_stack+0x172/0x1f0 [ 2761.894698][T15111] dump_header+0x177/0x1152 [ 2761.899192][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2761.904980][T15111] ? ___ratelimit+0x2c8/0x595 [ 2761.909653][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2761.915461][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2761.920737][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2761.925877][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2761.931514][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2761.937497][T15111] ? ___ratelimit+0x60/0x595 [ 2761.942074][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2761.947182][T15111] oom_kill_process.cold+0x10/0x15 [ 2761.952280][T15111] out_of_memory+0x334/0x1340 [ 2761.956940][T15111] ? lock_downgrade+0x920/0x920 [ 2761.962068][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2761.967877][T15111] ? oom_killer_disable+0x280/0x280 [ 2761.973109][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2761.978665][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2761.983682][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2761.988884][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2761.993739][T15111] try_charge+0xf4b/0x1440 [ 2761.998146][T15111] ? find_held_lock+0x35/0x130 [ 2762.002916][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2762.008824][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2762.014510][T15111] ? find_held_lock+0x35/0x130 [ 2762.019298][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2762.024855][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2762.030409][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2762.035613][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2762.041155][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2762.046443][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2762.052327][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2762.057924][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2762.063665][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2762.068865][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2762.074183][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2762.079195][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.084334][T15111] copy_process+0x3f8/0x6860 [ 2762.089073][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.094227][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2762.099285][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.104681][T15111] ? mark_lock+0xc2/0x1220 [ 2762.109279][T15111] ? __cleanup_sighand+0x60/0x60 [ 2762.114237][T15111] ? find_held_lock+0x35/0x130 [ 2762.119040][T15111] _do_fork+0x146/0xf90 [ 2762.123199][T15111] ? copy_init_mm+0x20/0x20 [ 2762.127778][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.132799][T15111] ? _copy_to_user+0x118/0x160 [ 2762.137560][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2762.143968][T15111] ? put_timespec64+0xda/0x140 [ 2762.149051][T15111] __x64_sys_clone+0x18d/0x250 [ 2762.153813][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2762.158870][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2762.164925][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2762.169963][T15111] do_syscall_64+0xfa/0x760 [ 2762.174664][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2762.180582][T15111] RIP: 0033:0x45802a [ 2762.184577][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2762.204181][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2762.212592][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2762.220562][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2762.228520][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2762.237706][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2762.245691][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2762.255668][T15111] memory: usage 60852kB, limit 0kB, failcnt 841 [ 2762.262012][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2762.268986][T15111] Memory cgroup stats for /syz2: [ 2762.269123][T15111] anon 48865280 [ 2762.269123][T15111] file 36864 [ 2762.269123][T15111] kernel_stack 786432 [ 2762.269123][T15111] slab 9703424 [ 2762.269123][T15111] sock 106496 [ 2762.269123][T15111] shmem 0 [ 2762.269123][T15111] file_mapped 0 [ 2762.269123][T15111] file_dirty 135168 [ 2762.269123][T15111] file_writeback 0 [ 2762.269123][T15111] anon_thp 46137344 [ 2762.269123][T15111] inactive_anon 245760 [ 2762.269123][T15111] active_anon 48865280 [ 2762.269123][T15111] inactive_file 118784 [ 2762.269123][T15111] active_file 65536 [ 2762.269123][T15111] unevictable 0 [ 2762.269123][T15111] slab_reclaimable 3244032 [ 2762.269123][T15111] slab_unreclaimable 6459392 [ 2762.269123][T15111] pgfault 396165 [ 2762.269123][T15111] pgmajfault 0 [ 2762.269123][T15111] workingset_refault 0 [ 2762.269123][T15111] workingset_activate 0 [ 2762.269123][T15111] workingset_nodereclaim 0 [ 2762.269123][T15111] pgrefill 74 [ 2762.269123][T15111] pgscan 1900 [ 2762.269123][T15111] pgsteal 1760 [ 2762.365023][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21556,uid=0 [ 2762.380717][T15111] Memory cgroup out of memory: Killed process 21556 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35796kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2762.401147][ T1058] oom_reaper: reaped process 21556 (syz-executor.2), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 2762.402162][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2762.425481][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2762.434515][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2762.444597][T15111] Call Trace: [ 2762.447886][T15111] dump_stack+0x172/0x1f0 [ 2762.452309][T15111] dump_header+0x177/0x1152 [ 2762.456982][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2762.463306][T15111] ? ___ratelimit+0x2c8/0x595 [ 2762.467981][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2762.473797][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2762.479074][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2762.484089][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2762.489864][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2762.495674][T15111] ? ___ratelimit+0x60/0x595 [ 2762.500256][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2762.505651][T15111] oom_kill_process.cold+0x10/0x15 [ 2762.511033][T15111] out_of_memory+0x334/0x1340 [ 2762.515706][T15111] ? lock_downgrade+0x920/0x920 [ 2762.520549][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2762.526354][T15111] ? oom_killer_disable+0x280/0x280 [ 2762.531542][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2762.537121][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2762.543004][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2762.548458][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2762.553296][T15111] try_charge+0xf4b/0x1440 [ 2762.557709][T15111] ? find_held_lock+0x35/0x130 [ 2762.562468][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2762.568132][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2762.573926][T15111] ? find_held_lock+0x35/0x130 [ 2762.578745][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2762.584287][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2762.590028][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2762.595281][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2762.601527][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2762.606651][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2762.612993][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2762.618556][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2762.624455][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2762.629675][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2762.634953][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2762.639973][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.644988][T15111] copy_process+0x3f8/0x6860 [ 2762.649987][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.655010][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2762.660065][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.665078][T15111] ? mark_lock+0xc2/0x1220 [ 2762.669485][T15111] ? __cleanup_sighand+0x60/0x60 [ 2762.674406][T15111] ? find_held_lock+0x35/0x130 [ 2762.679182][T15111] _do_fork+0x146/0xf90 [ 2762.683328][T15111] ? copy_init_mm+0x20/0x20 [ 2762.687907][T15111] ? __kasan_check_read+0x11/0x20 [ 2762.692915][T15111] ? _copy_to_user+0x118/0x160 [ 2762.698969][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2762.705196][T15111] ? put_timespec64+0xda/0x140 [ 2762.709954][T15111] __x64_sys_clone+0x18d/0x250 [ 2762.714812][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2762.719652][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2762.724926][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2762.729945][T15111] do_syscall_64+0xfa/0x760 [ 2762.734439][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2762.740584][T15111] RIP: 0033:0x45802a [ 2762.744464][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2762.764245][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2762.773168][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2762.781133][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2762.790305][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2762.798269][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2762.806247][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2762.814499][T15111] memory: usage 58516kB, limit 0kB, failcnt 847 [ 2762.820815][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2762.827801][T15111] Memory cgroup stats for /syz2: [ 2762.827911][T15111] anon 46637056 [ 2762.827911][T15111] file 36864 [ 2762.827911][T15111] kernel_stack 786432 [ 2762.827911][T15111] slab 9703424 [ 2762.827911][T15111] sock 106496 [ 2762.827911][T15111] shmem 0 [ 2762.827911][T15111] file_mapped 0 [ 2762.827911][T15111] file_dirty 135168 [ 2762.827911][T15111] file_writeback 0 [ 2762.827911][T15111] anon_thp 44040192 [ 2762.827911][T15111] inactive_anon 245760 [ 2762.827911][T15111] active_anon 46637056 [ 2762.827911][T15111] inactive_file 118784 [ 2762.827911][T15111] active_file 65536 [ 2762.827911][T15111] unevictable 0 [ 2762.827911][T15111] slab_reclaimable 3244032 [ 2762.827911][T15111] slab_unreclaimable 6459392 [ 2762.827911][T15111] pgfault 396165 [ 2762.827911][T15111] pgmajfault 0 [ 2762.827911][T15111] workingset_refault 0 [ 2762.827911][T15111] workingset_activate 0 [ 2762.827911][T15111] workingset_nodereclaim 0 [ 2762.827911][T15111] pgrefill 74 [ 2762.827911][T15111] pgscan 1900 [ 2762.827911][T15111] pgsteal 1760 [ 2762.923680][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=31613,uid=0 [ 2762.939435][T15111] Memory cgroup out of memory: Killed process 31613 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:35784kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2762.960936][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2762.965505][ T1058] oom_reaper: reaped process 31613 (syz-executor.2), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 2762.973199][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2762.993519][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2763.003590][T15111] Call Trace: [ 2763.006878][T15111] dump_stack+0x172/0x1f0 [ 2763.012327][T15111] dump_header+0x177/0x1152 [ 2763.016830][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2763.022622][T15111] ? ___ratelimit+0x2c8/0x595 [ 2763.027295][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2763.036396][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2763.041825][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2763.047357][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2763.053033][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2763.058962][T15111] ? ___ratelimit+0x60/0x595 [ 2763.063552][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2763.068829][T15111] oom_kill_process.cold+0x10/0x15 [ 2763.073931][T15111] out_of_memory+0x334/0x1340 [ 2763.078593][T15111] ? lock_downgrade+0x920/0x920 [ 2763.083442][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2763.089241][T15111] ? oom_killer_disable+0x280/0x280 [ 2763.094429][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2763.099960][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2763.104887][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2763.110684][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2763.115532][T15111] try_charge+0xf4b/0x1440 [ 2763.119973][T15111] ? find_held_lock+0x35/0x130 [ 2763.124854][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2763.130854][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2763.136644][T15111] ? find_held_lock+0x35/0x130 [ 2763.141549][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2763.147274][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2763.152825][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2763.158025][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2763.163655][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2763.168758][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2763.174203][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2763.179772][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2763.185508][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2763.190735][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2763.196235][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2763.201867][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.206888][T15111] copy_process+0x3f8/0x6860 [ 2763.211622][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.216770][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2763.221785][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.226798][T15111] ? mark_lock+0xc2/0x1220 [ 2763.231214][T15111] ? __cleanup_sighand+0x60/0x60 [ 2763.236138][T15111] ? find_held_lock+0x35/0x130 [ 2763.241244][T15111] _do_fork+0x146/0xf90 [ 2763.245417][T15111] ? copy_init_mm+0x20/0x20 [ 2763.250077][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.255111][T15111] ? _copy_to_user+0x118/0x160 [ 2763.259873][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2763.267012][T15111] ? put_timespec64+0xda/0x140 [ 2763.271913][T15111] __x64_sys_clone+0x18d/0x250 [ 2763.276689][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2763.282143][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2763.287422][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2763.292445][T15111] do_syscall_64+0xfa/0x760 [ 2763.296947][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2763.302831][T15111] RIP: 0033:0x45802a [ 2763.306708][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2763.326733][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2763.335236][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2763.343204][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2763.351162][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2763.359125][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2763.367082][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2763.375926][T15111] memory: usage 56172kB, limit 0kB, failcnt 853 [ 2763.382892][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2763.390426][T15111] Memory cgroup stats for /syz2: [ 2763.390539][T15111] anon 44417024 [ 2763.390539][T15111] file 36864 [ 2763.390539][T15111] kernel_stack 720896 [ 2763.390539][T15111] slab 9703424 [ 2763.390539][T15111] sock 106496 [ 2763.390539][T15111] shmem 0 [ 2763.390539][T15111] file_mapped 0 [ 2763.390539][T15111] file_dirty 135168 [ 2763.390539][T15111] file_writeback 0 [ 2763.390539][T15111] anon_thp 41943040 [ 2763.390539][T15111] inactive_anon 245760 [ 2763.390539][T15111] active_anon 44417024 [ 2763.390539][T15111] inactive_file 118784 [ 2763.390539][T15111] active_file 65536 [ 2763.390539][T15111] unevictable 0 [ 2763.390539][T15111] slab_reclaimable 3244032 [ 2763.390539][T15111] slab_unreclaimable 6459392 [ 2763.390539][T15111] pgfault 396165 [ 2763.390539][T15111] pgmajfault 0 [ 2763.390539][T15111] workingset_refault 0 [ 2763.390539][T15111] workingset_activate 0 [ 2763.390539][T15111] workingset_nodereclaim 0 [ 2763.390539][T15111] pgrefill 74 [ 2763.390539][T15111] pgscan 1900 [ 2763.390539][T15111] pgsteal 1760 [ 2763.490720][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22016,uid=0 [ 2763.508768][T15111] Memory cgroup out of memory: Killed process 22016 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:35784kB, shmem-rss:0kB, UID:0 pgtables:135168kB oom_score_adj:1000 [ 2763.529838][ T1058] oom_reaper: reaped process 22016 (syz-executor.2), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 2763.530948][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2763.555164][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2763.564737][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2763.574784][T15111] Call Trace: [ 2763.578101][T15111] dump_stack+0x172/0x1f0 [ 2763.582427][T15111] dump_header+0x177/0x1152 [ 2763.586928][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2763.592717][T15111] ? ___ratelimit+0x2c8/0x595 [ 2763.597378][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2763.603177][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2763.608584][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2763.613697][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2763.620580][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2763.627359][T15111] ? ___ratelimit+0x60/0x595 [ 2763.631934][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2763.637049][T15111] oom_kill_process.cold+0x10/0x15 [ 2763.642152][T15111] out_of_memory+0x334/0x1340 [ 2763.646831][T15111] ? lock_downgrade+0x920/0x920 [ 2763.652462][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2763.658264][T15111] ? oom_killer_disable+0x280/0x280 [ 2763.663545][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2763.669177][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2763.674136][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2763.679531][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2763.684521][T15111] try_charge+0xf4b/0x1440 [ 2763.689086][T15111] ? find_held_lock+0x35/0x130 [ 2763.694063][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2763.699607][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2763.705140][T15111] ? find_held_lock+0x35/0x130 [ 2763.709889][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2763.715467][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2763.721050][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2763.726263][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2763.731839][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2763.736980][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2763.742549][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2763.748109][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2763.753996][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2763.759267][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2763.764783][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2763.770414][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.776763][T15111] copy_process+0x3f8/0x6860 [ 2763.781359][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.786378][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2763.791413][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.796443][T15111] ? mark_lock+0xc2/0x1220 [ 2763.800856][T15111] ? __cleanup_sighand+0x60/0x60 [ 2763.805787][T15111] ? find_held_lock+0x35/0x130 [ 2763.810546][T15111] _do_fork+0x146/0xf90 [ 2763.814908][T15111] ? copy_init_mm+0x20/0x20 [ 2763.819664][T15111] ? __kasan_check_read+0x11/0x20 [ 2763.825273][T15111] ? _copy_to_user+0x118/0x160 [ 2763.830103][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2763.836530][T15111] ? put_timespec64+0xda/0x140 [ 2763.841322][T15111] __x64_sys_clone+0x18d/0x250 [ 2763.846466][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2763.853091][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2763.859337][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2763.865210][T15111] do_syscall_64+0xfa/0x760 [ 2763.870064][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2763.876888][T15111] RIP: 0033:0x45802a [ 2763.880894][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2763.900861][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2763.909649][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2763.917707][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2763.925773][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2763.934168][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2763.942158][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2763.950418][T15111] memory: usage 53796kB, limit 0kB, failcnt 859 [ 2763.956676][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2763.963647][T15111] Memory cgroup stats for /syz2: [ 2763.963751][T15111] anon 42180608 [ 2763.963751][T15111] file 36864 [ 2763.963751][T15111] kernel_stack 655360 [ 2763.963751][T15111] slab 9703424 [ 2763.963751][T15111] sock 106496 [ 2763.963751][T15111] shmem 0 [ 2763.963751][T15111] file_mapped 0 [ 2763.963751][T15111] file_dirty 135168 [ 2763.963751][T15111] file_writeback 0 [ 2763.963751][T15111] anon_thp 39845888 [ 2763.963751][T15111] inactive_anon 245760 [ 2763.963751][T15111] active_anon 42180608 [ 2763.963751][T15111] inactive_file 118784 [ 2763.963751][T15111] active_file 65536 [ 2763.963751][T15111] unevictable 0 [ 2763.963751][T15111] slab_reclaimable 3244032 [ 2763.963751][T15111] slab_unreclaimable 6459392 [ 2763.963751][T15111] pgfault 396165 [ 2763.963751][T15111] pgmajfault 0 [ 2763.963751][T15111] workingset_refault 0 [ 2763.963751][T15111] workingset_activate 0 [ 2763.963751][T15111] workingset_nodereclaim 0 [ 2763.963751][T15111] pgrefill 74 [ 2763.963751][T15111] pgscan 1900 [ 2763.963751][T15111] pgsteal 1760 [ 2764.060002][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14880,uid=0 [ 2764.076249][T15111] Memory cgroup out of memory: Killed process 14880 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2764.096738][ T1058] oom_reaper: reaped process 14880 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2764.098460][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2764.121322][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2764.130358][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2764.140678][T15111] Call Trace: [ 2764.143992][T15111] dump_stack+0x172/0x1f0 [ 2764.148359][T15111] dump_header+0x177/0x1152 [ 2764.152888][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2764.158690][T15111] ? ___ratelimit+0x2c8/0x595 [ 2764.163444][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2764.169505][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2764.174785][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2764.180124][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2764.185850][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2764.191646][T15111] ? ___ratelimit+0x60/0x595 [ 2764.196586][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2764.201858][T15111] oom_kill_process.cold+0x10/0x15 [ 2764.207137][T15111] out_of_memory+0x334/0x1340 [ 2764.211816][T15111] ? lock_downgrade+0x920/0x920 [ 2764.216672][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2764.222937][T15111] ? oom_killer_disable+0x280/0x280 [ 2764.228834][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2764.234491][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2764.239465][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2764.244792][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2764.249763][T15111] try_charge+0xf4b/0x1440 [ 2764.254179][T15111] ? find_held_lock+0x35/0x130 [ 2764.259118][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2764.264644][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2764.270177][T15111] ? find_held_lock+0x35/0x130 [ 2764.275021][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2764.280574][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2764.286124][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2764.291332][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2764.296869][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2764.301968][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2764.307364][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2764.312898][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2764.318631][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2764.323842][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2764.329120][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2764.334137][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.339153][T15111] copy_process+0x3f8/0x6860 [ 2764.343756][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.348840][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2764.353884][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.358913][T15111] ? mark_lock+0xc2/0x1220 [ 2764.363321][T15111] ? __cleanup_sighand+0x60/0x60 [ 2764.368256][T15111] ? find_held_lock+0x35/0x130 [ 2764.373986][T15111] _do_fork+0x146/0xf90 [ 2764.378131][T15111] ? copy_init_mm+0x20/0x20 [ 2764.383573][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.388682][T15111] ? _copy_to_user+0x118/0x160 [ 2764.393436][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2764.399658][T15111] ? put_timespec64+0xda/0x140 [ 2764.404417][T15111] __x64_sys_clone+0x18d/0x250 [ 2764.409184][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2764.414848][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2764.420127][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2764.425156][T15111] do_syscall_64+0xfa/0x760 [ 2764.429654][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2764.435657][T15111] RIP: 0033:0x45802a [ 2764.439607][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2764.459896][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2764.468295][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2764.476445][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2764.484529][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2764.492501][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2764.500475][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2764.508775][ C1] net_ratelimit: 14 callbacks suppressed [ 2764.508786][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2764.520369][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2764.530501][T15111] memory: usage 51472kB, limit 0kB, failcnt 865 [ 2764.536819][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2764.543851][T15111] Memory cgroup stats for /syz2: [ 2764.543957][T15111] anon 39968768 [ 2764.543957][T15111] file 36864 [ 2764.543957][T15111] kernel_stack 655360 [ 2764.543957][T15111] slab 9703424 [ 2764.543957][T15111] sock 106496 [ 2764.543957][T15111] shmem 0 [ 2764.543957][T15111] file_mapped 0 [ 2764.543957][T15111] file_dirty 135168 [ 2764.543957][T15111] file_writeback 0 [ 2764.543957][T15111] anon_thp 37748736 [ 2764.543957][T15111] inactive_anon 245760 [ 2764.543957][T15111] active_anon 39968768 [ 2764.543957][T15111] inactive_file 118784 [ 2764.543957][T15111] active_file 65536 [ 2764.543957][T15111] unevictable 0 [ 2764.543957][T15111] slab_reclaimable 3244032 [ 2764.543957][T15111] slab_unreclaimable 6459392 [ 2764.543957][T15111] pgfault 396165 [ 2764.543957][T15111] pgmajfault 0 [ 2764.543957][T15111] workingset_refault 0 [ 2764.543957][T15111] workingset_activate 0 [ 2764.543957][T15111] workingset_nodereclaim 0 [ 2764.543957][T15111] pgrefill 74 [ 2764.543957][T15111] pgscan 1900 [ 2764.543957][T15111] pgsteal 1760 [ 2764.638812][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=6675,uid=0 [ 2764.657258][T15111] Memory cgroup out of memory: Killed process 6675 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2764.677742][ T1058] oom_reaper: reaped process 6675 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2764.679119][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2764.701009][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2764.711005][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2764.721207][T15111] Call Trace: [ 2764.724652][T15111] dump_stack+0x172/0x1f0 [ 2764.729001][T15111] dump_header+0x177/0x1152 [ 2764.733513][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2764.739707][T15111] ? ___ratelimit+0x2c8/0x595 [ 2764.744470][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2764.750399][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2764.755696][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2764.760902][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2764.766558][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2764.772379][T15111] ? ___ratelimit+0x60/0x595 [ 2764.776994][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2764.782118][T15111] oom_kill_process.cold+0x10/0x15 [ 2764.787429][T15111] out_of_memory+0x334/0x1340 [ 2764.792201][T15111] ? lock_downgrade+0x920/0x920 [ 2764.797071][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2764.802876][T15111] ? oom_killer_disable+0x280/0x280 [ 2764.808097][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2764.813676][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2764.818609][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2764.823723][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2764.828755][T15111] try_charge+0xf4b/0x1440 [ 2764.833183][T15111] ? find_held_lock+0x35/0x130 [ 2764.837169][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2764.837954][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2764.843818][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2764.849295][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2764.849317][T15111] ? find_held_lock+0x35/0x130 [ 2764.849331][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2764.849354][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2764.849369][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2764.849385][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2764.849404][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2764.849426][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2764.849440][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2764.849457][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2764.855419][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2764.860701][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2764.860722][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2764.860737][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2764.860751][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.860775][T15111] copy_process+0x3f8/0x6860 [ 2764.860795][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.865675][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2764.871081][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2764.871092][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.871103][T15111] ? mark_lock+0xc2/0x1220 [ 2764.871127][T15111] ? __cleanup_sighand+0x60/0x60 [ 2764.871141][T15111] ? find_held_lock+0x35/0x130 [ 2764.871174][T15111] _do_fork+0x146/0xf90 [ 2764.871192][T15111] ? copy_init_mm+0x20/0x20 [ 2764.987703][T15111] ? __kasan_check_read+0x11/0x20 [ 2764.992739][T15111] ? _copy_to_user+0x118/0x160 [ 2764.997510][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2765.003758][T15111] ? put_timespec64+0xda/0x140 [ 2765.008541][T15111] __x64_sys_clone+0x18d/0x250 [ 2765.013784][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2765.018758][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2765.024157][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2765.029194][T15111] do_syscall_64+0xfa/0x760 [ 2765.033690][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2765.039586][T15111] RIP: 0033:0x45802a [ 2765.043659][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2765.063255][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2765.071931][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2765.079905][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2765.088059][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2765.096033][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2765.104003][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2765.112264][T15111] memory: usage 49152kB, limit 0kB, failcnt 871 [ 2765.118611][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2765.125555][T15111] Memory cgroup stats for /syz2: [ 2765.125669][T15111] anon 37752832 [ 2765.125669][T15111] file 36864 [ 2765.125669][T15111] kernel_stack 589824 [ 2765.125669][T15111] slab 9703424 [ 2765.125669][T15111] sock 106496 [ 2765.125669][T15111] shmem 0 [ 2765.125669][T15111] file_mapped 0 [ 2765.125669][T15111] file_dirty 135168 [ 2765.125669][T15111] file_writeback 0 [ 2765.125669][T15111] anon_thp 35651584 [ 2765.125669][T15111] inactive_anon 245760 [ 2765.125669][T15111] active_anon 37752832 [ 2765.125669][T15111] inactive_file 118784 [ 2765.125669][T15111] active_file 65536 [ 2765.125669][T15111] unevictable 0 [ 2765.125669][T15111] slab_reclaimable 3244032 [ 2765.125669][T15111] slab_unreclaimable 6459392 [ 2765.125669][T15111] pgfault 396165 [ 2765.125669][T15111] pgmajfault 0 [ 2765.125669][T15111] workingset_refault 0 [ 2765.125669][T15111] workingset_activate 0 [ 2765.125669][T15111] workingset_nodereclaim 0 [ 2765.125669][T15111] pgrefill 74 [ 2765.125669][T15111] pgscan 1900 [ 2765.125669][T15111] pgsteal 1760 [ 2765.220970][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=6612,uid=0 [ 2765.236639][T15111] Memory cgroup out of memory: Killed process 6612 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2765.257090][ T1058] oom_reaper: reaped process 6612 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2765.257975][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2765.280383][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2765.289854][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2765.300036][T15111] Call Trace: [ 2765.303380][T15111] dump_stack+0x172/0x1f0 [ 2765.307742][T15111] dump_header+0x177/0x1152 [ 2765.312336][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2765.318394][T15111] ? ___ratelimit+0x2c8/0x595 [ 2765.323171][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2765.328996][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2765.334447][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2765.339481][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2765.345128][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2765.350943][T15111] ? ___ratelimit+0x60/0x595 [ 2765.355537][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2765.360651][T15111] oom_kill_process.cold+0x10/0x15 [ 2765.365756][T15111] out_of_memory+0x334/0x1340 [ 2765.370436][T15111] ? lock_downgrade+0x920/0x920 [ 2765.375294][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2765.382587][T15111] ? oom_killer_disable+0x280/0x280 [ 2765.387805][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2765.393376][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2765.397221][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2765.398327][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2765.398349][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2765.404213][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2765.409165][T15111] try_charge+0xf4b/0x1440 [ 2765.409180][T15111] ? find_held_lock+0x35/0x130 [ 2765.409200][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2765.409210][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2765.409222][T15111] ? find_held_lock+0x35/0x130 [ 2765.409237][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2765.409268][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2765.409283][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2765.409301][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2765.466604][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2765.471719][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2765.477097][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2765.482648][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2765.488356][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2765.493569][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2765.498855][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2765.503876][T15111] ? __kasan_check_read+0x11/0x20 [ 2765.508915][T15111] copy_process+0x3f8/0x6860 [ 2765.513543][T15111] ? __kasan_check_read+0x11/0x20 [ 2765.519438][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2765.524456][T15111] ? __kasan_check_read+0x11/0x20 [ 2765.529489][T15111] ? mark_lock+0xc2/0x1220 [ 2765.533898][T15111] ? __cleanup_sighand+0x60/0x60 [ 2765.538866][T15111] ? find_held_lock+0x35/0x130 [ 2765.543787][T15111] _do_fork+0x146/0xf90 [ 2765.548168][T15111] ? copy_init_mm+0x20/0x20 [ 2765.552675][T15111] ? __kasan_check_read+0x11/0x20 [ 2765.557703][T15111] ? _copy_to_user+0x118/0x160 [ 2765.562486][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2765.568743][T15111] ? put_timespec64+0xda/0x140 [ 2765.573518][T15111] __x64_sys_clone+0x18d/0x250 [ 2765.578280][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2765.583164][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2765.588488][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2765.593524][T15111] do_syscall_64+0xfa/0x760 [ 2765.598054][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2765.603937][T15111] RIP: 0033:0x45802a [ 2765.607830][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2765.627481][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2765.635901][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2765.643862][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2765.651846][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2765.659822][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2765.667795][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2765.676101][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2765.682491][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2765.688761][T15111] memory: usage 46832kB, limit 0kB, failcnt 877 [ 2765.695099][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2765.702302][T15111] Memory cgroup stats for /syz2: [ 2765.702445][T15111] anon 35536896 [ 2765.702445][T15111] file 36864 [ 2765.702445][T15111] kernel_stack 589824 [ 2765.702445][T15111] slab 9703424 [ 2765.702445][T15111] sock 106496 [ 2765.702445][T15111] shmem 0 [ 2765.702445][T15111] file_mapped 0 [ 2765.702445][T15111] file_dirty 135168 [ 2765.702445][T15111] file_writeback 0 [ 2765.702445][T15111] anon_thp 33554432 [ 2765.702445][T15111] inactive_anon 245760 [ 2765.702445][T15111] active_anon 35536896 [ 2765.702445][T15111] inactive_file 118784 [ 2765.702445][T15111] active_file 65536 [ 2765.702445][T15111] unevictable 0 [ 2765.702445][T15111] slab_reclaimable 3244032 [ 2765.702445][T15111] slab_unreclaimable 6459392 [ 2765.702445][T15111] pgfault 396165 [ 2765.702445][T15111] pgmajfault 0 [ 2765.702445][T15111] workingset_refault 0 [ 2765.702445][T15111] workingset_activate 0 [ 2765.702445][T15111] workingset_nodereclaim 0 [ 2765.702445][T15111] pgrefill 74 [ 2765.702445][T15111] pgscan 1900 [ 2765.702445][T15111] pgsteal 1760 [ 2765.798956][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=6567,uid=0 [ 2765.814673][T15111] Memory cgroup out of memory: Killed process 6567 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2765.833256][ T1058] oom_reaper: reaped process 6567 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2765.842703][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2765.859637][T15111] CPU: 0 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2765.868901][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2765.878961][T15111] Call Trace: [ 2765.882272][T15111] dump_stack+0x172/0x1f0 [ 2765.886611][T15111] dump_header+0x177/0x1152 [ 2765.891103][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2765.896892][T15111] ? ___ratelimit+0x2c8/0x595 [ 2765.901568][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2765.907392][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2765.912686][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2765.917707][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2765.923339][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2765.929135][T15111] ? ___ratelimit+0x60/0x595 [ 2765.933807][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2765.938925][T15111] oom_kill_process.cold+0x10/0x15 [ 2765.944047][T15111] out_of_memory+0x334/0x1340 [ 2765.948729][T15111] ? lock_downgrade+0x920/0x920 [ 2765.953571][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2765.959379][T15111] ? oom_killer_disable+0x280/0x280 [ 2765.964581][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2765.970110][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2765.975035][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2765.980151][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2765.985000][T15111] try_charge+0xf4b/0x1440 [ 2765.989426][T15111] ? find_held_lock+0x35/0x130 [ 2765.994176][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2765.999715][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2766.005268][T15111] ? find_held_lock+0x35/0x130 [ 2766.010107][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2766.015702][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2766.021268][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2766.026508][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2766.032067][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2766.037183][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2766.042585][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2766.048147][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2766.053897][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2766.059121][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2766.064400][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2766.069411][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.074432][T15111] copy_process+0x3f8/0x6860 [ 2766.079009][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.084030][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2766.089037][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.094052][T15111] ? mark_lock+0xc2/0x1220 [ 2766.098652][T15111] ? __cleanup_sighand+0x60/0x60 [ 2766.103569][T15111] ? find_held_lock+0x35/0x130 [ 2766.108321][T15111] _do_fork+0x146/0xf90 [ 2766.112460][T15111] ? copy_init_mm+0x20/0x20 [ 2766.116948][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.121967][T15111] ? _copy_to_user+0x118/0x160 [ 2766.126721][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2766.133489][T15111] ? put_timespec64+0xda/0x140 [ 2766.138251][T15111] __x64_sys_clone+0x18d/0x250 [ 2766.143089][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2766.147940][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2766.153220][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2766.158237][T15111] do_syscall_64+0xfa/0x760 [ 2766.162728][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2766.168631][T15111] RIP: 0033:0x45802a [ 2766.172550][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2766.192327][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2766.200747][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2766.208896][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2766.216854][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2766.224810][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2766.233080][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2766.247079][T15111] memory: usage 44508kB, limit 0kB, failcnt 883 [ 2766.253471][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2766.260509][T15111] Memory cgroup stats for /syz2: [ 2766.260606][T15111] anon 33320960 [ 2766.260606][T15111] file 36864 [ 2766.260606][T15111] kernel_stack 524288 [ 2766.260606][T15111] slab 9703424 [ 2766.260606][T15111] sock 106496 [ 2766.260606][T15111] shmem 0 [ 2766.260606][T15111] file_mapped 0 [ 2766.260606][T15111] file_dirty 135168 [ 2766.260606][T15111] file_writeback 0 [ 2766.260606][T15111] anon_thp 31457280 [ 2766.260606][T15111] inactive_anon 245760 [ 2766.260606][T15111] active_anon 33320960 [ 2766.260606][T15111] inactive_file 118784 [ 2766.260606][T15111] active_file 65536 [ 2766.260606][T15111] unevictable 0 [ 2766.260606][T15111] slab_reclaimable 3244032 [ 2766.260606][T15111] slab_unreclaimable 6459392 [ 2766.260606][T15111] pgfault 396165 [ 2766.260606][T15111] pgmajfault 0 [ 2766.260606][T15111] workingset_refault 0 [ 2766.260606][T15111] workingset_activate 0 [ 2766.260606][T15111] workingset_nodereclaim 0 [ 2766.260606][T15111] pgrefill 74 [ 2766.260606][T15111] pgscan 1900 [ 2766.260606][T15111] pgsteal 1760 [ 2766.356690][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=6535,uid=0 [ 2766.373270][T15111] Memory cgroup out of memory: Killed process 6535 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2766.393197][ T1058] oom_reaper: reaped process 6535 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2766.396331][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2766.416532][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2766.425569][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2766.435977][T15111] Call Trace: [ 2766.439290][T15111] dump_stack+0x172/0x1f0 [ 2766.443753][T15111] dump_header+0x177/0x1152 [ 2766.448400][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2766.454220][T15111] ? ___ratelimit+0x2c8/0x595 [ 2766.459032][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2766.464878][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2766.470952][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2766.476280][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2766.482071][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2766.488029][T15111] ? ___ratelimit+0x60/0x595 [ 2766.492719][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2766.497997][T15111] oom_kill_process.cold+0x10/0x15 [ 2766.503298][T15111] out_of_memory+0x334/0x1340 [ 2766.508120][T15111] ? lock_downgrade+0x920/0x920 [ 2766.513130][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2766.518966][T15111] ? oom_killer_disable+0x280/0x280 [ 2766.524179][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2766.529734][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2766.534684][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2766.539829][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2766.544702][T15111] try_charge+0xf4b/0x1440 [ 2766.549114][T15111] ? find_held_lock+0x35/0x130 [ 2766.553884][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2766.559439][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2766.564984][T15111] ? find_held_lock+0x35/0x130 [ 2766.569748][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2766.575402][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2766.581397][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2766.586587][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2766.592268][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2766.597532][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2766.602932][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2766.608511][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2766.614387][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2766.619609][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2766.624914][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2766.629955][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.634997][T15111] copy_process+0x3f8/0x6860 [ 2766.639654][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.644802][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2766.650046][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.655092][T15111] ? mark_lock+0xc2/0x1220 [ 2766.659505][T15111] ? __cleanup_sighand+0x60/0x60 [ 2766.664428][T15111] ? find_held_lock+0x35/0x130 [ 2766.669218][T15111] _do_fork+0x146/0xf90 [ 2766.673465][T15111] ? copy_init_mm+0x20/0x20 [ 2766.678110][T15111] ? __kasan_check_read+0x11/0x20 [ 2766.683221][T15111] ? _copy_to_user+0x118/0x160 [ 2766.688031][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2766.694811][T15111] ? put_timespec64+0xda/0x140 [ 2766.699572][T15111] __x64_sys_clone+0x18d/0x250 [ 2766.704337][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2766.709229][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2766.714538][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2766.719575][T15111] do_syscall_64+0xfa/0x760 [ 2766.724077][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2766.729974][T15111] RIP: 0033:0x45802a [ 2766.733878][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2766.753492][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2766.761898][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2766.769976][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2766.778059][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2766.786131][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2766.794207][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2766.803102][T15111] memory: usage 42184kB, limit 0kB, failcnt 889 [ 2766.809464][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2766.816460][T15111] Memory cgroup stats for /syz2: [ 2766.816565][T15111] anon 31076352 [ 2766.816565][T15111] file 36864 [ 2766.816565][T15111] kernel_stack 524288 [ 2766.816565][T15111] slab 9703424 [ 2766.816565][T15111] sock 106496 [ 2766.816565][T15111] shmem 0 [ 2766.816565][T15111] file_mapped 0 [ 2766.816565][T15111] file_dirty 135168 [ 2766.816565][T15111] file_writeback 0 [ 2766.816565][T15111] anon_thp 29360128 [ 2766.816565][T15111] inactive_anon 245760 [ 2766.816565][T15111] active_anon 31076352 [ 2766.816565][T15111] inactive_file 118784 [ 2766.816565][T15111] active_file 65536 [ 2766.816565][T15111] unevictable 0 [ 2766.816565][T15111] slab_reclaimable 3244032 [ 2766.816565][T15111] slab_unreclaimable 6459392 [ 2766.816565][T15111] pgfault 396165 [ 2766.816565][T15111] pgmajfault 0 [ 2766.816565][T15111] workingset_refault 0 [ 2766.816565][T15111] workingset_activate 0 [ 2766.816565][T15111] workingset_nodereclaim 0 [ 2766.816565][T15111] pgrefill 74 [ 2766.816565][T15111] pgscan 1900 [ 2766.816565][T15111] pgsteal 1760 [ 2766.912266][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=6490,uid=0 [ 2766.928037][T15111] Memory cgroup out of memory: Killed process 6490 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2766.946352][ T1058] oom_reaper: reaped process 6490 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2766.949048][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2766.969900][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2766.978935][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2766.989201][T15111] Call Trace: [ 2766.992502][T15111] dump_stack+0x172/0x1f0 [ 2766.997022][T15111] dump_header+0x177/0x1152 [ 2767.001562][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2767.007387][T15111] ? ___ratelimit+0x2c8/0x595 [ 2767.012074][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2767.017916][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2767.023222][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2767.028252][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2767.033896][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2767.039710][T15111] ? ___ratelimit+0x60/0x595 [ 2767.044319][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2767.049512][T15111] oom_kill_process.cold+0x10/0x15 [ 2767.054650][T15111] out_of_memory+0x334/0x1340 [ 2767.059459][T15111] ? lock_downgrade+0x920/0x920 [ 2767.064331][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2767.070159][T15111] ? oom_killer_disable+0x280/0x280 [ 2767.075351][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2767.080904][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2767.085952][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2767.091105][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2767.096043][T15111] try_charge+0xf4b/0x1440 [ 2767.100500][T15111] ? find_held_lock+0x35/0x130 [ 2767.105285][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2767.110853][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2767.116457][T15111] ? find_held_lock+0x35/0x130 [ 2767.121273][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2767.126858][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2767.132451][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2767.137669][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2767.143660][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2767.148779][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2767.154149][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2767.159732][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2767.165581][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2767.171040][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2767.176593][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2767.181618][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.186655][T15111] copy_process+0x3f8/0x6860 [ 2767.191386][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.196607][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2767.201643][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.206806][T15111] ? mark_lock+0xc2/0x1220 [ 2767.211226][T15111] ? __cleanup_sighand+0x60/0x60 [ 2767.216343][T15111] ? find_held_lock+0x35/0x130 [ 2767.221315][T15111] _do_fork+0x146/0xf90 [ 2767.225539][T15111] ? copy_init_mm+0x20/0x20 [ 2767.230484][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.235541][T15111] ? _copy_to_user+0x118/0x160 [ 2767.240543][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2767.246897][T15111] ? put_timespec64+0xda/0x140 [ 2767.251685][T15111] __x64_sys_clone+0x18d/0x250 [ 2767.256463][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2767.261351][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2767.266651][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2767.271863][T15111] do_syscall_64+0xfa/0x760 [ 2767.276481][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2767.282394][T15111] RIP: 0033:0x45802a [ 2767.286307][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2767.305911][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2767.314319][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2767.322478][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2767.330458][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2767.338447][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2767.346431][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2767.356948][T15111] memory: usage 39864kB, limit 0kB, failcnt 895 [ 2767.363498][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2767.370841][T15111] Memory cgroup stats for /syz2: [ 2767.370987][T15111] anon 28831744 [ 2767.370987][T15111] file 36864 [ 2767.370987][T15111] kernel_stack 458752 [ 2767.370987][T15111] slab 9703424 [ 2767.370987][T15111] sock 106496 [ 2767.370987][T15111] shmem 0 [ 2767.370987][T15111] file_mapped 0 [ 2767.370987][T15111] file_dirty 135168 [ 2767.370987][T15111] file_writeback 0 [ 2767.370987][T15111] anon_thp 27262976 [ 2767.370987][T15111] inactive_anon 245760 [ 2767.370987][T15111] active_anon 28831744 [ 2767.370987][T15111] inactive_file 118784 [ 2767.370987][T15111] active_file 65536 [ 2767.370987][T15111] unevictable 0 [ 2767.370987][T15111] slab_reclaimable 3244032 [ 2767.370987][T15111] slab_unreclaimable 6459392 [ 2767.370987][T15111] pgfault 396165 [ 2767.370987][T15111] pgmajfault 0 [ 2767.370987][T15111] workingset_refault 0 [ 2767.370987][T15111] workingset_activate 0 [ 2767.370987][T15111] workingset_nodereclaim 0 [ 2767.370987][T15111] pgrefill 74 [ 2767.370987][T15111] pgscan 1900 [ 2767.370987][T15111] pgsteal 1760 [ 2767.467322][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26191,uid=0 [ 2767.483512][T15111] Memory cgroup out of memory: Killed process 26191 (syz-executor.2) total-vm:72704kB, anon-rss:2208kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2767.504424][ T1058] oom_reaper: reaped process 26191 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2767.511930][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2767.528627][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2767.537681][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2767.547770][T15111] Call Trace: [ 2767.551092][T15111] dump_stack+0x172/0x1f0 [ 2767.555444][T15111] dump_header+0x177/0x1152 [ 2767.559961][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2767.565771][T15111] ? ___ratelimit+0x2c8/0x595 [ 2767.570461][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2767.576384][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2767.581754][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2767.586792][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2767.592536][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2767.598346][T15111] ? ___ratelimit+0x60/0x595 [ 2767.602964][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2767.608114][T15111] oom_kill_process.cold+0x10/0x15 [ 2767.613312][T15111] out_of_memory+0x334/0x1340 [ 2767.618001][T15111] ? lock_downgrade+0x920/0x920 [ 2767.622865][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2767.628677][T15111] ? oom_killer_disable+0x280/0x280 [ 2767.633870][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2767.639436][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2767.644394][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2767.649528][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2767.654385][T15111] try_charge+0xf4b/0x1440 [ 2767.658880][T15111] ? find_held_lock+0x35/0x130 [ 2767.663659][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2767.669466][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2767.675705][T15111] ? find_held_lock+0x35/0x130 [ 2767.681001][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2767.686845][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2767.692742][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2767.698275][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2767.704359][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2767.709971][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2767.715365][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2767.720908][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2767.726614][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2767.732045][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2767.737676][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2767.742732][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.747974][T15111] copy_process+0x3f8/0x6860 [ 2767.752678][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.757890][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2767.763777][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.768815][T15111] ? mark_lock+0xc2/0x1220 [ 2767.773763][T15111] ? __cleanup_sighand+0x60/0x60 [ 2767.779324][T15111] ? find_held_lock+0x35/0x130 [ 2767.784136][T15111] _do_fork+0x146/0xf90 [ 2767.788320][T15111] ? copy_init_mm+0x20/0x20 [ 2767.793393][T15111] ? __kasan_check_read+0x11/0x20 [ 2767.798426][T15111] ? _copy_to_user+0x118/0x160 [ 2767.803364][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2767.809607][T15111] ? put_timespec64+0xda/0x140 [ 2767.814378][T15111] __x64_sys_clone+0x18d/0x250 [ 2767.819313][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2767.824168][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2767.829545][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2767.834586][T15111] do_syscall_64+0xfa/0x760 [ 2767.839255][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2767.845138][T15111] RIP: 0033:0x45802a [ 2767.849036][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2767.870160][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2767.878707][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2767.886692][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2767.894671][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2767.902652][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2767.910714][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2767.919516][T15111] memory: usage 37532kB, limit 0kB, failcnt 901 [ 2767.925824][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2767.932785][T15111] Memory cgroup stats for /syz2: [ 2767.932876][T15111] anon 26644480 [ 2767.932876][T15111] file 36864 [ 2767.932876][T15111] kernel_stack 458752 [ 2767.932876][T15111] slab 9703424 [ 2767.932876][T15111] sock 106496 [ 2767.932876][T15111] shmem 0 [ 2767.932876][T15111] file_mapped 0 [ 2767.932876][T15111] file_dirty 135168 [ 2767.932876][T15111] file_writeback 0 [ 2767.932876][T15111] anon_thp 25165824 [ 2767.932876][T15111] inactive_anon 245760 [ 2767.932876][T15111] active_anon 26644480 [ 2767.932876][T15111] inactive_file 118784 [ 2767.932876][T15111] active_file 65536 [ 2767.932876][T15111] unevictable 0 [ 2767.932876][T15111] slab_reclaimable 3244032 [ 2767.932876][T15111] slab_unreclaimable 6459392 [ 2767.932876][T15111] pgfault 396165 [ 2767.932876][T15111] pgmajfault 0 [ 2767.932876][T15111] workingset_refault 0 [ 2767.932876][T15111] workingset_activate 0 [ 2767.932876][T15111] workingset_nodereclaim 0 [ 2767.932876][T15111] pgrefill 74 [ 2767.932876][T15111] pgscan 1900 [ 2767.932876][T15111] pgsteal 1760 [ 2768.028028][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17088,uid=0 [ 2768.043648][T15111] Memory cgroup out of memory: Killed process 17088 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2768.063492][ T1058] oom_reaper: reaped process 17088 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2768.064607][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2768.086819][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2768.095855][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2768.106889][T15111] Call Trace: [ 2768.110196][T15111] dump_stack+0x172/0x1f0 [ 2768.114750][T15111] dump_header+0x177/0x1152 [ 2768.119265][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2768.125214][T15111] ? ___ratelimit+0x2c8/0x595 [ 2768.129896][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2768.135703][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2768.140985][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2768.146374][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2768.152009][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2768.157829][T15111] ? ___ratelimit+0x60/0x595 [ 2768.162426][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2768.167565][T15111] oom_kill_process.cold+0x10/0x15 [ 2768.172701][T15111] out_of_memory+0x334/0x1340 [ 2768.177382][T15111] ? lock_downgrade+0x920/0x920 [ 2768.182247][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2768.188056][T15111] ? oom_killer_disable+0x280/0x280 [ 2768.193279][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2768.198849][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2768.203792][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2768.208918][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2768.213772][T15111] try_charge+0xf4b/0x1440 [ 2768.218189][T15111] ? find_held_lock+0x35/0x130 [ 2768.222978][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2768.228532][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2768.234087][T15111] ? find_held_lock+0x35/0x130 [ 2768.238943][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2768.244500][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2768.250046][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2768.255265][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2768.261592][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2768.266773][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2768.272160][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2768.277727][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2768.283461][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2768.288679][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2768.293992][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2768.299048][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.304101][T15111] copy_process+0x3f8/0x6860 [ 2768.308705][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.313737][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2768.318766][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.323798][T15111] ? mark_lock+0xc2/0x1220 [ 2768.328230][T15111] ? __cleanup_sighand+0x60/0x60 [ 2768.333203][T15111] ? find_held_lock+0x35/0x130 [ 2768.338003][T15111] _do_fork+0x146/0xf90 [ 2768.342168][T15111] ? copy_init_mm+0x20/0x20 [ 2768.346666][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.351810][T15111] ? _copy_to_user+0x118/0x160 [ 2768.356678][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2768.362940][T15111] ? put_timespec64+0xda/0x140 [ 2768.367852][T15111] __x64_sys_clone+0x18d/0x250 [ 2768.372649][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2768.377533][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2768.382858][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2768.387897][T15111] do_syscall_64+0xfa/0x760 [ 2768.392423][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2768.398333][T15111] RIP: 0033:0x45802a [ 2768.402227][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2768.422346][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2768.431090][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2768.439075][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2768.447075][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2768.455058][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2768.463219][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2768.473316][T15111] memory: usage 35224kB, limit 0kB, failcnt 907 [ 2768.479675][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2768.486523][T15111] Memory cgroup stats for /syz2: [ 2768.486610][T15111] anon 24432640 [ 2768.486610][T15111] file 36864 [ 2768.486610][T15111] kernel_stack 393216 [ 2768.486610][T15111] slab 9703424 [ 2768.486610][T15111] sock 106496 [ 2768.486610][T15111] shmem 0 [ 2768.486610][T15111] file_mapped 0 [ 2768.486610][T15111] file_dirty 135168 [ 2768.486610][T15111] file_writeback 0 [ 2768.486610][T15111] anon_thp 23068672 [ 2768.486610][T15111] inactive_anon 245760 [ 2768.486610][T15111] active_anon 24432640 [ 2768.486610][T15111] inactive_file 118784 [ 2768.486610][T15111] active_file 65536 [ 2768.486610][T15111] unevictable 0 [ 2768.486610][T15111] slab_reclaimable 3244032 [ 2768.486610][T15111] slab_unreclaimable 6459392 [ 2768.486610][T15111] pgfault 396165 [ 2768.486610][T15111] pgmajfault 0 [ 2768.486610][T15111] workingset_refault 0 [ 2768.486610][T15111] workingset_activate 0 [ 2768.486610][T15111] workingset_nodereclaim 0 [ 2768.486610][T15111] pgrefill 74 [ 2768.486610][T15111] pgscan 1900 [ 2768.486610][T15111] pgsteal 1760 [ 2768.581317][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17055,uid=0 [ 2768.596894][T15111] Memory cgroup out of memory: Killed process 17055 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2768.616765][ T1058] oom_reaper: reaped process 17055 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2768.618004][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2768.639910][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2768.648943][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2768.659037][T15111] Call Trace: [ 2768.662362][T15111] dump_stack+0x172/0x1f0 [ 2768.666690][T15111] dump_header+0x177/0x1152 [ 2768.671204][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2768.677042][T15111] ? ___ratelimit+0x2c8/0x595 [ 2768.681743][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2768.687587][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2768.692889][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2768.698060][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2768.703692][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2768.709504][T15111] ? ___ratelimit+0x60/0x595 [ 2768.714096][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2768.719367][T15111] oom_kill_process.cold+0x10/0x15 [ 2768.724505][T15111] out_of_memory+0x334/0x1340 [ 2768.729220][T15111] ? lock_downgrade+0x920/0x920 [ 2768.734090][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2768.739929][T15111] ? oom_killer_disable+0x280/0x280 [ 2768.745170][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2768.750757][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2768.755712][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2768.761050][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2768.765898][T15111] try_charge+0xf4b/0x1440 [ 2768.770322][T15111] ? find_held_lock+0x35/0x130 [ 2768.775111][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2768.780663][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2768.786199][T15111] ? find_held_lock+0x35/0x130 [ 2768.790983][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2768.796554][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2768.802128][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2768.807356][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2768.812908][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2768.818195][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2768.823592][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2768.829147][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2768.834869][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2768.840079][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2768.845360][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2768.850416][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.855468][T15111] copy_process+0x3f8/0x6860 [ 2768.860075][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.865208][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2768.870250][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.875446][T15111] ? mark_lock+0xc2/0x1220 [ 2768.879865][T15111] ? __cleanup_sighand+0x60/0x60 [ 2768.885184][T15111] ? find_held_lock+0x35/0x130 [ 2768.889997][T15111] _do_fork+0x146/0xf90 [ 2768.894256][T15111] ? copy_init_mm+0x20/0x20 [ 2768.898751][T15111] ? __kasan_check_read+0x11/0x20 [ 2768.903764][T15111] ? _copy_to_user+0x118/0x160 [ 2768.908535][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2768.914793][T15111] ? put_timespec64+0xda/0x140 [ 2768.919556][T15111] __x64_sys_clone+0x18d/0x250 [ 2768.924323][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2768.929214][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2768.934533][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2768.939578][T15111] do_syscall_64+0xfa/0x760 [ 2768.944085][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2768.949996][T15111] RIP: 0033:0x45802a [ 2768.953979][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2768.973576][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2768.981981][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2768.989965][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2768.998056][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2769.007181][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2769.015153][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2769.023829][T15111] memory: usage 32916kB, limit 0kB, failcnt 913 [ 2769.030168][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2769.037413][T15111] Memory cgroup stats for /syz2: [ 2769.037522][T15111] anon 22228992 [ 2769.037522][T15111] file 36864 [ 2769.037522][T15111] kernel_stack 393216 [ 2769.037522][T15111] slab 9703424 [ 2769.037522][T15111] sock 106496 [ 2769.037522][T15111] shmem 0 [ 2769.037522][T15111] file_mapped 0 [ 2769.037522][T15111] file_dirty 135168 [ 2769.037522][T15111] file_writeback 0 [ 2769.037522][T15111] anon_thp 20971520 [ 2769.037522][T15111] inactive_anon 245760 [ 2769.037522][T15111] active_anon 22228992 [ 2769.037522][T15111] inactive_file 118784 [ 2769.037522][T15111] active_file 65536 [ 2769.037522][T15111] unevictable 0 [ 2769.037522][T15111] slab_reclaimable 3244032 [ 2769.037522][T15111] slab_unreclaimable 6459392 [ 2769.037522][T15111] pgfault 396165 [ 2769.037522][T15111] pgmajfault 0 [ 2769.037522][T15111] workingset_refault 0 [ 2769.037522][T15111] workingset_activate 0 [ 2769.037522][T15111] workingset_nodereclaim 0 [ 2769.037522][T15111] pgrefill 74 [ 2769.037522][T15111] pgscan 1900 [ 2769.037522][T15111] pgsteal 1760 [ 2769.133188][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=17007,uid=0 [ 2769.148775][T15111] Memory cgroup out of memory: Killed process 17007 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2769.168817][ T1058] oom_reaper: reaped process 17007 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2769.169948][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2769.195700][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2769.204749][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2769.215063][T15111] Call Trace: [ 2769.218484][T15111] dump_stack+0x172/0x1f0 [ 2769.222989][T15111] dump_header+0x177/0x1152 [ 2769.227504][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2769.233313][T15111] ? ___ratelimit+0x2c8/0x595 [ 2769.238159][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2769.244088][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2769.249387][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2769.254420][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2769.260167][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2769.266206][T15111] ? ___ratelimit+0x60/0x595 [ 2769.270814][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2769.275967][T15111] oom_kill_process.cold+0x10/0x15 [ 2769.281099][T15111] out_of_memory+0x334/0x1340 [ 2769.285872][T15111] ? lock_downgrade+0x920/0x920 [ 2769.290749][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2769.296619][T15111] ? oom_killer_disable+0x280/0x280 [ 2769.301911][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2769.307481][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2769.312441][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2769.317567][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2769.322461][T15111] try_charge+0xf4b/0x1440 [ 2769.326877][T15111] ? find_held_lock+0x35/0x130 [ 2769.331664][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2769.337348][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2769.342918][T15111] ? find_held_lock+0x35/0x130 [ 2769.347692][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2769.353252][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2769.358805][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2769.364112][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2769.369682][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2769.374915][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2769.380302][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2769.385861][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2769.391580][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2769.396784][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2769.402088][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2769.407111][T15111] ? __kasan_check_read+0x11/0x20 [ 2769.412154][T15111] copy_process+0x3f8/0x6860 [ 2769.416767][T15111] ? __kasan_check_read+0x11/0x20 [ 2769.421787][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2769.426798][T15111] ? __kasan_check_read+0x11/0x20 [ 2769.433399][T15111] ? mark_lock+0xc2/0x1220 [ 2769.437832][T15111] ? __cleanup_sighand+0x60/0x60 [ 2769.442798][T15111] ? find_held_lock+0x35/0x130 [ 2769.447580][T15111] _do_fork+0x146/0xf90 [ 2769.451742][T15111] ? copy_init_mm+0x20/0x20 [ 2769.456261][T15111] ? __kasan_check_read+0x11/0x20 [ 2769.461284][T15111] ? _copy_to_user+0x118/0x160 [ 2769.466048][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2769.472310][T15111] ? put_timespec64+0xda/0x140 [ 2769.477084][T15111] __x64_sys_clone+0x18d/0x250 [ 2769.481874][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2769.486736][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2769.492052][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2769.497090][T15111] do_syscall_64+0xfa/0x760 [ 2769.501600][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2769.507508][T15111] RIP: 0033:0x45802a [ 2769.511424][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2769.531042][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2769.539483][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2769.547468][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2769.555584][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2769.557197][ C0] net_ratelimit: 16 callbacks suppressed [ 2769.557207][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2769.563549][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2769.563557][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2769.564003][T15111] memory: usage 30608kB, limit 0kB, failcnt 919 [ 2769.569500][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2769.575042][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2769.575047][T15111] Memory cgroup stats for /syz2: [ 2769.575160][T15111] anon 20025344 [ 2769.575160][T15111] file 36864 [ 2769.575160][T15111] kernel_stack 327680 [ 2769.575160][T15111] slab 9703424 [ 2769.575160][T15111] sock 106496 [ 2769.575160][T15111] shmem 0 [ 2769.575160][T15111] file_mapped 0 [ 2769.575160][T15111] file_dirty 135168 [ 2769.575160][T15111] file_writeback 0 [ 2769.575160][T15111] anon_thp 18874368 [ 2769.575160][T15111] inactive_anon 245760 [ 2769.575160][T15111] active_anon 20025344 [ 2769.575160][T15111] inactive_file 118784 [ 2769.575160][T15111] active_file 65536 [ 2769.575160][T15111] unevictable 0 [ 2769.575160][T15111] slab_reclaimable 3244032 [ 2769.575160][T15111] slab_unreclaimable 6459392 [ 2769.575160][T15111] pgfault 396165 [ 2769.575160][T15111] pgmajfault 0 [ 2769.575160][T15111] workingset_refault 0 [ 2769.575160][T15111] workingset_activate 0 [ 2769.575160][T15111] workingset_nodereclaim 0 [ 2769.575160][T15111] pgrefill 74 [ 2769.575160][T15111] pgscan 1900 [ 2769.575160][T15111] pgsteal 1760 [ 2769.704801][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=16968,uid=0 [ 2769.720422][T15111] Memory cgroup out of memory: Killed process 16968 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2769.740392][ T1058] oom_reaper: reaped process 16968 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2769.741990][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2769.763821][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2769.772871][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2769.782958][T15111] Call Trace: [ 2769.786271][T15111] dump_stack+0x172/0x1f0 [ 2769.790709][T15111] dump_header+0x177/0x1152 [ 2769.795207][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2769.801020][T15111] ? ___ratelimit+0x2c8/0x595 [ 2769.806308][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2769.812121][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2769.817411][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2769.822453][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2769.828120][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2769.834057][T15111] ? ___ratelimit+0x60/0x595 [ 2769.838653][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2769.843785][T15111] oom_kill_process.cold+0x10/0x15 [ 2769.848892][T15111] out_of_memory+0x334/0x1340 [ 2769.853560][T15111] ? lock_downgrade+0x920/0x920 [ 2769.859926][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2769.865760][T15111] ? oom_killer_disable+0x280/0x280 [ 2769.870966][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2769.876503][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2769.881458][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2769.886575][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2769.891439][T15111] try_charge+0xf4b/0x1440 [ 2769.895965][T15111] ? find_held_lock+0x35/0x130 [ 2769.900801][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2769.906361][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2769.912104][T15111] ? find_held_lock+0x35/0x130 [ 2769.916941][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2769.922536][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2769.928100][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2769.934082][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2769.939650][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2769.944769][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2769.950258][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2769.955801][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2769.961533][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2769.966746][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2769.972089][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2769.977146][T15111] ? __kasan_check_read+0x11/0x20 [ 2769.982214][T15111] copy_process+0x3f8/0x6860 [ 2769.986813][T15111] ? __kasan_check_read+0x11/0x20 [ 2769.991830][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2769.996841][T15111] ? __kasan_check_read+0x11/0x20 [ 2770.001872][T15111] ? mark_lock+0xc2/0x1220 [ 2770.006294][T15111] ? __cleanup_sighand+0x60/0x60 [ 2770.011227][T15111] ? find_held_lock+0x35/0x130 [ 2770.017050][T15111] _do_fork+0x146/0xf90 [ 2770.021234][T15111] ? copy_init_mm+0x20/0x20 [ 2770.025754][T15111] ? __kasan_check_read+0x11/0x20 [ 2770.030786][T15111] ? _copy_to_user+0x118/0x160 [ 2770.035573][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2770.041841][T15111] ? put_timespec64+0xda/0x140 [ 2770.046621][T15111] __x64_sys_clone+0x18d/0x250 [ 2770.051387][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2770.056240][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2770.061536][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2770.066589][T15111] do_syscall_64+0xfa/0x760 [ 2770.071119][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2770.077195][T15111] RIP: 0033:0x45802a [ 2770.081102][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2770.100835][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2770.109423][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2770.117400][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2770.125387][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2770.133364][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2770.141358][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2770.149559][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2770.155380][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2770.161550][T15111] memory: usage 28264kB, limit 0kB, failcnt 925 [ 2770.167903][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2770.174801][T15111] Memory cgroup stats for /syz2: [ 2770.174897][T15111] anon 17801216 [ 2770.174897][T15111] file 36864 [ 2770.174897][T15111] kernel_stack 327680 [ 2770.174897][T15111] slab 9703424 [ 2770.174897][T15111] sock 106496 [ 2770.174897][T15111] shmem 0 [ 2770.174897][T15111] file_mapped 0 [ 2770.174897][T15111] file_dirty 135168 [ 2770.174897][T15111] file_writeback 0 [ 2770.174897][T15111] anon_thp 16777216 [ 2770.174897][T15111] inactive_anon 245760 [ 2770.174897][T15111] active_anon 17801216 [ 2770.174897][T15111] inactive_file 118784 [ 2770.174897][T15111] active_file 65536 [ 2770.174897][T15111] unevictable 0 [ 2770.174897][T15111] slab_reclaimable 3244032 [ 2770.174897][T15111] slab_unreclaimable 6459392 [ 2770.174897][T15111] pgfault 396165 [ 2770.174897][T15111] pgmajfault 0 [ 2770.174897][T15111] workingset_refault 0 [ 2770.174897][T15111] workingset_activate 0 [ 2770.174897][T15111] workingset_nodereclaim 0 [ 2770.174897][T15111] pgrefill 74 [ 2770.174897][T15111] pgscan 1900 [ 2770.174897][T15111] pgsteal 1760 [ 2770.271822][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14815,uid=0 [ 2770.287445][T15111] Memory cgroup out of memory: Killed process 14815 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2770.307419][ T1058] oom_reaper: reaped process 14815 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2770.308589][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2770.330740][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2770.339896][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2770.350108][T15111] Call Trace: [ 2770.353413][T15111] dump_stack+0x172/0x1f0 [ 2770.357757][T15111] dump_header+0x177/0x1152 [ 2770.362275][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2770.368256][T15111] ? ___ratelimit+0x2c8/0x595 [ 2770.372920][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2770.378734][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2770.384021][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2770.389108][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2770.394784][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2770.400609][T15111] ? ___ratelimit+0x60/0x595 [ 2770.405297][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2770.410422][T15111] oom_kill_process.cold+0x10/0x15 [ 2770.415536][T15111] out_of_memory+0x334/0x1340 [ 2770.420217][T15111] ? lock_downgrade+0x920/0x920 [ 2770.425105][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2770.430914][T15111] ? oom_killer_disable+0x280/0x280 [ 2770.436193][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2770.441867][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2770.447100][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2770.452222][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2770.457086][T15111] try_charge+0xf4b/0x1440 [ 2770.461514][T15111] ? find_held_lock+0x35/0x130 [ 2770.466300][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2770.471844][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2770.477431][T15111] ? find_held_lock+0x35/0x130 [ 2770.482268][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2770.488062][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2770.493696][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2770.498932][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2770.504527][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2770.509639][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2770.515020][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2770.520585][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2770.526416][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2770.532070][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2770.537375][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2770.542401][T15111] ? __kasan_check_read+0x11/0x20 [ 2770.547699][T15111] copy_process+0x3f8/0x6860 [ 2770.552296][T15111] ? __kasan_check_read+0x11/0x20 [ 2770.557604][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2770.563189][T15111] ? __kasan_check_read+0x11/0x20 [ 2770.568251][T15111] ? mark_lock+0xc2/0x1220 [ 2770.572670][T15111] ? __cleanup_sighand+0x60/0x60 [ 2770.578139][T15111] ? find_held_lock+0x35/0x130 [ 2770.582931][T15111] _do_fork+0x146/0xf90 [ 2770.587094][T15111] ? copy_init_mm+0x20/0x20 [ 2770.591625][T15111] ? __kasan_check_read+0x11/0x20 [ 2770.596644][T15111] ? _copy_to_user+0x118/0x160 [ 2770.601423][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2770.607801][T15111] ? put_timespec64+0xda/0x140 [ 2770.612716][T15111] __x64_sys_clone+0x18d/0x250 [ 2770.617498][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2770.622370][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2770.627672][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2770.632696][T15111] do_syscall_64+0xfa/0x760 [ 2770.637213][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2770.643125][T15111] RIP: 0033:0x45802a [ 2770.647336][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2770.666947][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2770.675389][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2770.683380][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2770.691459][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2770.699467][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2770.708235][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2770.721893][T15111] memory: usage 25920kB, limit 0kB, failcnt 931 [ 2770.728317][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2770.735180][T15111] Memory cgroup stats for /syz2: [ 2770.735271][T15111] anon 15572992 [ 2770.735271][T15111] file 36864 [ 2770.735271][T15111] kernel_stack 262144 [ 2770.735271][T15111] slab 9703424 [ 2770.735271][T15111] sock 106496 [ 2770.735271][T15111] shmem 0 [ 2770.735271][T15111] file_mapped 0 [ 2770.735271][T15111] file_dirty 135168 [ 2770.735271][T15111] file_writeback 0 [ 2770.735271][T15111] anon_thp 14680064 [ 2770.735271][T15111] inactive_anon 245760 [ 2770.735271][T15111] active_anon 15572992 [ 2770.735271][T15111] inactive_file 118784 [ 2770.735271][T15111] active_file 65536 [ 2770.735271][T15111] unevictable 0 [ 2770.735271][T15111] slab_reclaimable 3244032 [ 2770.735271][T15111] slab_unreclaimable 6459392 [ 2770.735271][T15111] pgfault 396165 [ 2770.735271][T15111] pgmajfault 0 [ 2770.735271][T15111] workingset_refault 0 [ 2770.735271][T15111] workingset_activate 0 [ 2770.735271][T15111] workingset_nodereclaim 0 [ 2770.735271][T15111] pgrefill 74 [ 2770.735271][T15111] pgscan 1900 [ 2770.735271][T15111] pgsteal 1760 [ 2770.829702][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=6737,uid=0 [ 2770.845218][T15111] Memory cgroup out of memory: Killed process 6737 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2770.865094][ T1058] oom_reaper: reaped process 6737 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2770.866118][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2770.888156][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2770.897283][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2770.907350][T15111] Call Trace: [ 2770.911165][T15111] dump_stack+0x172/0x1f0 [ 2770.915502][T15111] dump_header+0x177/0x1152 [ 2770.920038][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2770.925941][T15111] ? ___ratelimit+0x2c8/0x595 [ 2770.930644][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2770.936455][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2770.941757][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2770.946791][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2770.952567][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2770.958388][T15111] ? ___ratelimit+0x60/0x595 [ 2770.962988][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2770.968100][T15111] oom_kill_process.cold+0x10/0x15 [ 2770.973212][T15111] out_of_memory+0x334/0x1340 [ 2770.977888][T15111] ? lock_downgrade+0x920/0x920 [ 2770.982761][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2770.988559][T15111] ? oom_killer_disable+0x280/0x280 [ 2770.993763][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2770.999347][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2771.004294][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2771.009402][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2771.014246][T15111] try_charge+0xf4b/0x1440 [ 2771.018664][T15111] ? find_held_lock+0x35/0x130 [ 2771.023698][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2771.029263][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2771.034809][T15111] ? find_held_lock+0x35/0x130 [ 2771.040285][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2771.045846][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2771.051606][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2771.057535][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2771.063346][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2771.068456][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2771.074258][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2771.077244][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2771.079814][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2771.079831][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2771.079854][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2771.085723][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2771.091362][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2771.091374][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.091393][T15111] copy_process+0x3f8/0x6860 [ 2771.091407][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.091420][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2771.091431][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.091445][T15111] ? mark_lock+0xc2/0x1220 [ 2771.091469][T15111] ? __cleanup_sighand+0x60/0x60 [ 2771.091483][T15111] ? find_held_lock+0x35/0x130 [ 2771.091518][T15111] _do_fork+0x146/0xf90 [ 2771.096928][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2771.101986][T15111] ? copy_init_mm+0x20/0x20 [ 2771.102006][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.102023][T15111] ? _copy_to_user+0x118/0x160 [ 2771.102045][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2771.102062][T15111] ? put_timespec64+0xda/0x140 [ 2771.102083][T15111] __x64_sys_clone+0x18d/0x250 [ 2771.102101][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2771.108057][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2771.112846][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2771.112865][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2771.112889][T15111] do_syscall_64+0xfa/0x760 [ 2771.216966][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2771.222884][T15111] RIP: 0033:0x45802a [ 2771.226793][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2771.246421][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2771.254832][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2771.262820][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2771.270807][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2771.278805][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2771.286783][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2771.295059][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2771.301015][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2771.309095][T15111] memory: usage 23560kB, limit 0kB, failcnt 937 [ 2771.315507][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2771.325752][T15111] Memory cgroup stats for /syz2: [ 2771.325835][T15111] anon 13344768 [ 2771.325835][T15111] file 36864 [ 2771.325835][T15111] kernel_stack 262144 [ 2771.325835][T15111] slab 9703424 [ 2771.325835][T15111] sock 106496 [ 2771.325835][T15111] shmem 0 [ 2771.325835][T15111] file_mapped 0 [ 2771.325835][T15111] file_dirty 135168 [ 2771.325835][T15111] file_writeback 0 [ 2771.325835][T15111] anon_thp 12582912 [ 2771.325835][T15111] inactive_anon 245760 [ 2771.325835][T15111] active_anon 13344768 [ 2771.325835][T15111] inactive_file 118784 [ 2771.325835][T15111] active_file 65536 [ 2771.325835][T15111] unevictable 0 [ 2771.325835][T15111] slab_reclaimable 3244032 [ 2771.325835][T15111] slab_unreclaimable 6459392 [ 2771.325835][T15111] pgfault 396165 [ 2771.325835][T15111] pgmajfault 0 [ 2771.325835][T15111] workingset_refault 0 [ 2771.325835][T15111] workingset_activate 0 [ 2771.325835][T15111] workingset_nodereclaim 0 [ 2771.325835][T15111] pgrefill 74 [ 2771.325835][T15111] pgscan 1900 [ 2771.325835][T15111] pgsteal 1760 [ 2771.421799][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26267,uid=0 [ 2771.438129][T15111] Memory cgroup out of memory: Killed process 26267 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2771.459884][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2771.463087][ T1058] oom_reaper: reaped process 26267 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2771.471829][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2771.471837][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2771.471843][T15111] Call Trace: [ 2771.471875][T15111] dump_stack+0x172/0x1f0 [ 2771.471901][T15111] dump_header+0x177/0x1152 [ 2771.514138][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2771.519969][T15111] ? ___ratelimit+0x2c8/0x595 [ 2771.524795][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2771.530630][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2771.535926][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2771.540960][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2771.546601][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2771.552497][T15111] ? ___ratelimit+0x60/0x595 [ 2771.557364][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2771.562487][T15111] oom_kill_process.cold+0x10/0x15 [ 2771.567612][T15111] out_of_memory+0x334/0x1340 [ 2771.572287][T15111] ? lock_downgrade+0x920/0x920 [ 2771.577141][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2771.582965][T15111] ? oom_killer_disable+0x280/0x280 [ 2771.588229][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2771.593803][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2771.598756][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2771.604226][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2771.609350][T15111] try_charge+0xf4b/0x1440 [ 2771.614563][T15111] ? find_held_lock+0x35/0x130 [ 2771.619378][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2771.625102][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2771.630661][T15111] ? find_held_lock+0x35/0x130 [ 2771.635642][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2771.641223][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2771.646924][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2771.652147][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2771.657813][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2771.662946][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2771.668333][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2771.673884][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2771.679610][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2771.684934][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2771.690350][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2771.695809][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.700840][T15111] copy_process+0x3f8/0x6860 [ 2771.705437][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.710502][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2771.715548][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.720593][T15111] ? mark_lock+0xc2/0x1220 [ 2771.725034][T15111] ? __cleanup_sighand+0x60/0x60 [ 2771.729983][T15111] ? find_held_lock+0x35/0x130 [ 2771.734757][T15111] _do_fork+0x146/0xf90 [ 2771.738916][T15111] ? copy_init_mm+0x20/0x20 [ 2771.743427][T15111] ? __kasan_check_read+0x11/0x20 [ 2771.748484][T15111] ? _copy_to_user+0x118/0x160 [ 2771.753336][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2771.759601][T15111] ? put_timespec64+0xda/0x140 [ 2771.764507][T15111] __x64_sys_clone+0x18d/0x250 [ 2771.769272][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2771.774115][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2771.779510][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2771.784546][T15111] do_syscall_64+0xfa/0x760 [ 2771.789060][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2771.794948][T15111] RIP: 0033:0x45802a [ 2771.798842][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2771.818459][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2771.826982][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2771.834952][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2771.842985][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2771.850957][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2771.858943][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2771.867296][T15111] memory: usage 21248kB, limit 0kB, failcnt 943 [ 2771.873579][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2771.881430][T15111] Memory cgroup stats for /syz2: [ 2771.881536][T15111] anon 11141120 [ 2771.881536][T15111] file 36864 [ 2771.881536][T15111] kernel_stack 196608 [ 2771.881536][T15111] slab 9703424 [ 2771.881536][T15111] sock 106496 [ 2771.881536][T15111] shmem 0 [ 2771.881536][T15111] file_mapped 0 [ 2771.881536][T15111] file_dirty 135168 [ 2771.881536][T15111] file_writeback 0 [ 2771.881536][T15111] anon_thp 10485760 [ 2771.881536][T15111] inactive_anon 245760 [ 2771.881536][T15111] active_anon 11141120 [ 2771.881536][T15111] inactive_file 118784 [ 2771.881536][T15111] active_file 65536 [ 2771.881536][T15111] unevictable 0 [ 2771.881536][T15111] slab_reclaimable 3244032 [ 2771.881536][T15111] slab_unreclaimable 6459392 [ 2771.881536][T15111] pgfault 396165 [ 2771.881536][T15111] pgmajfault 0 [ 2771.881536][T15111] workingset_refault 0 [ 2771.881536][T15111] workingset_activate 0 [ 2771.881536][T15111] workingset_nodereclaim 0 [ 2771.881536][T15111] pgrefill 74 [ 2771.881536][T15111] pgscan 1900 [ 2771.881536][T15111] pgsteal 1760 [ 2771.976149][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=26222,uid=0 [ 2771.991771][T15111] Memory cgroup out of memory: Killed process 26222 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2772.011571][ T1058] oom_reaper: reaped process 26222 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2772.013168][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2772.034805][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2772.043859][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2772.053951][T15111] Call Trace: [ 2772.057264][T15111] dump_stack+0x172/0x1f0 [ 2772.061656][T15111] dump_header+0x177/0x1152 [ 2772.066196][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2772.072035][T15111] ? ___ratelimit+0x2c8/0x595 [ 2772.076724][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2772.082553][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2772.087844][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2772.092882][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2772.098528][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2772.104358][T15111] ? ___ratelimit+0x60/0x595 [ 2772.108950][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2772.114084][T15111] oom_kill_process.cold+0x10/0x15 [ 2772.119205][T15111] out_of_memory+0x334/0x1340 [ 2772.123889][T15111] ? lock_downgrade+0x920/0x920 [ 2772.128786][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2772.134605][T15111] ? oom_killer_disable+0x280/0x280 [ 2772.139921][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2772.145564][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2772.150505][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2772.155617][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2772.160489][T15111] try_charge+0xf4b/0x1440 [ 2772.164954][T15111] ? find_held_lock+0x35/0x130 [ 2772.169789][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2772.175474][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2772.181047][T15111] ? find_held_lock+0x35/0x130 [ 2772.185965][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2772.191780][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2772.197334][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2772.202669][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2772.208229][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2772.213478][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2772.219190][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2772.224747][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2772.230465][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2772.235835][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2772.241145][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2772.246431][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.251484][T15111] copy_process+0x3f8/0x6860 [ 2772.256079][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.261101][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2772.266119][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.271300][T15111] ? mark_lock+0xc2/0x1220 [ 2772.276247][T15111] ? __cleanup_sighand+0x60/0x60 [ 2772.281231][T15111] ? find_held_lock+0x35/0x130 [ 2772.286044][T15111] _do_fork+0x146/0xf90 [ 2772.290255][T15111] ? copy_init_mm+0x20/0x20 [ 2772.294776][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.299856][T15111] ? _copy_to_user+0x118/0x160 [ 2772.304649][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2772.310919][T15111] ? put_timespec64+0xda/0x140 [ 2772.315704][T15111] __x64_sys_clone+0x18d/0x250 [ 2772.320484][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2772.325388][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2772.330685][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2772.335899][T15111] do_syscall_64+0xfa/0x760 [ 2772.340441][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2772.346365][T15111] RIP: 0033:0x45802a [ 2772.350268][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2772.369879][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2772.378625][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2772.386753][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2772.394894][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2772.402875][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2772.411082][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2772.419864][T15111] memory: usage 18912kB, limit 0kB, failcnt 949 [ 2772.426142][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2772.433082][T15111] Memory cgroup stats for /syz2: [ 2772.433187][T15111] anon 8912896 [ 2772.433187][T15111] file 36864 [ 2772.433187][T15111] kernel_stack 196608 [ 2772.433187][T15111] slab 9703424 [ 2772.433187][T15111] sock 106496 [ 2772.433187][T15111] shmem 0 [ 2772.433187][T15111] file_mapped 0 [ 2772.433187][T15111] file_dirty 135168 [ 2772.433187][T15111] file_writeback 0 [ 2772.433187][T15111] anon_thp 8388608 [ 2772.433187][T15111] inactive_anon 245760 [ 2772.433187][T15111] active_anon 8912896 [ 2772.433187][T15111] inactive_file 118784 [ 2772.433187][T15111] active_file 65536 [ 2772.433187][T15111] unevictable 0 [ 2772.433187][T15111] slab_reclaimable 3244032 [ 2772.433187][T15111] slab_unreclaimable 6459392 [ 2772.433187][T15111] pgfault 396165 [ 2772.433187][T15111] pgmajfault 0 [ 2772.433187][T15111] workingset_refault 0 [ 2772.433187][T15111] workingset_activate 0 [ 2772.433187][T15111] workingset_nodereclaim 0 [ 2772.433187][T15111] pgrefill 74 [ 2772.433187][T15111] pgscan 1900 [ 2772.433187][T15111] pgsteal 1760 [ 2772.527605][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23831,uid=0 [ 2772.543253][T15111] Memory cgroup out of memory: Killed process 23831 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2772.563357][ T1058] oom_reaper: reaped process 23831 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2772.564559][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2772.586551][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2772.595584][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2772.605653][T15111] Call Trace: [ 2772.608953][T15111] dump_stack+0x172/0x1f0 [ 2772.613276][T15111] dump_header+0x177/0x1152 [ 2772.618568][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2772.624395][T15111] ? ___ratelimit+0x2c8/0x595 [ 2772.629082][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2772.634905][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2772.640218][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2772.645248][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2772.650968][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2772.656808][T15111] ? ___ratelimit+0x60/0x595 [ 2772.661416][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2772.666682][T15111] oom_kill_process.cold+0x10/0x15 [ 2772.671798][T15111] out_of_memory+0x334/0x1340 [ 2772.676504][T15111] ? lock_downgrade+0x920/0x920 [ 2772.681576][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2772.687443][T15111] ? oom_killer_disable+0x280/0x280 [ 2772.692677][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2772.698236][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2772.703210][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2772.708578][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2772.713471][T15111] try_charge+0xf4b/0x1440 [ 2772.717919][T15111] ? find_held_lock+0x35/0x130 [ 2772.722719][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2772.728271][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2772.733816][T15111] ? find_held_lock+0x35/0x130 [ 2772.739668][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2772.745673][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2772.751861][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2772.757880][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2772.763481][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2772.768621][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2772.774210][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2772.779897][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2772.785792][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2772.791039][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2772.796323][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2772.801355][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.806389][T15111] copy_process+0x3f8/0x6860 [ 2772.811198][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.816258][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2772.821411][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.826556][T15111] ? mark_lock+0xc2/0x1220 [ 2772.831012][T15111] ? __cleanup_sighand+0x60/0x60 [ 2772.836103][T15111] ? find_held_lock+0x35/0x130 [ 2772.840980][T15111] _do_fork+0x146/0xf90 [ 2772.845159][T15111] ? copy_init_mm+0x20/0x20 [ 2772.849693][T15111] ? __kasan_check_read+0x11/0x20 [ 2772.855399][T15111] ? _copy_to_user+0x118/0x160 [ 2772.860412][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2772.866652][T15111] ? put_timespec64+0xda/0x140 [ 2772.871436][T15111] __x64_sys_clone+0x18d/0x250 [ 2772.876500][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2772.881386][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2772.886786][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2772.891827][T15111] do_syscall_64+0xfa/0x760 [ 2772.896446][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2772.902348][T15111] RIP: 0033:0x45802a [ 2772.906376][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2772.926233][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2772.935159][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2772.943288][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2772.951274][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2772.959255][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2772.967326][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2772.975577][T15111] memory: usage 16636kB, limit 0kB, failcnt 955 [ 2772.981904][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2772.989070][T15111] Memory cgroup stats for /syz2: [ 2772.989186][T15111] anon 6705152 [ 2772.989186][T15111] file 36864 [ 2772.989186][T15111] kernel_stack 196608 [ 2772.989186][T15111] slab 9703424 [ 2772.989186][T15111] sock 106496 [ 2772.989186][T15111] shmem 0 [ 2772.989186][T15111] file_mapped 0 [ 2772.989186][T15111] file_dirty 135168 [ 2772.989186][T15111] file_writeback 0 [ 2772.989186][T15111] anon_thp 6291456 [ 2772.989186][T15111] inactive_anon 245760 [ 2772.989186][T15111] active_anon 6705152 [ 2772.989186][T15111] inactive_file 118784 [ 2772.989186][T15111] active_file 65536 [ 2772.989186][T15111] unevictable 0 [ 2772.989186][T15111] slab_reclaimable 3244032 [ 2772.989186][T15111] slab_unreclaimable 6459392 [ 2772.989186][T15111] pgfault 396165 [ 2772.989186][T15111] pgmajfault 0 [ 2772.989186][T15111] workingset_refault 0 [ 2772.989186][T15111] workingset_activate 0 [ 2772.989186][T15111] workingset_nodereclaim 0 [ 2772.989186][T15111] pgrefill 74 [ 2772.989186][T15111] pgscan 1900 [ 2772.989186][T15111] pgsteal 1760 [ 2773.089312][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23814,uid=0 [ 2773.105626][T15111] Memory cgroup out of memory: Killed process 23814 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2773.125911][ T1058] oom_reaper: reaped process 23814 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2773.127358][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2773.153552][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2773.162609][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2773.172759][T15111] Call Trace: [ 2773.176093][T15111] dump_stack+0x172/0x1f0 [ 2773.180442][T15111] dump_header+0x177/0x1152 [ 2773.185115][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2773.190924][T15111] ? ___ratelimit+0x2c8/0x595 [ 2773.195590][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2773.201435][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2773.206729][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2773.211769][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2773.217455][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2773.223295][T15111] ? ___ratelimit+0x60/0x595 [ 2773.228846][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2773.234122][T15111] oom_kill_process.cold+0x10/0x15 [ 2773.239254][T15111] out_of_memory+0x334/0x1340 [ 2773.243955][T15111] ? lock_downgrade+0x920/0x920 [ 2773.248809][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2773.254614][T15111] ? oom_killer_disable+0x280/0x280 [ 2773.259833][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2773.265426][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2773.270389][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2773.275513][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2773.280386][T15111] try_charge+0xf4b/0x1440 [ 2773.284804][T15111] ? find_held_lock+0x35/0x130 [ 2773.289572][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2773.295401][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2773.300973][T15111] ? find_held_lock+0x35/0x130 [ 2773.305925][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2773.312573][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2773.318137][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2773.323338][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2773.328872][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2773.333992][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2773.339365][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2773.344965][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2773.350680][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2773.355876][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2773.361168][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2773.366189][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.371212][T15111] copy_process+0x3f8/0x6860 [ 2773.375810][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.380849][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2773.386058][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.391097][T15111] ? mark_lock+0xc2/0x1220 [ 2773.395507][T15111] ? __cleanup_sighand+0x60/0x60 [ 2773.400469][T15111] ? find_held_lock+0x35/0x130 [ 2773.405267][T15111] _do_fork+0x146/0xf90 [ 2773.409416][T15111] ? copy_init_mm+0x20/0x20 [ 2773.413913][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.418935][T15111] ? _copy_to_user+0x118/0x160 [ 2773.423710][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2773.429942][T15111] ? put_timespec64+0xda/0x140 [ 2773.434722][T15111] __x64_sys_clone+0x18d/0x250 [ 2773.439488][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2773.444372][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2773.449749][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2773.454783][T15111] do_syscall_64+0xfa/0x760 [ 2773.459294][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2773.465186][T15111] RIP: 0033:0x45802a [ 2773.469077][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2773.488680][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2773.497115][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2773.505098][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2773.513068][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2773.521047][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2773.529025][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2773.541687][T15111] memory: usage 14328kB, limit 0kB, failcnt 961 [ 2773.548060][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2773.554919][T15111] Memory cgroup stats for /syz2: [ 2773.555010][T15111] anon 4501504 [ 2773.555010][T15111] file 36864 [ 2773.555010][T15111] kernel_stack 131072 [ 2773.555010][T15111] slab 9703424 [ 2773.555010][T15111] sock 106496 [ 2773.555010][T15111] shmem 0 [ 2773.555010][T15111] file_mapped 0 [ 2773.555010][T15111] file_dirty 135168 [ 2773.555010][T15111] file_writeback 0 [ 2773.555010][T15111] anon_thp 4194304 [ 2773.555010][T15111] inactive_anon 245760 [ 2773.555010][T15111] active_anon 4501504 [ 2773.555010][T15111] inactive_file 118784 [ 2773.555010][T15111] active_file 65536 [ 2773.555010][T15111] unevictable 0 [ 2773.555010][T15111] slab_reclaimable 3244032 [ 2773.555010][T15111] slab_unreclaimable 6459392 [ 2773.555010][T15111] pgfault 396165 [ 2773.555010][T15111] pgmajfault 0 [ 2773.555010][T15111] workingset_refault 0 [ 2773.555010][T15111] workingset_activate 0 [ 2773.555010][T15111] workingset_nodereclaim 0 [ 2773.555010][T15111] pgrefill 74 [ 2773.555010][T15111] pgscan 1900 [ 2773.555010][T15111] pgsteal 1760 [ 2773.649254][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23744,uid=0 [ 2773.664861][T15111] Memory cgroup out of memory: Killed process 23744 (syz-executor.2) total-vm:72572kB, anon-rss:2200kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2773.684588][ T1058] oom_reaper: reaped process 23744 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2773.685814][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2773.709512][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2773.718638][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2773.728915][T15111] Call Trace: [ 2773.732481][T15111] dump_stack+0x172/0x1f0 [ 2773.736803][T15111] dump_header+0x177/0x1152 [ 2773.741324][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2773.747159][T15111] ? ___ratelimit+0x2c8/0x595 [ 2773.751853][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2773.757691][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2773.763080][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2773.768098][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2773.773741][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2773.779582][T15111] ? ___ratelimit+0x60/0x595 [ 2773.784336][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2773.789519][T15111] oom_kill_process.cold+0x10/0x15 [ 2773.794737][T15111] out_of_memory+0x334/0x1340 [ 2773.799439][T15111] ? lock_downgrade+0x920/0x920 [ 2773.804460][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2773.810288][T15111] ? oom_killer_disable+0x280/0x280 [ 2773.815483][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2773.821038][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2773.825992][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2773.831102][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2773.835940][T15111] try_charge+0xf4b/0x1440 [ 2773.840360][T15111] ? find_held_lock+0x35/0x130 [ 2773.845137][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2773.850675][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2773.856214][T15111] ? find_held_lock+0x35/0x130 [ 2773.861006][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2773.866556][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2773.872129][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2773.877354][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2773.882929][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2773.888063][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2773.893442][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2773.898984][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2773.904694][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2773.909901][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2773.915186][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2773.920201][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.925215][T15111] copy_process+0x3f8/0x6860 [ 2773.929811][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.934848][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2773.939868][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.944912][T15111] ? mark_lock+0xc2/0x1220 [ 2773.949348][T15111] ? __cleanup_sighand+0x60/0x60 [ 2773.954290][T15111] ? find_held_lock+0x35/0x130 [ 2773.959070][T15111] _do_fork+0x146/0xf90 [ 2773.963257][T15111] ? copy_init_mm+0x20/0x20 [ 2773.967767][T15111] ? __kasan_check_read+0x11/0x20 [ 2773.972807][T15111] ? _copy_to_user+0x118/0x160 [ 2773.977573][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2773.983815][T15111] ? put_timespec64+0xda/0x140 [ 2773.988586][T15111] __x64_sys_clone+0x18d/0x250 [ 2773.993359][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2773.998219][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2774.003493][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2774.008708][T15111] do_syscall_64+0xfa/0x760 [ 2774.013234][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2774.019165][T15111] RIP: 0033:0x45802a [ 2774.023056][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2774.042656][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2774.051066][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2774.059060][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2774.067026][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2774.074993][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2774.082961][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2774.091282][T15111] memory: usage 12012kB, limit 0kB, failcnt 967 [ 2774.097607][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2774.104542][T15111] Memory cgroup stats for /syz2: [ 2774.104630][T15111] anon 2297856 [ 2774.104630][T15111] file 36864 [ 2774.104630][T15111] kernel_stack 131072 [ 2774.104630][T15111] slab 9703424 [ 2774.104630][T15111] sock 106496 [ 2774.104630][T15111] shmem 0 [ 2774.104630][T15111] file_mapped 0 [ 2774.104630][T15111] file_dirty 135168 [ 2774.104630][T15111] file_writeback 0 [ 2774.104630][T15111] anon_thp 2097152 [ 2774.104630][T15111] inactive_anon 245760 [ 2774.104630][T15111] active_anon 2297856 [ 2774.104630][T15111] inactive_file 118784 [ 2774.104630][T15111] active_file 65536 [ 2774.104630][T15111] unevictable 0 [ 2774.104630][T15111] slab_reclaimable 3244032 [ 2774.104630][T15111] slab_unreclaimable 6459392 [ 2774.104630][T15111] pgfault 396165 [ 2774.104630][T15111] pgmajfault 0 [ 2774.104630][T15111] workingset_refault 0 [ 2774.104630][T15111] workingset_activate 0 [ 2774.104630][T15111] workingset_nodereclaim 0 [ 2774.104630][T15111] pgrefill 74 [ 2774.104630][T15111] pgscan 1900 [ 2774.104630][T15111] pgsteal 1760 [ 2774.202720][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23774,uid=0 [ 2774.218347][T15111] Memory cgroup out of memory: Killed process 23774 (syz-executor.2) total-vm:72704kB, anon-rss:2176kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:1000 [ 2774.238426][ T1058] oom_reaper: reaped process 23774 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2774.239653][T15111] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 2774.261617][T15111] CPU: 1 PID: 15111 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2774.271515][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2774.281590][T15111] Call Trace: [ 2774.284968][T15111] dump_stack+0x172/0x1f0 [ 2774.289343][T15111] dump_header+0x177/0x1152 [ 2774.294153][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2774.300043][T15111] ? ___ratelimit+0x2c8/0x595 [ 2774.304747][T15111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2774.310592][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2774.315947][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2774.320964][T15111] ? pagefault_out_of_memory+0x11c/0x11c [ 2774.326848][T15111] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2774.332659][T15111] ? ___ratelimit+0x60/0x595 [ 2774.337269][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2774.342502][T15111] oom_kill_process.cold+0x10/0x15 [ 2774.347622][T15111] out_of_memory+0x334/0x1340 [ 2774.352319][T15111] ? lock_downgrade+0x920/0x920 [ 2774.357213][T15111] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2774.365066][T15111] ? oom_killer_disable+0x280/0x280 [ 2774.370320][T15111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2774.375882][T15111] ? memcg_stat_show+0xc40/0xc40 [ 2774.380813][T15111] ? do_raw_spin_unlock+0x57/0x270 [ 2774.385925][T15111] ? _raw_spin_unlock+0x28/0x40 [ 2774.390793][T15111] try_charge+0xf4b/0x1440 [ 2774.395212][T15111] ? find_held_lock+0x35/0x130 [ 2774.399989][T15111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2774.405719][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2774.411459][T15111] ? find_held_lock+0x35/0x130 [ 2774.416311][T15111] ? get_mem_cgroup_from_mm+0x139/0x310 [ 2774.422687][T15111] __memcg_kmem_charge_memcg+0x7c/0x130 [ 2774.428255][T15111] ? memcg_kmem_put_cache+0x50/0x50 [ 2774.433456][T15111] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2774.438995][T15111] __memcg_kmem_charge+0x13a/0x3a0 [ 2774.444193][T15111] __alloc_pages_nodemask+0x4f5/0x910 [ 2774.450089][T15111] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2774.455636][T15111] ? __alloc_pages_slowpath+0x2920/0x2920 [ 2774.461343][T15111] ? percpu_ref_put_many+0xb1/0x180 [ 2774.466551][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2774.471846][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2774.476892][T15111] ? __kasan_check_read+0x11/0x20 [ 2774.481938][T15111] copy_process+0x3f8/0x6860 [ 2774.487057][T15111] ? __kasan_check_read+0x11/0x20 [ 2774.492102][T15111] ? __lock_acquire+0x16f2/0x4a00 [ 2774.497141][T15111] ? __kasan_check_read+0x11/0x20 [ 2774.502167][T15111] ? mark_lock+0xc2/0x1220 [ 2774.506576][T15111] ? __cleanup_sighand+0x60/0x60 [ 2774.512240][T15111] ? find_held_lock+0x35/0x130 [ 2774.517033][T15111] _do_fork+0x146/0xf90 [ 2774.521197][T15111] ? copy_init_mm+0x20/0x20 [ 2774.525726][T15111] ? __kasan_check_read+0x11/0x20 [ 2774.530749][T15111] ? _copy_to_user+0x118/0x160 [ 2774.535516][T15111] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2774.541761][T15111] ? put_timespec64+0xda/0x140 [ 2774.547143][T15111] __x64_sys_clone+0x18d/0x250 [ 2774.552007][T15111] ? __ia32_sys_vfork+0xc0/0xc0 [ 2774.556863][T15111] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2774.562132][T15111] ? trace_hardirqs_on+0x67/0x240 [ 2774.567160][T15111] do_syscall_64+0xfa/0x760 [ 2774.571684][T15111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2774.577573][T15111] RIP: 0033:0x45802a [ 2774.582411][T15111] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 2774.602007][T15111] RSP: 002b:00007ffe3e2d5690 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2774.610423][T15111] RAX: ffffffffffffffda RBX: 00007ffe3e2d5690 RCX: 000000000045802a [ 2774.618398][T15111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2774.626472][T15111] RBP: 00007ffe3e2d56d0 R08: 0000000000000001 R09: 00000000022fb940 [ 2774.634441][T15111] R10: 00000000022fbc10 R11: 0000000000000246 R12: 0000000000000001 [ 2774.643203][T15111] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe3e2d5720 [ 2774.651509][ C1] net_ratelimit: 12 callbacks suppressed [ 2774.651520][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2774.663065][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2774.669318][T15111] memory: usage 9696kB, limit 0kB, failcnt 973 [ 2774.675645][T15111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2774.682782][T15111] Memory cgroup stats for /syz2: [ 2774.682870][T15111] anon 98304 [ 2774.682870][T15111] file 36864 [ 2774.682870][T15111] kernel_stack 65536 [ 2774.682870][T15111] slab 9703424 [ 2774.682870][T15111] sock 106496 [ 2774.682870][T15111] shmem 0 [ 2774.682870][T15111] file_mapped 0 [ 2774.682870][T15111] file_dirty 135168 [ 2774.682870][T15111] file_writeback 0 [ 2774.682870][T15111] anon_thp 0 [ 2774.682870][T15111] inactive_anon 245760 [ 2774.682870][T15111] active_anon 98304 [ 2774.682870][T15111] inactive_file 118784 [ 2774.682870][T15111] active_file 65536 [ 2774.682870][T15111] unevictable 0 [ 2774.682870][T15111] slab_reclaimable 3244032 [ 2774.682870][T15111] slab_unreclaimable 6459392 [ 2774.682870][T15111] pgfault 396165 [ 2774.682870][T15111] pgmajfault 0 [ 2774.682870][T15111] workingset_refault 0 [ 2774.682870][T15111] workingset_activate 0 [ 2774.682870][T15111] workingset_nodereclaim 0 [ 2774.682870][T15111] pgrefill 74 [ 2774.682870][T15111] pgscan 1900 [ 2774.682870][T15111] pgsteal 1760 [ 2774.682870][T15111] pgactivate 99 [ 2774.781530][T15111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=15111,uid=0 [ 2774.798103][T15111] Memory cgroup out of memory: Killed process 15111 (syz-executor.2) total-vm:72440kB, anon-rss:108kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2774.817683][ T1058] oom_reaper: reaped process 15111 (syz-executor.2), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 03:58:52 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r0, &(0x7f0000000080), 0xffffff43) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000)) perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.\x93sage_sys\x00', 0x0, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) close(r5) sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe) ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f00000000c0)={0x50b98d18, 0x50000000, 0x8}) write$cgroup_int(r2, 0x0, 0x0) 03:58:52 executing program 4: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) 03:58:52 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) 03:58:52 executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x65dc}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x8, 0x14}]}, 0x30}}, 0x0) 03:58:52 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) listen(r1, 0x10001) r2 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) 03:58:52 executing program 0: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) [ 2775.084006][ T2494] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 03:58:53 executing program 0: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) 03:58:53 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) [ 2775.237098][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2775.243106][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2775.249158][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2775.255107][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:58:53 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r0, &(0x7f0000000080), 0xffffff43) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000)) perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='cpuacct.\x93sage_sys\x00', 0x0, 0x0) r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) close(r5) sendfile(0xffffffffffffffff, r4, 0x0, 0x8000fffffffe) ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f00000000c0)={0x50b98d18, 0x50000000, 0x8}) write$cgroup_int(r2, 0x0, 0x0) 03:58:53 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x6, 0x0) close(r3) dup3(r0, r2, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7}, 0x7) [ 2775.557131][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2775.563068][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:58:53 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='cubic\x00', 0x6) 03:58:53 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x14, 0x0, 0x8, 0xf1a}, 0x2c) [ 2775.797449][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2775.803995][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:58:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") setfsgid(0x0) 03:58:53 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x7c, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000100007031dfffd946fa2830020200a0009000100000000010000aba20400ff7e28000000060affffba01000000ff000000000000008be3518546c8243929db2406b20cd37ed01cc0", 0xff04}], 0x1}, 0x0) 03:58:53 executing program 0: socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000001600)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000001c0)=0x3ff) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffe3c, 0x0, 0x0, 0x2f95a3c3cb55ab4b) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='uid_map\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x0) syz_emit_ethernet(0xffffffffffffff02, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) 03:58:53 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='cubic\x00', 0x6) 03:58:53 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x14, 0x0, 0x8, 0xf1a}, 0x2c) 03:58:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") setfsgid(0x0) [ 2776.095766][ T2745] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 2776.144578][ T2745] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 03:58:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") setfsgid(0x0) 03:58:54 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='cubic\x00', 0x6) [ 2777.321648][ T7088] bond0 (unregistering): Released all slaves [ 2777.534336][ T2869] IPVS: ftp: loaded support on port[0] = 21 [ 2777.605669][ T2869] chnl_net:caif_netlink_parms(): no params data found [ 2777.690174][ T2869] bridge0: port 1(bridge_slave_0) entered blocking state [ 2777.704146][ T2869] bridge0: port 1(bridge_slave_0) entered disabled state [ 2777.712749][ T2869] device bridge_slave_0 entered promiscuous mode [ 2777.728315][ T2869] bridge0: port 2(bridge_slave_1) entered blocking state [ 2777.735607][ T2869] bridge0: port 2(bridge_slave_1) entered disabled state [ 2777.750406][ T2869] device bridge_slave_1 entered promiscuous mode [ 2777.791564][ T2869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2777.812580][ T2869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2777.845024][ T2869] team0: Port device team_slave_0 added [ 2777.853026][ T2869] team0: Port device team_slave_1 added [ 2777.910749][ T2869] device hsr_slave_0 entered promiscuous mode [ 2777.957769][ T2869] device hsr_slave_1 entered promiscuous mode [ 2778.016488][ T2869] bridge0: port 2(bridge_slave_1) entered blocking state [ 2778.023765][ T2869] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2778.031496][ T2869] bridge0: port 1(bridge_slave_0) entered blocking state [ 2778.038724][ T2869] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2778.114435][ T2869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2778.147374][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2778.163162][ T4342] bridge0: port 1(bridge_slave_0) entered disabled state [ 2778.183341][ T4342] bridge0: port 2(bridge_slave_1) entered disabled state [ 2778.194875][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2778.219316][ T2869] 8021q: adding VLAN 0 to HW filter on device team0 [ 2778.239496][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2778.258204][ T4342] bridge0: port 1(bridge_slave_0) entered blocking state [ 2778.265304][ T4342] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2778.290615][T25421] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2778.299968][T25421] bridge0: port 2(bridge_slave_1) entered blocking state [ 2778.308382][T25421] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2778.329131][ T6468] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2778.347797][ T6468] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2778.356541][ T6468] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2778.367723][ T6468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2778.384372][ T2869] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2778.400708][ T2869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2778.416252][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2778.456280][ T2869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2778.768331][ T27] audit: type=1804 audit(2000001536.564:778): pid=2880 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir564719956/syzkaller.Jiyg00/0/bus" dev="sda1" ino=17009 res=1 [ 2778.807191][ T27] audit: type=1804 audit(2000001536.584:779): pid=2879 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir564719956/syzkaller.Jiyg00/0/bus" dev="sda1" ino=17009 res=1 [ 2779.116315][ T2878] syz-executor.2 invoked oom-killer: gfp_mask=0x101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), order=0, oom_score_adj=1000 [ 2779.129016][ T2878] CPU: 1 PID: 2878 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2779.138402][ T2878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2779.148576][ T2878] Call Trace: [ 2779.152428][ T2878] dump_stack+0x172/0x1f0 [ 2779.156767][ T2878] dump_header+0x177/0x1152 [ 2779.161274][ T2878] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2779.167084][ T2878] ? ___ratelimit+0x2c8/0x595 [ 2779.171773][ T2878] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2779.177580][ T2878] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2779.182998][ T2878] ? trace_hardirqs_on+0x67/0x240 [ 2779.188030][ T2878] ? pagefault_out_of_memory+0x11c/0x11c [ 2779.193691][ T2878] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 2779.199505][ T2878] ? ___ratelimit+0x60/0x595 [ 2779.204089][ T2878] ? do_raw_spin_unlock+0x57/0x270 [ 2779.209204][ T2878] oom_kill_process.cold+0x10/0x15 [ 2779.214312][ T2878] out_of_memory+0x334/0x1340 [ 2779.219004][ T2878] ? lock_downgrade+0x920/0x920 [ 2779.223861][ T2878] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2779.229777][ T2878] ? oom_killer_disable+0x280/0x280 [ 2779.234980][ T2878] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2779.241244][ T2878] ? memcg_stat_show+0xc40/0xc40 [ 2779.246213][ T2878] ? do_raw_spin_unlock+0x57/0x270 [ 2779.251354][ T2878] ? _raw_spin_unlock+0x28/0x40 [ 2779.256444][ T2878] try_charge+0xf4b/0x1440 [ 2779.260886][ T2878] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2779.266447][ T2878] ? percpu_ref_tryget_live+0x10c/0x290 [ 2779.271996][ T2878] ? rcu_read_lock_held+0x9c/0xb0 [ 2779.277557][ T2878] ? __kasan_check_read+0x11/0x20 [ 2779.282593][ T2878] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2779.288146][ T2878] mem_cgroup_try_charge+0x136/0x590 [ 2779.293436][ T2878] __add_to_page_cache_locked+0x43f/0xec0 [ 2779.299157][ T2878] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 2779.305138][ T2878] ? __kasan_check_read+0x11/0x20 [ 2779.310166][ T2878] ? __filemap_set_wb_err+0x2b0/0x2b0 [ 2779.315814][ T2878] ? __alloc_pages_nodemask+0x661/0x910 [ 2779.321727][ T2878] ? xas_descend+0x144/0x370 [ 2779.326356][ T2878] ? shadow_lru_isolate+0x430/0x430 [ 2779.331573][ T2878] add_to_page_cache_lru+0x1d8/0x790 [ 2779.336914][ T2878] ? add_to_page_cache_locked+0x40/0x40 [ 2779.342844][ T2878] ? __page_cache_alloc+0x116/0x490 [ 2779.348101][ T2878] pagecache_get_page+0x3c6/0xa00 [ 2779.353143][ T2878] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 2779.358707][ T2878] grab_cache_page_write_begin+0x75/0xb0 [ 2779.364340][ T2878] ext4_da_write_begin+0x2ec/0xb80 [ 2779.369457][ T2878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2779.375714][ T2878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2779.381960][ T2878] ? ext4_write_begin+0xd20/0xd20 [ 2779.386985][ T2878] ? copyin+0x150/0x150 [ 2779.391156][ T2878] generic_perform_write+0x23b/0x540 [ 2779.396442][ T2878] ? timestamp_truncate+0x2f0/0x2f0 [ 2779.401674][ T2878] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4b0/0x4b0 [ 2779.409781][ T2878] ? current_time+0x110/0x110 [ 2779.414506][ T2878] ? generic_write_check_limits.isra.0+0x270/0x270 [ 2779.421130][ T2878] ? aa_file_perm+0x40b/0xdd0 [ 2779.425858][ T2878] __generic_file_write_iter+0x25e/0x630 [ 2779.431548][ T2878] ext4_file_write_iter+0x317/0x13c0 [ 2779.437242][ T2878] ? __kasan_check_read+0x11/0x20 [ 2779.442274][ T2878] ? ext4_release_file+0x380/0x380 [ 2779.447511][ T2878] ? mark_lock+0xc2/0x1220 [ 2779.451946][ T2878] ? __kasan_check_read+0x11/0x20 [ 2779.457045][ T2878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2779.463334][ T2878] ? iov_iter_init+0xee/0x220 [ 2779.468336][ T2878] new_sync_write+0x4d3/0x770 [ 2779.473633][ T2878] ? new_sync_read+0x800/0x800 [ 2779.478422][ T2878] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2779.484686][ T2878] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 2779.489983][ T2878] __vfs_write+0xe1/0x110 [ 2779.494306][ T2878] vfs_write+0x268/0x5d0 [ 2779.498547][ T2878] ksys_write+0x14f/0x290 [ 2779.502869][ T2878] ? __ia32_sys_read+0xb0/0xb0 [ 2779.507628][ T2878] ? do_syscall_64+0x26/0x760 [ 2779.512690][ T2878] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2779.518846][ T2878] ? do_syscall_64+0x26/0x760 [ 2779.523515][ T2878] __x64_sys_write+0x73/0xb0 [ 2779.528102][ T2878] do_syscall_64+0xfa/0x760 [ 2779.532609][ T2878] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2779.538503][ T2878] RIP: 0033:0x459a59 [ 2779.542397][ T2878] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2779.562031][ T2878] RSP: 002b:00007f6d9f529c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2779.570445][ T2878] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a59 [ 2779.578586][ T2878] RDX: 00000000ffffff43 RSI: 0000000020000080 RDI: 0000000000000003 [ 2779.586629][ T2878] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2779.594899][ T2878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d9f52a6d4 [ 2779.603025][ T2878] R13: 00000000004c9e7e R14: 00000000004e1a90 R15: 00000000ffffffff [ 2779.628607][ T2878] memory: usage 11616kB, limit 0kB, failcnt 1041 [ 2779.635972][ T2878] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2779.644869][ T2878] Memory cgroup stats for /syz2: [ 2779.644975][ T2878] anon 2097152 [ 2779.644975][ T2878] file 69632 [ 2779.644975][ T2878] kernel_stack 0 [ 2779.644975][ T2878] slab 9367552 [ 2779.644975][ T2878] sock 106496 [ 2779.644975][ T2878] shmem 0 [ 2779.644975][ T2878] file_mapped 0 [ 2779.644975][ T2878] file_dirty 135168 [ 2779.644975][ T2878] file_writeback 0 [ 2779.644975][ T2878] anon_thp 2097152 [ 2779.644975][ T2878] inactive_anon 245760 [ 2779.644975][ T2878] active_anon 2097152 [ 2779.644975][ T2878] inactive_file 200704 [ 2779.644975][ T2878] active_file 24576 [ 2779.644975][ T2878] unevictable 0 [ 2779.644975][ T2878] slab_reclaimable 3514368 [ 2779.644975][ T2878] slab_unreclaimable 5853184 [ 2779.644975][ T2878] pgfault 396297 [ 2779.644975][ T2878] pgmajfault 0 [ 2779.644975][ T2878] workingset_refault 0 [ 2779.644975][ T2878] workingset_activate 0 [ 2779.644975][ T2878] workingset_nodereclaim 0 [ 2779.644975][ T2878] pgrefill 142 [ 2779.644975][ T2878] pgscan 8457 [ 2779.644975][ T2878] pgsteal 4927 [ 2779.746464][ C1] net_ratelimit: 24 callbacks suppressed [ 2779.746475][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2779.746560][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:58:57 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") setfsgid(0x0) 03:58:57 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) 03:58:57 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x14, 0x0, 0x8, 0xf1a}, 0x2c) 03:58:57 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x7c, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000100007031dfffd946fa2830020200a0009000100000000010000aba20400ff7e28000000060affffba01000000ff000000000000008be3518546c8243929db2406b20cd37ed01cc0", 0xff04}], 0x1}, 0x0) 03:58:57 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='cubic\x00', 0x6) [ 2779.766235][ T2878] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=2877,uid=0 [ 2779.783912][ T2878] Memory cgroup out of memory: Killed process 2878 (syz-executor.2) total-vm:72840kB, anon-rss:2196kB, file-rss:35932kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 2779.805219][ T1058] oom_reaper: reaped process 2878 (syz-executor.2), now anon-rss:0kB, file-rss:34972kB, shmem-rss:0kB 03:58:57 executing program 2: epoll_create1(0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_DBG_G_REGISTER(0xffffffffffffffff, 0xc0385650, &(0x7f0000000400)={{0x0, @name="f40d8d948e14a21e22f3d685f40ae0116a2ac05cbbcece4f28dc5513953ee25b"}, 0x8}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f000067d000)=0x19, 0x4) bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r2, 0x0) connect$unix(r1, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) [ 2779.878270][ T2869] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 2779.897206][ T2869] CPU: 1 PID: 2869 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2779.906195][ T2869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2779.916287][ T2869] Call Trace: [ 2779.919610][ T2869] dump_stack+0x172/0x1f0 [ 2779.923980][ T2869] dump_header+0x177/0x1152 [ 2779.928542][ T2869] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2779.934367][ T2869] ? ___ratelimit+0x2c8/0x595 [ 2779.939068][ T2869] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2779.944910][ T2869] ? lockdep_hardirqs_on+0x421/0x5e0 [ 2779.950229][ T2869] ? trace_hardirqs_on+0x67/0x240 [ 2779.955295][ T2869] ? pagefault_out_of_memory+0x11c/0x11c [ 2779.957166][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2779.961910][ T2869] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 03:58:57 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x14, 0x0, 0x8, 0xf1a}, 0x2c) [ 2779.967999][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2779.973690][ T2869] ? ___ratelimit+0x60/0x595 [ 2779.973706][ T2869] ? do_raw_spin_unlock+0x57/0x270 [ 2779.973729][ T2869] oom_kill_process.cold+0x10/0x15 [ 2779.973746][ T2869] out_of_memory+0x334/0x1340 [ 2779.973765][ T2869] ? lock_downgrade+0x920/0x920 [ 2780.000714][ T2889] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 2780.003935][ T2869] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2780.003954][ T2869] ? oom_killer_disable+0x280/0x280 [ 2780.003978][ T2869] mem_cgroup_out_of_memory+0x1d8/0x240 [ 2780.028933][ T2869] ? memcg_stat_show+0xc40/0xc40 [ 2780.033919][ T2869] ? do_raw_spin_unlock+0x57/0x270 [ 2780.039583][ T2869] ? _raw_spin_unlock+0x28/0x40 [ 2780.044458][ T2869] try_charge+0xf4b/0x1440 [ 2780.048869][ T2869] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2780.054576][ T2869] ? percpu_ref_tryget_live+0x10c/0x290 [ 2780.060135][ T2869] ? rcu_read_lock_held+0x9c/0xb0 [ 2780.065347][ T2869] ? __kasan_check_read+0x11/0x20 [ 2780.070365][ T2869] ? get_mem_cgroup_from_mm+0x151/0x310 [ 2780.075905][ T2869] mem_cgroup_try_charge+0x136/0x590 [ 2780.081503][ T2869] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2780.087231][ T2869] wp_page_copy+0x407/0x1860 [ 2780.092005][ T2869] ? find_held_lock+0x35/0x130 [ 2780.096761][ T2869] ? do_wp_page+0x53b/0x1540 [ 2780.101514][ T2869] ? do_page_mkwrite+0x5b0/0x5b0 [ 2780.106446][ T2869] ? lock_downgrade+0x920/0x920 [ 2780.111375][ T2869] ? swp_swapcount+0x540/0x540 [ 2780.116129][ T2869] ? __kasan_check_read+0x11/0x20 [ 2780.121156][ T2869] ? do_raw_spin_unlock+0x57/0x270 [ 2780.126260][ T2869] do_wp_page+0x543/0x1540 [ 2780.130679][ T2869] ? finish_mkwrite_fault+0x6a0/0x6a0 [ 2780.136055][ T2869] __handle_mm_fault+0x23a9/0x3fd0 [ 2780.141166][ T2869] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2780.146966][ T2869] ? handle_mm_fault+0x292/0xa90 [ 2780.151916][ T2869] ? handle_mm_fault+0x7dd/0xa90 [ 2780.157121][ T2869] ? __kasan_check_read+0x11/0x20 [ 2780.162150][ T2869] handle_mm_fault+0x3b2/0xa90 [ 2780.166911][ T2869] __do_page_fault+0x536/0xdd0 [ 2780.171694][ T2869] do_page_fault+0x38/0x590 [ 2780.176206][ T2869] page_fault+0x39/0x40 [ 2780.180536][ T2869] RIP: 0033:0x430b36 [ 2780.184421][ T2869] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 66 71 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 2c 44 64 00 85 c0 0f 84 [ 2780.204100][ T2869] RSP: 002b:00007ffe6fdca090 EFLAGS: 00010206 [ 2780.210157][ T2869] RAX: 0000000000019691 RBX: 0000000000716640 RCX: 0000000000008041 [ 2780.218815][ T2869] RDX: 0000000001967930 RSI: 000000000196f970 RDI: 0000000000000003 03:58:58 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendto$unix(r1, &(0x7f0000000140)="24c8385939070000008bad2beba5005cf47d12e27903d3f8168b9f62f35cc5f4ec", 0xd635455c3de76378, 0xffffffffffffffee, 0x0, 0xfffffffffffffec0) recvfrom(r1, &(0x7f0000001240)=""/4096, 0xb71b829b6f5560a, 0x10060, 0x0, 0xfffffffffffffff1) [ 2780.227817][ T2869] RBP: 0000000000008041 R08: 0000000000000001 R09: 0000000001966940 [ 2780.236122][ T2869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000716698 [ 2780.244459][ T2869] R13: 0000000000716698 R14: 0000000000000000 R15: 0000000000002710 [ 2780.278102][ T2889] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 03:58:58 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) 03:58:58 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) [ 2780.349928][ T2869] memory: usage 9192kB, limit 0kB, failcnt 1050 [ 2780.356695][ T2869] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2780.386509][ T2869] Memory cgroup stats for /syz2: [ 2780.388752][ T2869] anon 0 [ 2780.388752][ T2869] file 69632 [ 2780.388752][ T2869] kernel_stack 0 [ 2780.388752][ T2869] slab 9367552 [ 2780.388752][ T2869] sock 106496 [ 2780.388752][ T2869] shmem 0 [ 2780.388752][ T2869] file_mapped 0 [ 2780.388752][ T2869] file_dirty 135168 [ 2780.388752][ T2869] file_writeback 0 [ 2780.388752][ T2869] anon_thp 0 [ 2780.388752][ T2869] inactive_anon 245760 [ 2780.388752][ T2869] active_anon 0 [ 2780.388752][ T2869] inactive_file 65536 [ 2780.388752][ T2869] active_file 24576 [ 2780.388752][ T2869] unevictable 0 03:58:58 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x6}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="02020609100000000000004c9e0000000200130002000000000000000020000105000600200000000a00000000000000000500e5000000000f001f00000000000009200000000000020001000800000000000002000098a805000500000000000a00000000003b00ff1700a51409ac4cb3cbcf000000000000000000000000171dbc980290aaf2f50a955b0ebfbbc93928dd38f9b8faa692de2c4fb4241e887182bbcbb8de6b013e4d78344158827c35ce705a2ed3af32124adf0632a88b669e1e696aac3398c85a12f570f2c7ccf88a2d25693ee8f07a44039ab0d1ad5d1d25ded861f5c39ec4b212ce3394759f15da379ed6cdddf254"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x40000000000002b, 0x0) 03:58:58 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendto$unix(r1, &(0x7f0000000140)="24c8385939070000008bad2beba5005cf47d12e27903d3f8168b9f62f35cc5f4ec", 0xd635455c3de76378, 0xffffffffffffffee, 0x0, 0xfffffffffffffec0) recvfrom(r1, &(0x7f0000001240)=""/4096, 0xb71b829b6f5560a, 0x10060, 0x0, 0xfffffffffffffff1) [ 2780.388752][ T2869] slab_reclaimable 3514368 [ 2780.388752][ T2869] slab_unreclaimable 5853184 [ 2780.388752][ T2869] pgfault 396297 [ 2780.388752][ T2869] pgmajfault 0 [ 2780.388752][ T2869] workingset_refault 0 [ 2780.388752][ T2869] workingset_activate 0 [ 2780.388752][ T2869] workingset_nodereclaim 0 [ 2780.388752][ T2869] pgrefill 142 [ 2780.388752][ T2869] pgscan 8490 [ 2780.388752][ T2869] pgsteal 4960 [ 2780.388752][ T2869] pgactivate 1683 03:58:58 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) 03:58:58 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x7c, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000100007031dfffd946fa2830020200a0009000100000000010000aba20400ff7e28000000060affffba01000000ff000000000000008be3518546c8243929db2406b20cd37ed01cc0", 0xff04}], 0x1}, 0x0) 03:58:58 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) [ 2780.809169][ T2914] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 2780.837149][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2780.843108][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:58:58 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) 03:58:58 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x6}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="02020609100000000000004c9e0000000200130002000000000000000020000105000600200000000a00000000000000000500e5000000000f001f00000000000009200000000000020001000800000000000002000098a805000500000000000a00000000003b00ff1700a51409ac4cb3cbcf000000000000000000000000171dbc980290aaf2f50a955b0ebfbbc93928dd38f9b8faa692de2c4fb4241e887182bbcbb8de6b013e4d78344158827c35ce705a2ed3af32124adf0632a88b669e1e696aac3398c85a12f570f2c7ccf88a2d25693ee8f07a44039ab0d1ad5d1d25ded861f5c39ec4b212ce3394759f15da379ed6cdddf254"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x40000000000002b, 0x0) [ 2780.861379][ T2914] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2780.917175][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2780.923058][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2780.989477][ T2869] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=2869,uid=0 [ 2781.035131][ T2869] Memory cgroup out of memory: Killed process 2869 (syz-executor.2) total-vm:72444kB, anon-rss:68kB, file-rss:34832kB, shmem-rss:0kB, UID:0 pgtables:126976kB oom_score_adj:0 [ 2781.077963][ T1058] oom_reaper: reaped process 2869 (syz-executor.2), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 03:58:59 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{}, "8f2cb530c4c5131d", "3a6bc8cbf5f0c26e95c106070f435ee6", "aeb368b2", "73d2aaccb759e14d"}, 0x28) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r2, &(0x7f0000000440)=[{&(0x7f0000000540)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad5357423b08db538753bcf550f05d219f8c6ca03228dd8d293261ba071190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x67}, {&(0x7f00000003c0)="b1252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d81b53e3fce25735962003d59c73b5c7e008a287d2a1d4", 0x30}, {&(0x7f0000000700)="c2e03ca050ae6e9864a1798b5cc6822a6179ef8da5cd850e45cd71cd4dfe222335695c1aa33ed46d46bd8b2e6cad6ddcf596", 0x32}], 0x3) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) write$binfmt_script(r2, &(0x7f0000000840)=ANY=[@ANYBLOB="2321200a8117fb62d5eb1b3c750c75c5533f018823a1699743876915922a9b66379e3db9e87bb57e1d384bfe3042c49ef9134937af481f2b44e023b3c35f0b8810707ef1dacca01048b2c20b884e0efb76d2659a715f3b513e331597c9d3c9afed9390b357d0744ddc020aedf819000000000000000832ff0769dea9ed32487d2bf1acafcf98d817857774004608d609000000701f793b97fdcccc62273deb40c4e69857745a810000000000009755979c72f645e9898fb9d61b0ec3a669af77550098323d175d496b"], 0xc9) sendmmsg$inet(r2, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="8cb08f70aca1f2e24e7dc4636db1607852800ad7239bfbb123065f68cd67943bc81a1d56defee801abbb295542689614ad3cf075062ecc8fff703998f05b4a75cd21c51a0cdf5c1d22ec6c88b2f328c35d2284ce373751008f2fe11265fc7b892d9211b9f2b8d60d65de6a11b376b8379dea0e24d9d54997f9b0c35fdbb691b6a85b1dd235877eaf2c6b56cdebc12feefdd198891969cc07ec80aa29bcc95a7fa0866e97a784c0ac21edab15d06cfb51b0f47e5f4404000000", 0xb9}], 0x1}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f00000007c0)="6704848d55e654ad6f06f85d5c8caed968361a080c9a53252ca10c8e9f2257b4300eccf6f7e8f49e10382d24c8e304851ba9f674097b80c63dc396090a3762753a1400aba6fc2b7dcec89c4c03bb4f4a995e7f0d40", 0x55}], 0x1}}], 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 03:58:59 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendto$unix(r1, &(0x7f0000000140)="24c8385939070000008bad2beba5005cf47d12e27903d3f8168b9f62f35cc5f4ec", 0xd635455c3de76378, 0xffffffffffffffee, 0x0, 0xfffffffffffffec0) recvfrom(r1, &(0x7f0000001240)=""/4096, 0xb71b829b6f5560a, 0x10060, 0x0, 0xfffffffffffffff1) 03:58:59 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x7c, &(0x7f0000000100)=[{&(0x7f0000000000)="24000000100007031dfffd946fa2830020200a0009000100000000010000aba20400ff7e28000000060affffba01000000ff000000000000008be3518546c8243929db2406b20cd37ed01cc0", 0xff04}], 0x1}, 0x0) 03:58:59 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x2, {0x1, @sliced}}) 03:58:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x21, 0x1, 0x0, 0x0, {0x7, 0xe00000000000000}}, 0x14}}, 0x0) 03:58:59 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x6}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="02020609100000000000004c9e0000000200130002000000000000000020000105000600200000000a00000000000000000500e5000000000f001f00000000000009200000000000020001000800000000000002000098a805000500000000000a00000000003b00ff1700a51409ac4cb3cbcf000000000000000000000000171dbc980290aaf2f50a955b0ebfbbc93928dd38f9b8faa692de2c4fb4241e887182bbcbb8de6b013e4d78344158827c35ce705a2ed3af32124adf0632a88b669e1e696aac3398c85a12f570f2c7ccf88a2d25693ee8f07a44039ab0d1ad5d1d25ded861f5c39ec4b212ce3394759f15da379ed6cdddf254"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x40000000000002b, 0x0) [ 2781.477126][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2781.483139][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2781.489894][ T2929] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 2781.557480][ T2929] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 03:58:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x21, 0x1, 0x0, 0x0, {0x7, 0xe00000000000000}}, 0x14}}, 0x0) 03:58:59 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) 03:58:59 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x6}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="02020609100000000000004c9e0000000200130002000000000000000020000105000600200000000a00000000000000000500e5000000000f001f00000000000009200000000000020001000800000000000002000098a805000500000000000a00000000003b00ff1700a51409ac4cb3cbcf000000000000000000000000171dbc980290aaf2f50a955b0ebfbbc93928dd38f9b8faa692de2c4fb4241e887182bbcbb8de6b013e4d78344158827c35ce705a2ed3af32124adf0632a88b669e1e696aac3398c85a12f570f2c7ccf88a2d25693ee8f07a44039ab0d1ad5d1d25ded861f5c39ec4b212ce3394759f15da379ed6cdddf254"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x40000000000002b, 0x0) 03:58:59 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:58:59 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendto$unix(r1, &(0x7f0000000140)="24c8385939070000008bad2beba5005cf47d12e27903d3f8168b9f62f35cc5f4ec", 0xd635455c3de76378, 0xffffffffffffffee, 0x0, 0xfffffffffffffec0) recvfrom(r1, &(0x7f0000001240)=""/4096, 0xb71b829b6f5560a, 0x10060, 0x0, 0xfffffffffffffff1) 03:58:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x21, 0x1, 0x0, 0x0, {0x7, 0xe00000000000000}}, 0x14}}, 0x0) 03:58:59 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8982, &(0x7f0000000040)={'\x06\x00\x00\x00\x00\x00\x00\x00H\x00'}) 03:58:59 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) 03:59:00 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8982, &(0x7f0000000040)={'\x06\x00\x00\x00\x00\x00\x00\x00H\x00'}) 03:59:00 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) 03:59:00 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x21, 0x1, 0x0, 0x0, {0x7, 0xe00000000000000}}, 0x14}}, 0x0) 03:59:00 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0}) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180), 0x127) 03:59:00 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x161, 0x11, 0x48}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:00 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x161, 0x11, 0x48}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:00 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) [ 2783.874455][ T2988] IPVS: ftp: loaded support on port[0] = 21 [ 2784.019833][ T2988] chnl_net:caif_netlink_parms(): no params data found [ 2784.029986][ T7088] device bridge_slave_1 left promiscuous mode [ 2784.036278][ T7088] bridge0: port 2(bridge_slave_1) entered disabled state [ 2784.098441][ T7088] device bridge_slave_0 left promiscuous mode [ 2784.104750][ T7088] bridge0: port 1(bridge_slave_0) entered disabled state [ 2784.997512][ C1] net_ratelimit: 18 callbacks suppressed [ 2784.997523][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2785.009988][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2785.637228][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2785.643236][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2785.649228][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2785.655223][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2785.957142][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2785.965791][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2786.057995][ T7088] device hsr_slave_0 left promiscuous mode [ 2786.097297][ T7088] device hsr_slave_1 left promiscuous mode [ 2786.156710][ T7088] team0 (unregistering): Port device team_slave_1 removed [ 2786.182895][ T7088] team0 (unregistering): Port device team_slave_0 removed [ 2786.195981][ T7088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2786.207204][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2786.213390][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2786.233331][ T7088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2786.312913][ T7088] bond0 (unregistering): Released all slaves [ 2786.435373][ T2988] bridge0: port 1(bridge_slave_0) entered blocking state [ 2786.442763][ T2988] bridge0: port 1(bridge_slave_0) entered disabled state [ 2786.451195][ T2988] device bridge_slave_0 entered promiscuous mode [ 2786.459969][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state [ 2786.467393][ T2988] bridge0: port 2(bridge_slave_1) entered disabled state [ 2786.475417][ T2988] device bridge_slave_1 entered promiscuous mode [ 2786.498187][ T2988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2786.510050][ T2988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2786.534723][ T2988] team0: Port device team_slave_0 added [ 2786.543545][ T2988] team0: Port device team_slave_1 added [ 2786.610072][ T2988] device hsr_slave_0 entered promiscuous mode [ 2786.661179][ T2988] device hsr_slave_1 entered promiscuous mode [ 2786.721749][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state [ 2786.728962][ T2988] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2786.736575][ T2988] bridge0: port 1(bridge_slave_0) entered blocking state [ 2786.743923][ T2988] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2786.898603][ T2988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2786.924792][T24704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2786.936376][T24704] bridge0: port 1(bridge_slave_0) entered disabled state [ 2786.944813][T24704] bridge0: port 2(bridge_slave_1) entered disabled state [ 2786.954201][T24704] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2786.973110][ T2988] 8021q: adding VLAN 0 to HW filter on device team0 [ 2786.987340][T24704] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2786.996808][T24704] bridge0: port 1(bridge_slave_0) entered blocking state [ 2787.004045][T24704] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2787.030394][T25421] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2787.039164][T25421] bridge0: port 2(bridge_slave_1) entered blocking state [ 2787.046241][T25421] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2787.071420][T25421] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2787.092139][T25421] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2787.101543][T25421] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2787.113635][T25421] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2787.129595][ T2988] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2787.143433][ T2988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2787.163122][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2787.204723][ T2988] 8021q: adding VLAN 0 to HW filter on device batadv0 03:59:05 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:59:05 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0}) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180), 0x127) 03:59:05 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) 03:59:05 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8982, &(0x7f0000000040)={'\x06\x00\x00\x00\x00\x00\x00\x00H\x00'}) 03:59:05 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x161, 0x11, 0x48}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:05 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) 03:59:05 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000800)={0x3, 0x2b, 0x0, 0xffffffffffffffff}) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) dup3(r2, r1, 0x0) 03:59:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:59:05 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x161, 0x11, 0x48}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:05 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8982, &(0x7f0000000040)={'\x06\x00\x00\x00\x00\x00\x00\x00H\x00'}) 03:59:05 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0}) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180), 0x127) 03:59:05 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:59:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:59:05 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x624) 03:59:05 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, 0x0, 0x0) 03:59:05 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={0x0, 0x0}) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f0000000180), 0x127) 03:59:05 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:06 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:59:06 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, 0x0, 0x0) 03:59:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000000c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24) listen(r0, 0x9) 03:59:06 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x624) 03:59:06 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x20000004, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) shutdown(r2, 0x1) r3 = accept(r1, 0x0, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB], 0x1}}, 0x0) recvfrom$inet6(r2, &(0x7f00000003c0)=""/226, 0xfffffffffffffec8, 0x0, 0x0, 0x0) close(r2) 03:59:06 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, 0x0, 0x0) 03:59:06 executing program 2: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) [ 2788.725568][ T27] audit: type=1800 audit(2000001546.514:780): pid=3048 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=16670 res=0 03:59:06 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:06 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:06 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x624) 03:59:06 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, 0x0, 0x0) 03:59:07 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x624) 03:59:07 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:07 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000040)={0x0, 0x0, 0x0}) 03:59:07 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:07 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) socket(0x10, 0x80002, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) dup(0xffffffffffffffff) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x14', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:59:07 executing program 3: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="7065726d68617420307c303030303030303030303030303030125e2f70726f632f7468726561642d84656c662f617474722f63757272656e74002900be983d50403f830080ffff3a2521ab4280a4a37e87832f1157c245c47debbbb5aa739254559afe2291d034d927d6bc5264e78a4f6efde2"], 0x3c) 03:59:07 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000040)={0x0, 0x0, 0x0}) [ 2789.846999][ T3121] AppArmor: change_hat: Invalid input '0|000000000000000^/proc/thread-„elf/attr/current' [ 2789.865190][ T3115] bond0: (slave bond_slave_1): Releasing backup interface 03:59:07 executing program 2: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) 03:59:07 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:07 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r4, 0x200004) sendfile(r0, r4, 0x0, 0x80001d00c0d0) 03:59:07 executing program 3: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="7065726d68617420307c303030303030303030303030303030125e2f70726f632f7468726561642d84656c662f617474722f63757272656e74002900be983d50403f830080ffff3a2521ab4280a4a37e87832f1157c245c47debbbb5aa739254559afe2291d034d927d6bc5264e78a4f6efde2"], 0x3c) 03:59:07 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000040)={0x0, 0x0, 0x0}) [ 2790.117110][ C1] net_ratelimit: 26 callbacks suppressed [ 2790.117120][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2790.128776][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:08 executing program 3: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="7065726d68617420307c303030303030303030303030303030125e2f70726f632f7468726561642d84656c662f617474722f63757272656e74002900be983d50403f830080ffff3a2521ab4280a4a37e87832f1157c245c47debbbb5aa739254559afe2291d034d927d6bc5264e78a4f6efde2"], 0x3c) 03:59:08 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000040)={0x0, 0x0, 0x0}) [ 2790.188764][ T3139] AppArmor: change_hat: Invalid input '0|000000000000000^/proc/thread-„elf/attr/current' [ 2790.357165][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2790.363236][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:08 executing program 3: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="7065726d68617420307c303030303030303030303030303030125e2f70726f632f7468726561642d84656c662f617474722f63757272656e74002900be983d50403f830080ffff3a2521ab4280a4a37e87832f1157c245c47debbbb5aa739254559afe2291d034d927d6bc5264e78a4f6efde2"], 0x3c) 03:59:08 executing program 0: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) [ 2790.440887][ T3151] AppArmor: change_hat: Invalid input '0|000000000000000^/proc/thread-„elf/attr/current' [ 2790.700841][ T3161] AppArmor: change_hat: Invalid input '0|000000000000000^/proc/thread-„elf/attr/current' [ 2790.797357][ T3123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2790.849831][ T3155] bond0: (slave bond_slave_1): Releasing backup interface 03:59:08 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) socket(0x10, 0x80002, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) dup(0xffffffffffffffff) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x14', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:59:08 executing program 2: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) 03:59:08 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x88) recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0x45000000, 0x0}}], 0x300, 0x0, 0x0) shutdown(r0, 0x0) 03:59:08 executing program 0: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) 03:59:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) sendmmsg$alg(r0, &(0x7f0000001ec0)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="2bb60b790a6890622bcab94fcaab3c", 0xf}], 0x1}], 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000000)=0x200ca, 0x4) 03:59:08 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2e, 0xffffffffffffff3f, 0x0, &(0x7f0000000540)=""/162}, 0xfffffffffffffd97) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x8, 0x800, 0x2, &(0x7f0000000500)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x28, 0x29, &(0x7f00000006c0)="b9ff031a000d698cb89e40f02cead5dc57ee41dea43e63a377fb7f11c72be949eb4be1977d486a72", &(0x7f00000000c0)=""/41, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x28) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, 0x0) [ 2791.156830][ T3156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2791.237156][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2791.243193][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2791.289959][ T3308] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 03:59:09 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x88) recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0x45000000, 0x0}}], 0x300, 0x0, 0x0) shutdown(r0, 0x0) [ 2791.511067][ T3316] bond0: (slave bond_slave_1): Releasing backup interface [ 2791.717679][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2791.724186][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:09 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x88) recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0x45000000, 0x0}}], 0x300, 0x0, 0x0) shutdown(r0, 0x0) [ 2791.877106][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2791.883135][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:09 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2e, 0xffffffffffffff3f, 0x0, &(0x7f0000000540)=""/162}, 0xfffffffffffffd97) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x8, 0x800, 0x2, &(0x7f0000000500)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x28, 0x29, &(0x7f00000006c0)="b9ff031a000d698cb89e40f02cead5dc57ee41dea43e63a377fb7f11c72be949eb4be1977d486a72", &(0x7f00000000c0)=""/41, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x28) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, 0x0) 03:59:09 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x88) recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0x45000000, 0x0}}], 0x300, 0x0, 0x0) shutdown(r0, 0x0) 03:59:10 executing program 2: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) 03:59:10 executing program 0: socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3250}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$key(0xf, 0x3, 0x2) [ 2792.710995][ T3349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 03:59:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) socket(0x10, 0x80002, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) dup(0xffffffffffffffff) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x14', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:59:10 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x7b, 0xa, 0xff00}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x6, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x4}, 0x48) 03:59:10 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) sendmmsg$alg(r0, &(0x7f0000001ec0)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="2bb60b790a6890622bcab94fcaab3c", 0xf}], 0x1}], 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000000)=0x200ca, 0x4) 03:59:10 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x7b, 0xa, 0xff00}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x6, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x4}, 0x48) 03:59:10 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2e, 0xffffffffffffff3f, 0x0, &(0x7f0000000540)=""/162}, 0xfffffffffffffd97) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x8, 0x800, 0x2, &(0x7f0000000500)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x28, 0x29, &(0x7f00000006c0)="b9ff031a000d698cb89e40f02cead5dc57ee41dea43e63a377fb7f11c72be949eb4be1977d486a72", &(0x7f00000000c0)=""/41, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x28) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, 0x0) [ 2793.177873][ T3545] bond0: (slave bond_slave_1): Releasing backup interface 03:59:11 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=@delsa={0x28, 0x11, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x6c}}, 0x28}, 0x8}, 0x0) 03:59:11 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x7b, 0xa, 0xff00}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x6, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x4}, 0x48) 03:59:11 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=@delsa={0x28, 0x11, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x6c}}, 0x28}, 0x8}, 0x0) 03:59:11 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x7b, 0xa, 0xff00}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x6, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x4}, 0x48) 03:59:11 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x2, 0x9, 0x0, 0x0, 0x0, 0x10024, 0x1b, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = mq_open(0x0, 0x42, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0xc0, 0x0) r1 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) r2 = semget(0x3, 0x1, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x80006, 0x0) write$uinput_user_dev(r3, &(0x7f0000000140)={'\x04yz0\x05\xf0\x00\x00\x00\x80\xff\xff\xff\t\x00\x00\xfe\xff\xff\xff\x00\x00\x00\x00\x05\xbf\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5]}, 0x45c) lstat(&(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r3, &(0x7f00000000c0)={0x90, 0x0, 0x5, {0x4, 0x3, 0x80000001, 0xffffffff, 0x0, 0xffffffff, {0x0, 0x1c, 0xfff, 0xffff, 0x401, 0x6, 0x10001, 0x17d, 0x7, 0x8b, 0x95a, 0x0, r4, 0x25, 0x4}}}, 0x90) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0x6) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000140)={'\x04yz0\x05\xf0\x00\x00\x00\x80\xff\xff\xff\t\x00\x00\xfe\xff\xff\xff\x00\x00\x00\x00\x05\xbf\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c) lstat(&(0x7f00000000c0)='.\x00', 0x0) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0x0, 0x5, {0x4, 0x0, 0x80000001, 0xffffffff, 0x0, 0xffffffff, {0x0, 0x1c, 0xfff, 0x0, 0x401, 0x0, 0x10001, 0x17d, 0x7, 0x8b, 0x95a, 0x0, 0x0, 0x25, 0x4}}}, 0x90) semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f0000000000)={{0x20, 0x0, r4, r6, 0x0, 0xad, 0x3f34}, 0x7, 0x3, 0xfff}) shmctl$IPC_INFO(r1, 0x3, 0x0) mq_unlink(&(0x7f0000000140)='eth0\x00') write(0xffffffffffffffff, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e8", 0x174) 03:59:11 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=@delsa={0x28, 0x11, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x6c}}, 0x28}, 0x8}, 0x0) 03:59:11 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000001a00)=@known='system.posix_acl_default\x00', &(0x7f0000001a40)='filter\x00', 0x7, 0x0) [ 2794.324270][ T3557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 03:59:12 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) socket(0x10, 0x80002, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) dup(0xffffffffffffffff) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x14', @ifru_names='bond_slave_1\x00\x00\x00\b'}) 03:59:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000001a00)=@known='system.posix_acl_default\x00', &(0x7f0000001a40)='filter\x00', 0x7, 0x0) 03:59:12 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=@delsa={0x28, 0x11, 0x1, 0x0, 0x0, {@in6=@empty, 0x0, 0x0, 0x6c}}, 0x28}, 0x8}, 0x0) 03:59:12 executing program 4: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2e, 0xffffffffffffff3f, 0x0, &(0x7f0000000540)=""/162}, 0xfffffffffffffd97) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x8, 0x800, 0x2, &(0x7f0000000500)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x28, 0x29, &(0x7f00000006c0)="b9ff031a000d698cb89e40f02cead5dc57ee41dea43e63a377fb7f11c72be949eb4be1977d486a72", &(0x7f00000000c0)=""/41, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x28) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, 0x0) 03:59:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) sendmmsg$alg(r0, &(0x7f0000001ec0)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="2bb60b790a6890622bcab94fcaab3c", 0xf}], 0x1}], 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000000)=0x200ca, 0x4) 03:59:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@dev}, {@in6=@mcast2, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}]}, 0x13c}}, 0x0) 03:59:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000001a00)=@known='system.posix_acl_default\x00', &(0x7f0000001a40)='filter\x00', 0x7, 0x0) [ 2794.698210][ T3706] bond0: (slave bond_slave_1): Releasing backup interface 03:59:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000001a00)=@known='system.posix_acl_default\x00', &(0x7f0000001a40)='filter\x00', 0x7, 0x0) 03:59:12 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f000001d000)={0x0, 0x0, &(0x7f0000024000)=[{&(0x7f0000000100)="24000000100007031dff22946fa2830020200a0009000300001d85687f0000000400ff7e28000000030a43ba5d806055b6fdd80b40000000140003000029ec2400020cd37e99d69cda45a95e", 0x4c}], 0x1}, 0x0) 03:59:13 executing program 3: pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) fstat(r1, &(0x7f0000001080)) write(r1, &(0x7f00000001c0), 0xfffffef3) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x2797ef3f}], 0x1, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) readv(r2, &(0x7f0000001280)=[{&(0x7f0000000040)=""/4083, 0xff3}, {&(0x7f0000003580)=""/4096, 0x1000}], 0xa5) [ 2795.397151][ C1] net_ratelimit: 18 callbacks suppressed [ 2795.397185][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2795.408866][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:13 executing program 4: setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)=@gcm_256={{}, "9a7b435d864282c7", "9234cc1abd949fa4eb57559c818df186106f0a8009481bfeb420bae60f252401", "0497c74d", "a26c3512c94e767d"}, 0x38) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x1c, 0x2f, 0x3ff, 0x0, 0x0, {0x8}, [@typed={0x8, 0x3, @str='\x14'}]}, 0x1c}}, 0x0) [ 2795.541649][ T3708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 03:59:13 executing program 0: r0 = socket$kcm(0x11, 0x2, 0x0) r1 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x58c3f49c7ba29446) dup2(r0, r1) 03:59:13 executing program 2: r0 = epoll_create1(0x0) r1 = timerfd_create(0x0, 0x0) dup3(r0, r1, 0x0) 03:59:13 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) sendmmsg$alg(r0, &(0x7f0000001ec0)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="2bb60b790a6890622bcab94fcaab3c", 0xf}], 0x1}], 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000000)=0x200ca, 0x4) 03:59:13 executing program 5: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x81, 0x7, 0x5, 0x1}, 0xcc) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r0, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r0, &(0x7f0000000180)}, 0x10) 03:59:13 executing program 4: setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)=@gcm_256={{}, "9a7b435d864282c7", "9234cc1abd949fa4eb57559c818df186106f0a8009481bfeb420bae60f252401", "0497c74d", "a26c3512c94e767d"}, 0x38) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x1c, 0x2f, 0x3ff, 0x0, 0x0, {0x8}, [@typed={0x8, 0x3, @str='\x14'}]}, 0x1c}}, 0x0) [ 2795.877139][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2795.883142][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:13 executing program 5: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x81, 0x7, 0x5, 0x1}, 0xcc) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r0, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r0, &(0x7f0000000180)}, 0x10) 03:59:13 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x80000001}, 0x0, 0x20}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 03:59:13 executing program 4: setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)=@gcm_256={{}, "9a7b435d864282c7", "9234cc1abd949fa4eb57559c818df186106f0a8009481bfeb420bae60f252401", "0497c74d", "a26c3512c94e767d"}, 0x38) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x1c, 0x2f, 0x3ff, 0x0, 0x0, {0x8}, [@typed={0x8, 0x3, @str='\x14'}]}, 0x1c}}, 0x0) [ 2796.037128][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2796.043176][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2796.049295][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2796.055202][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:13 executing program 1: io_setup(0x1, &(0x7f0000000300)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\r', 0x20000005002}) ioctl$EVIOCSABS20(0xffffffffffffffff, 0x401845e0, &(0x7f0000000040)={0x154083a7, 0xfffffff8, 0xffff}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r1, &(0x7f0000000040), 0xff66}]) 03:59:13 executing program 3: pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) fstat(r1, &(0x7f0000001080)) write(r1, &(0x7f00000001c0), 0xfffffef3) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x2797ef3f}], 0x1, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) readv(r2, &(0x7f0000001280)=[{&(0x7f0000000040)=""/4083, 0xff3}, {&(0x7f0000003580)=""/4096, 0x1000}], 0xa5) 03:59:13 executing program 0: r0 = socket$kcm(0x11, 0x2, 0x0) r1 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x58c3f49c7ba29446) dup2(r0, r1) 03:59:14 executing program 5: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x81, 0x7, 0x5, 0x1}, 0xcc) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r0, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r0, &(0x7f0000000180)}, 0x10) [ 2796.357152][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2796.363082][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:14 executing program 4: setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)=@gcm_256={{}, "9a7b435d864282c7", "9234cc1abd949fa4eb57559c818df186106f0a8009481bfeb420bae60f252401", "0497c74d", "a26c3512c94e767d"}, 0x38) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x1c, 0x2f, 0x3ff, 0x0, 0x0, {0x8}, [@typed={0x8, 0x3, @str='\x14'}]}, 0x1c}}, 0x0) 03:59:14 executing program 0: r0 = socket$kcm(0x11, 0x2, 0x0) r1 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x58c3f49c7ba29446) dup2(r0, r1) 03:59:14 executing program 5: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x81, 0x7, 0x5, 0x1}, 0xcc) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r0, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r0, &(0x7f0000000180)}, 0x10) 03:59:14 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x3, 0xc, 0x6000000, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "e5"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) 03:59:14 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x80000001}, 0x0, 0x20}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 03:59:14 executing program 0: r0 = socket$kcm(0x11, 0x2, 0x0) r1 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x58c3f49c7ba29446) dup2(r0, r1) 03:59:14 executing program 5: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:14 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000003639405cb4aed12f0000000000ae47a825d86800278dcff47d01855c43ef792d2d5f", 0x28}], 0x4, 0x0) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe76}, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 03:59:14 executing program 3: pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) fstat(r1, &(0x7f0000001080)) write(r1, &(0x7f00000001c0), 0xfffffef3) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x2797ef3f}], 0x1, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) readv(r2, &(0x7f0000001280)=[{&(0x7f0000000040)=""/4083, 0xff3}, {&(0x7f0000003580)=""/4096, 0x1000}], 0xa5) 03:59:14 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff9000/0x4000)=nil, 0x4000}, 0x1}) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r2, &(0x7f0000000400)=""/100, 0x64) 03:59:14 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x141, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x375, 0x0) 03:59:15 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x80000001}, 0x0, 0x20}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 03:59:15 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x3, 0xc, 0x6000000, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "e5"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) 03:59:15 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x141, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x375, 0x0) 03:59:15 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) 03:59:15 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x3, 0xc, 0x6000000, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "e5"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) 03:59:15 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x80000001}, 0x0, 0x20}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 03:59:15 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) 03:59:17 executing program 5: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:17 executing program 3: pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) fstat(r1, &(0x7f0000001080)) write(r1, &(0x7f00000001c0), 0xfffffef3) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x2797ef3f}], 0x1, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) readv(r2, &(0x7f0000001280)=[{&(0x7f0000000040)=""/4083, 0xff3}, {&(0x7f0000003580)=""/4096, 0x1000}], 0xa5) 03:59:17 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x3, 0xc, 0x6000000, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "e5"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) 03:59:17 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) 03:59:17 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x141, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x375, 0x0) 03:59:17 executing program 2: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x89f5, &(0x7f0000000080)={'sit0\x00', @ifru_flags}) 03:59:18 executing program 2: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:18 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) creat(&(0x7f0000000000)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) close(r1) r2 = socket$netlink(0x10, 0x3, 0xa) connect$netlink(r2, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x14800008}, 0xc) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0x0) ftruncate(r4, 0x208200) sendfile(r1, r3, 0x0, 0x8000fffffffe) 03:59:18 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) [ 2800.485112][ T27] audit: type=1804 audit(2000001558.274:781): pid=4187 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir853053377/syzkaller.1lJb67/1475/bus" dev="sda1" ino=17549 res=1 [ 2800.517152][ C1] net_ratelimit: 23 callbacks suppressed [ 2800.517164][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2800.528778][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:18 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r2, 0x29, 0x1000000000003e, &(0x7f0000534000), &(0x7f0000000040)=0x4) [ 2800.583120][ T27] audit: type=1804 audit(2000001558.334:782): pid=4190 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir853053377/syzkaller.1lJb67/1475/bus" dev="sda1" ino=17549 res=1 03:59:18 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x141, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x375, 0x0) [ 2800.758612][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2800.766722][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:18 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r2, 0x29, 0x1000000000003e, &(0x7f0000534000), &(0x7f0000000040)=0x4) [ 2801.246216][ T27] audit: type=1804 audit(2000001559.034:783): pid=4300 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir853053377/syzkaller.1lJb67/1475/bus" dev="sda1" ino=17549 res=1 [ 2801.637212][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2801.643193][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2802.117138][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2802.123101][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2802.277132][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2802.283592][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:20 executing program 5: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:20 executing program 1: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:20 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0xd, &(0x7f00000001c0)=0x0) connect$can_bcm(r0, &(0x7f0000000140), 0x10) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0600000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000000000002000000", 0x38}]) 03:59:20 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r2, 0x29, 0x1000000000003e, &(0x7f0000534000), &(0x7f0000000040)=0x4) 03:59:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) 03:59:20 executing program 2: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:21 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r2, 0x29, 0x1000000000003e, &(0x7f0000534000), &(0x7f0000000040)=0x4) 03:59:21 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0xd, &(0x7f00000001c0)=0x0) connect$can_bcm(r0, &(0x7f0000000140), 0x10) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0600000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000000000002000000", 0x38}]) 03:59:21 executing program 1: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:21 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0xd, &(0x7f00000001c0)=0x0) connect$can_bcm(r0, &(0x7f0000000140), 0x10) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0600000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000000000002000000", 0x38}]) 03:59:21 executing program 0: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) [ 2805.797202][ C1] net_ratelimit: 18 callbacks suppressed [ 2805.797213][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2805.810926][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:23 executing program 5: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:23 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0xd, &(0x7f00000001c0)=0x0) connect$can_bcm(r0, &(0x7f0000000140), 0x10) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0600000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000000000002000000", 0x38}]) 03:59:23 executing program 0: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:23 executing program 1: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:23 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) [ 2806.277135][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2806.283100][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2806.438477][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2806.446586][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2806.454783][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2806.461648][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:24 executing program 2: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) dup2(r2, r1) recvmmsg(r0, &(0x7f00000038c0), 0x3fffffffffffdf5, 0x62, 0x0) 03:59:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) 03:59:24 executing program 1: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:24 executing program 0: socket$alg(0x26, 0x5, 0x0) mremap(&(0x7f00002be000/0x3000)=nil, 0x3000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f000050f000/0x1000)=nil, 0x1000) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) socket(0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000240), 0x0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000440), &(0x7f0000000200)}, 0x12e) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffce9, 0x45, 0x0, 0x0) shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000) 03:59:24 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) [ 2806.757099][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2806.763030][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:24 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x3, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:24 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000000)=0x5, 0x4) 03:59:26 executing program 5: pipe(&(0x7f00000000c0)) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2) gettid() perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b40)=[{{&(0x7f0000000400)={0xa, 0x4e22, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x26}}}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') getdents64(r2, &(0x7f0000000140)=""/4096, 0x1000) gettid() write$binfmt_elf64(r1, &(0x7f0000000380)=ANY=[], 0x0) fallocate(r1, 0x3, 0x0, 0x8020003) statfs(&(0x7f0000001140)='./bus\x00', 0x0) 03:59:26 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x3, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:26 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000000)=0x5, 0x4) 03:59:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) 03:59:26 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="130000003200e3ef475a6800"/24], 0x18}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) 03:59:27 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="130000003200e3ef475a6800"/24], 0x18}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) 03:59:27 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x56d, 0x0, 0x101, 0x3, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="0d91db20d29b", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680)) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r3, 0x6, 0x4, 0x0, 0x4, 0x21d7, 0x0, 0xfffffffb, {r4, @in={{0x2, 0x4e23, @broadcast}}, 0x40, 0x7, 0x0, 0x0, 0x1f}}, &(0x7f0000000240)=0xb0) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x839}, 0x8) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) 03:59:27 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x3, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:27 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000000)=0x5, 0x4) 03:59:27 executing program 5: pipe(&(0x7f00000000c0)) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2) gettid() perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b40)=[{{&(0x7f0000000400)={0xa, 0x4e22, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x26}}}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') getdents64(r2, &(0x7f0000000140)=""/4096, 0x1000) gettid() write$binfmt_elf64(r1, &(0x7f0000000380)=ANY=[], 0x0) fallocate(r1, 0x3, 0x0, 0x8020003) statfs(&(0x7f0000001140)='./bus\x00', 0x0) 03:59:27 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ff9000/0x3000)=nil) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x6000) mremap(&(0x7f0000ff4000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 03:59:27 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000000)=0x5, 0x4) 03:59:27 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ff9000/0x3000)=nil) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x6000) mremap(&(0x7f0000ff4000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 03:59:27 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x3, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 03:59:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000003c0)={0x0, 0x1000, 0x1000}, 0x18) 03:59:28 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ff9000/0x3000)=nil) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x6000) mremap(&(0x7f0000ff4000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 03:59:28 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "83d98e", 0x10, 0x11, 0x0, @remote, @ipv4={[], [], @multicast1}, {[], @icmpv6=@ni}}}}}, 0x0) 03:59:28 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="130000003200e3ef475a6800"/24], 0x18}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) 03:59:28 executing program 0: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) close(r0) r1 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xafd4, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 03:59:28 executing program 5: pipe(&(0x7f00000000c0)) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2) gettid() perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b40)=[{{&(0x7f0000000400)={0xa, 0x4e22, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x26}}}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') getdents64(r2, &(0x7f0000000140)=""/4096, 0x1000) gettid() write$binfmt_elf64(r1, &(0x7f0000000380)=ANY=[], 0x0) fallocate(r1, 0x3, 0x0, 0x8020003) statfs(&(0x7f0000001140)='./bus\x00', 0x0) 03:59:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) openat$zero(0xffffffffffffff9c, 0x0, 0x200, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) semctl$IPC_RMID(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x5) ftruncate(r1, 0x1000000) socket$isdn_base(0x22, 0x3, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) 03:59:28 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ff9000/0x3000)=nil) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x6000) mremap(&(0x7f0000ff4000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 03:59:28 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "83d98e", 0x10, 0x11, 0x0, @remote, @ipv4={[], [], @multicast1}, {[], @icmpv6=@ni}}}}}, 0x0) 03:59:28 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x100000000000001, 0x84) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x50, 0x0, &(0x7f0000000000)=0x60a2e13a) 03:59:28 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "83d98e", 0x10, 0x11, 0x0, @remote, @ipv4={[], [], @multicast1}, {[], @icmpv6=@ni}}}}}, 0x0) 03:59:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) openat$zero(0xffffffffffffff9c, 0x0, 0x200, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) semctl$IPC_RMID(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x5) ftruncate(r1, 0x1000000) socket$isdn_base(0x22, 0x3, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) [ 2810.917077][ C1] net_ratelimit: 22 callbacks suppressed [ 2810.917088][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2810.928711][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:28 executing program 5: pipe(&(0x7f00000000c0)) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0xb2) gettid() perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1ee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b40)=[{{&(0x7f0000000400)={0xa, 0x4e22, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x26}}}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') getdents64(r2, &(0x7f0000000140)=""/4096, 0x1000) gettid() write$binfmt_elf64(r1, &(0x7f0000000380)=ANY=[], 0x0) fallocate(r1, 0x3, 0x0, 0x8020003) statfs(&(0x7f0000001140)='./bus\x00', 0x0) 03:59:28 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x100000000000001, 0x84) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x50, 0x0, &(0x7f0000000000)=0x60a2e13a) 03:59:28 executing program 3: syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "83d98e", 0x10, 0x11, 0x0, @remote, @ipv4={[], [], @multicast1}, {[], @icmpv6=@ni}}}}}, 0x0) [ 2811.167212][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2811.173206][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:29 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="130000003200e3ef475a6800"/24], 0x18}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) 03:59:29 executing program 0: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) close(r0) r1 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xafd4, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 03:59:29 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0xc, 0x16, [{0x8, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 03:59:29 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x100000000000001, 0x84) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x50, 0x0, &(0x7f0000000000)=0x60a2e13a) 03:59:29 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) [ 2811.587574][ T5009] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready 03:59:29 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x100000000000001, 0x84) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x50, 0x0, &(0x7f0000000000)=0x60a2e13a) [ 2811.649935][ T5009] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2811.728325][ T5014] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 2811.768117][ T5014] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. 03:59:29 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x8447, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000140)={0x980913}) 03:59:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) openat$zero(0xffffffffffffff9c, 0x0, 0x200, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) semctl$IPC_RMID(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x5) ftruncate(r1, 0x1000000) socket$isdn_base(0x22, 0x3, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) 03:59:29 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0xc, 0x16, [{0x8, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 03:59:29 executing program 2: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) [ 2812.037116][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2812.043161][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:29 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:29 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x8447, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000140)={0x980913}) [ 2812.145393][ T5026] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 2812.220439][ T27] audit: type=1800 audit(2000001570.014:784): pid=5035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16710 res=0 [ 2812.247528][ T5026] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2812.310403][ T27] audit: type=1804 audit(2000001570.104:785): pid=5035 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir459764387/syzkaller.vbiJLI/30/file0" dev="sda1" ino=16710 res=1 03:59:30 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x8447, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000140)={0x980913}) 03:59:30 executing program 0: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) close(r0) r1 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xafd4, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 03:59:30 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0xc, 0x16, [{0x8, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 03:59:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) openat$zero(0xffffffffffffff9c, 0x0, 0x200, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) semctl$IPC_RMID(0x0, 0x0, 0x0) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x5) ftruncate(r1, 0x1000000) socket$isdn_base(0x22, 0x3, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) 03:59:30 executing program 2: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) [ 2812.537191][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2812.708107][ T5052] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 2812.735403][ T27] audit: type=1800 audit(2000001570.524:786): pid=5055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16734 res=0 03:59:30 executing program 4: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x8447, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000140)={0x980913}) 03:59:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) [ 2812.812884][ T27] audit: type=1804 audit(2000001570.604:787): pid=5055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir459764387/syzkaller.vbiJLI/31/file0" dev="sda1" ino=16734 res=1 03:59:30 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0xc, 0x16, [{0x8, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 03:59:30 executing program 1: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) 03:59:30 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) [ 2813.121588][ T5063] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 2813.189171][ T27] audit: type=1800 audit(2000001570.984:788): pid=5067 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16524 res=0 [ 2813.312429][ T27] audit: type=1804 audit(2000001571.104:789): pid=5067 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir469040009/syzkaller.9EDI4O/182/file0" dev="sda1" ino=16524 res=1 03:59:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:31 executing program 0: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) close(r0) r1 = syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xafd4, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 03:59:31 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:31 executing program 2: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) [ 2814.002556][ T27] audit: type=1800 audit(2000001571.794:790): pid=5087 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16881 res=0 03:59:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) [ 2814.113899][ T27] audit: type=1804 audit(2000001571.904:791): pid=5087 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir459764387/syzkaller.vbiJLI/32/file0" dev="sda1" ino=16881 res=1 03:59:32 executing program 1: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) 03:59:32 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) [ 2814.381329][ T27] audit: type=1800 audit(2000001572.174:792): pid=5095 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16666 res=0 03:59:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:32 executing program 0: r0 = socket$kcm(0x2b, 0x8000000000001, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001b40)=ANY=[@ANYBLOB="850000000700000025000000000000009500000000000000a579753dec29fe276240f076750753bc7b952ab5ad939c40c5f89f8b5c13a24800a26b3c68cea54994e702d609331ab3c70aa6b030ed69efddccd23e793e8287051d4f5fef499e2a4ce758601229b94574e7825441222e81748b4ee09cc6fa47ef6943a143669ef5fc545ab790ef72fd2ca305f386142d7835f213e72c7002a21731859eba975d4a1809acbc7b716c41ef6bac34d0c99d62456cc766be4825548e08587866d70b991d746067c73f47457a8713e7b70a85bbdb078320"], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0xfd39, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0x0) syz_mount_image$iso9660(&(0x7f0000000100)='iso9660\x00', 0x0, 0x0, 0x0, 0x0, 0xe205, 0x0) [ 2814.526318][ T27] audit: type=1804 audit(2000001572.284:793): pid=5095 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir469040009/syzkaller.9EDI4O/183/file0" dev="sda1" ino=16666 res=1 03:59:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:32 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:32 executing program 2: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) 03:59:33 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x1}}]}}, &(0x7f00000002c0)=""/178, 0x32, 0xb2, 0x1}, 0x20) 03:59:33 executing program 0: socket$inet6(0xa, 0x400000000001, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x13102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fstat(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, 0x0) timer_create(0x0, 0x0, 0x0) kexec_load(0x0, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) open(0x0, 0x0, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, 0xffffffffffffffff, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0x0) open(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) bind$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x4e21, @dev}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0)=[@timestamp, @sack_perm, @sack_perm], 0x3) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x40000007ffe, 0x80000000}, 0x14) shutdown(r0, 0x1) 03:59:33 executing program 1: r0 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x8}, 0x8) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000000)=@get={0x1, &(0x7f0000000080)=""/73, 0x80}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r0, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) socketpair(0x1e, 0x0, 0x0, 0x0) sendfile(r0, r2, 0x0, 0x10000) 03:59:33 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x1}}]}}, &(0x7f00000002c0)=""/178, 0x32, 0xb2, 0x1}, 0x20) 03:59:33 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc2822, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x1, 0x0) r3 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000000c0)='./file0\x00') mkdirat(r3, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self//exe\x00', 0x3, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00') setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000180)="3e16dadafe262c00ab63aaabf7fba5e6687dcb6f16efb36a24d99cc0eded9ae5f9a608b8a823853796816f8f43e442c9d9cec37db463aa0746cc23d3e635a1e830c89c05eb41ab0e234c28f586ee86bd4a2687e4eeadfe01f97c4c2f221d720e7593966dad4c7b81fc41bebcb66ba63d91d4e5e0410cb95a0ddc422ea163fb36c275da20556a77c7793f4d1002477d3c11fe49c3d45b8fe3509b24b962e641a76fa5dbef428796c1c709406ae1c6", 0xae) ftruncate(0xffffffffffffffff, 0x200004) 03:59:33 executing program 3: mknod(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_tcp(&(0x7f0000000040)='127.0.0.1\x00', &(0x7f0000000080)='./bus\x00', &(0x7f0000000000)='9p\x00', 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x4) [ 2815.755973][ T5335] 9pnet_virtio: no channels available for device 127.0.0.1 03:59:33 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x1}}]}}, &(0x7f00000002c0)=""/178, 0x32, 0xb2, 0x1}, 0x20) [ 2815.846355][ T5338] 9pnet_virtio: no channels available for device 127.0.0.1 03:59:33 executing program 3: mknod(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_tcp(&(0x7f0000000040)='127.0.0.1\x00', &(0x7f0000000080)='./bus\x00', &(0x7f0000000000)='9p\x00', 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x4) 03:59:33 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x1}}]}}, &(0x7f00000002c0)=""/178, 0x32, 0xb2, 0x1}, 0x20) 03:59:33 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) getresuid(0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYPTR64], 0xff39) write$cgroup_pid(r1, &(0x7f0000000000), 0x10000000d) 03:59:34 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10) bind$x25(r1, &(0x7f0000000480)={0x9, @remote={[], 0x3}}, 0x12) [ 2816.197094][ C1] net_ratelimit: 23 callbacks suppressed [ 2816.197105][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2816.202876][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2816.214323][ T5344] 9pnet_virtio: no channels available for device 127.0.0.1 03:59:34 executing program 3: mknod(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_tcp(&(0x7f0000000040)='127.0.0.1\x00', &(0x7f0000000080)='./bus\x00', &(0x7f0000000000)='9p\x00', 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x4) 03:59:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e0000002c008151e00f80ecdb4cb904014865160b00014109410000000a00180e0006001500cd5edc2976d153b4", 0x2e}], 0x1}, 0x0) 03:59:34 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) setsockopt$inet6_tcp_buf(r3, 0x6, 0x1f, &(0x7f0000000140)="8f", 0xfe1d) [ 2816.617863][ T5358] 9pnet_virtio: no channels available for device 127.0.0.1 03:59:34 executing program 3: mknod(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_tcp(&(0x7f0000000040)='127.0.0.1\x00', &(0x7f0000000080)='./bus\x00', &(0x7f0000000000)='9p\x00', 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x4) 03:59:34 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10) bind$x25(r1, &(0x7f0000000480)={0x9, @remote={[], 0x3}}, 0x12) 03:59:34 executing program 1: epoll_create1(0x40000) [ 2816.677176][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2816.683159][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2816.797640][ T5398] 9pnet_virtio: no channels available for device 127.0.0.1 [ 2816.837139][ C0] protocol 88fb is buggy, dev hsr_slave_0 03:59:34 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x2, 0x80002, 0x0) setsockopt$inet_int(r2, 0x0, 0xb, &(0x7f0000000600)=0xdb, 0x4) sendto$inet(r2, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e1e}, 0x10) recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x2001) 03:59:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e0000002c008151e00f80ecdb4cb904014865160b00014109410000000a00180e0006001500cd5edc2976d153b4", 0x2e}], 0x1}, 0x0) [ 2816.844492][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2816.850552][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2816.856507][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:34 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) setsockopt$inet6_tcp_buf(r3, 0x6, 0x1f, &(0x7f0000000140)="8f", 0xfe1d) 03:59:34 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10) bind$x25(r1, &(0x7f0000000480)={0x9, @remote={[], 0x3}}, 0x12) [ 2817.157150][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2817.163078][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:35 executing program 5: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e2) 03:59:35 executing program 1: epoll_create1(0x40000) 03:59:35 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e0000002c008151e00f80ecdb4cb904014865160b00014109410000000a00180e0006001500cd5edc2976d153b4", 0x2e}], 0x1}, 0x0) 03:59:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) setsockopt$inet6_tcp_buf(r3, 0x6, 0x1f, &(0x7f0000000140)="8f", 0xfe1d) 03:59:35 executing program 3: mmap(&(0x7f0000600000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, 0x0, 0x100000000) 03:59:35 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10) bind$x25(r1, &(0x7f0000000480)={0x9, @remote={[], 0x3}}, 0x12) 03:59:35 executing program 1: epoll_create1(0x40000) 03:59:35 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e0000002c008151e00f80ecdb4cb904014865160b00014109410000000a00180e0006001500cd5edc2976d153b4", 0x2e}], 0x1}, 0x0) 03:59:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) setsockopt$inet6_tcp_buf(r3, 0x6, 0x1f, &(0x7f0000000140)="8f", 0xfe1d) 03:59:35 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, 0x0) 03:59:35 executing program 5: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e2) 03:59:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) 03:59:35 executing program 1: epoll_create1(0x40000) 03:59:35 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="38f37fdba0404b9d85183c92996b4514f0fb"], 0x0, 0x12}, 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:59:35 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000180)) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000040)=@nullb='[c::],0::6:\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='ceph\x00', 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r0, 0x1002000000013) 03:59:35 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, 0x0) 03:59:35 executing program 5: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e2) 03:59:35 executing program 1: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x11, 0x6c}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0xcf, &(0x7f0000000480)=""/207}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0xffffffffa0008000, 0xe, 0x0, &(0x7f0000000200)="fbbe22cf104c948f665e6007769d", 0x0, 0x2b1}, 0x28) 03:59:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) 03:59:35 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, 0x0) [ 2818.089523][ T6468] libceph: connect (1)[c::]:6789 error -101 [ 2818.096475][ T6468] libceph: mon0 (1)[c::]:6789 connect error 03:59:35 executing program 5: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e2) 03:59:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) [ 2818.145799][ T6468] libceph: connect (1)[c::]:6789 error -101 [ 2818.181561][ T6468] libceph: mon0 (1)[c::]:6789 connect error 03:59:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) 03:59:36 executing program 2: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, 0x0) 03:59:36 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x20, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x18}], 0xd9) 03:59:36 executing program 1: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x11, 0x6c}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0xcf, &(0x7f0000000480)=""/207}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0xffffffffa0008000, 0xe, 0x0, &(0x7f0000000200)="fbbe22cf104c948f665e6007769d", 0x0, 0x2b1}, 0x28) 03:59:36 executing program 5: mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000abaff9), 0x509bdd10290302ef) 03:59:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="240000001a0007041dfffd946f610500020000e8fe02000000010800080004000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) 03:59:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) 03:59:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) 03:59:36 executing program 1: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x11, 0x6c}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0xcf, &(0x7f0000000480)=""/207}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0xffffffffa0008000, 0xe, 0x0, &(0x7f0000000200)="fbbe22cf104c948f665e6007769d", 0x0, 0x2b1}, 0x28) 03:59:36 executing program 5: mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000abaff9), 0x509bdd10290302ef) 03:59:36 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x20, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x18}], 0xd9) [ 2818.880974][ T5686] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 03:59:36 executing program 5: mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000abaff9), 0x509bdd10290302ef) 03:59:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000700)="318533735b5bae", 0x7}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000002c0)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x4000000000000ac, 0x43, 0x0) 03:59:36 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x20, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x18}], 0xd9) 03:59:36 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 03:59:36 executing program 1: perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x11, 0x6c}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0xcf, &(0x7f0000000480)=""/207}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0xffffffffa0008000, 0xe, 0x0, &(0x7f0000000200)="fbbe22cf104c948f665e6007769d", 0x0, 0x2b1}, 0x28) 03:59:37 executing program 5: mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000abaff9), 0x509bdd10290302ef) 03:59:37 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003400)=[{{&(0x7f0000000500)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) sendmmsg$inet6(r0, &(0x7f0000003580)=[{{0x0, 0x394, 0x0}}, {{&(0x7f0000000f00)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001040)=[@dstopts_2292={{0x11}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x0, 0x20000071}}}], 0x30}}], 0x2, 0x0) 03:59:37 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x20, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x77359400}, 0x4, 0x18}], 0xd9) 03:59:37 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) dup2(r2, r0) 03:59:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="240000001a0007041dfffd946f610500020000e8fe02000000010800080004000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) 03:59:37 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0x29, 0x0, &(0x7f0000000100)="b901000000040000099e40f089061fffffe100004000638877fbac141414e0000001be3e7d2a182fff", 0x0, 0x100, 0x6000000000000000}, 0x28) [ 2819.692376][ T5724] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 03:59:37 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 03:59:37 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) dup2(r2, r0) 03:59:37 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003400)=[{{&(0x7f0000000500)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) sendmmsg$inet6(r0, &(0x7f0000003580)=[{{0x0, 0x394, 0x0}}, {{&(0x7f0000000f00)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001040)=[@dstopts_2292={{0x11}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x0, 0x20000071}}}], 0x30}}], 0x2, 0x0) 03:59:37 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0x29, 0x0, &(0x7f0000000100)="b901000000040000099e40f089061fffffe100004000638877fbac141414e0000001be3e7d2a182fff", 0x0, 0x100, 0x6000000000000000}, 0x28) [ 2819.896036][ T5740] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 03:59:37 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000300000000020000000200000000000000000000000000000100000f0a405b0000000084bebdfc0c2bf047235b42c39f058bb70b96a92594acaa05767bf844101ff5f0fc49f008efc2d90500131bbd9803e074d550e32dbc3aabbc966e4290804e9978cfc8a301c7f1c758e66b65194b4a69ff4e1b2986c36dafcf673011c14eecb82aa42fee6a054e9cb8b3f0ae26dcee062fa5f31cef142369"], &(0x7f0000000100)=""/213, 0x42, 0x288, 0xfffffffffffffffd}, 0x20) 03:59:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="240000001a0007041dfffd946f610500020000e8fe02000000010800080004000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) 03:59:38 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003400)=[{{&(0x7f0000000500)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) sendmmsg$inet6(r0, &(0x7f0000003580)=[{{0x0, 0x394, 0x0}}, {{&(0x7f0000000f00)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001040)=[@dstopts_2292={{0x11}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x0, 0x20000071}}}], 0x30}}], 0x2, 0x0) 03:59:38 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) dup2(r2, r0) 03:59:38 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000300000000020000000200000000000000000000000000000100000f0a405b0000000084bebdfc0c2bf047235b42c39f058bb70b96a92594acaa05767bf844101ff5f0fc49f008efc2d90500131bbd9803e074d550e32dbc3aabbc966e4290804e9978cfc8a301c7f1c758e66b65194b4a69ff4e1b2986c36dafcf673011c14eecb82aa42fee6a054e9cb8b3f0ae26dcee062fa5f31cef142369"], &(0x7f0000000100)=""/213, 0x42, 0x288, 0xfffffffffffffffd}, 0x20) 03:59:38 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) [ 2820.337839][ T5760] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 03:59:38 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000300000000020000000200000000000000000000000000000100000f0a405b0000000084bebdfc0c2bf047235b42c39f058bb70b96a92594acaa05767bf844101ff5f0fc49f008efc2d90500131bbd9803e074d550e32dbc3aabbc966e4290804e9978cfc8a301c7f1c758e66b65194b4a69ff4e1b2986c36dafcf673011c14eecb82aa42fee6a054e9cb8b3f0ae26dcee062fa5f31cef142369"], &(0x7f0000000100)=""/213, 0x42, 0x288, 0xfffffffffffffffd}, 0x20) 03:59:38 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) dup2(r2, r0) 03:59:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="240000001a0007041dfffd946f610500020000e8fe02000000010800080004000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) 03:59:38 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003400)=[{{&(0x7f0000000500)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) sendmmsg$inet6(r0, &(0x7f0000003580)=[{{0x0, 0x394, 0x0}}, {{&(0x7f0000000f00)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001040)=[@dstopts_2292={{0x11}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x0, 0x20000071}}}], 0x30}}], 0x2, 0x0) 03:59:38 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000300000000020000000200000000000000000000000000000100000f0a405b0000000084bebdfc0c2bf047235b42c39f058bb70b96a92594acaa05767bf844101ff5f0fc49f008efc2d90500131bbd9803e074d550e32dbc3aabbc966e4290804e9978cfc8a301c7f1c758e66b65194b4a69ff4e1b2986c36dafcf673011c14eecb82aa42fee6a054e9cb8b3f0ae26dcee062fa5f31cef142369"], &(0x7f0000000100)=""/213, 0x42, 0x288, 0xfffffffffffffffd}, 0x20) [ 2820.744883][ T5781] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 03:59:38 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0x29, 0x0, &(0x7f0000000100)="b901000000040000099e40f089061fffffe100004000638877fbac141414e0000001be3e7d2a182fff", 0x0, 0x100, 0x6000000000000000}, 0x28) 03:59:38 executing program 1: r0 = socket$inet(0x10, 0x3, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000000240)="4c0000001200ff09fffefd956fa283b724a6000000000700000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) 03:59:38 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 03:59:38 executing program 4: r0 = socket$nl_crypto(0x10, 0x3, 0x15) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_crypto(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@upd={0xe0, 0x10, 0x690ee9b7eac96925, 0x0, 0x0, {{'drbg-pr_sha1(-(\x00'}}}, 0xe0}}, 0x0) 03:59:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, 0x0) io_setup(0x4, &(0x7f0000000500)=0x0) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) dup2(0xffffffffffffffff, 0xffffffffffffffff) io_submit(0x0, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x12f}]) io_pgetevents(r0, 0x4, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x1c9c380}, &(0x7f00000004c0)={&(0x7f0000000340)={0x8}, 0x8}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 03:59:38 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000340)) 03:59:38 executing program 1: r0 = socket$inet(0x10, 0x3, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000000240)="4c0000001200ff09fffefd956fa283b724a6000000000700000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) 03:59:39 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x11}, 0x6}, 0x1c) 03:59:39 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000002780)={'gre0\x00', 0x1ff}) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'gre0\x00', 0x5d51}) [ 2821.317103][ C1] net_ratelimit: 22 callbacks suppressed [ 2821.317115][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2821.329477][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:39 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000540)="5500000019007f5300fe01b2a4a280930a60ffff00a84302910000003900090008000c00062504f3180015e005000600000000dc1320d54407000000000000004170011400000000000000000000000000fd000000", 0x55}], 0x1}, 0x0) r0 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492191, 0x0) 03:59:39 executing program 1: r0 = socket$inet(0x10, 0x3, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000000240)="4c0000001200ff09fffefd956fa283b724a6000000000700000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) 03:59:39 executing program 4: r0 = socket$nl_crypto(0x10, 0x3, 0x15) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_crypto(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@upd={0xe0, 0x10, 0x690ee9b7eac96925, 0x0, 0x0, {{'drbg-pr_sha1(-(\x00'}}}, 0xe0}}, 0x0) [ 2821.558270][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2821.564350][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:39 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0x29, 0x0, &(0x7f0000000100)="b901000000040000099e40f089061fffffe100004000638877fbac141414e0000001be3e7d2a182fff", 0x0, 0x100, 0x6000000000000000}, 0x28) 03:59:39 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000002780)={'gre0\x00', 0x1ff}) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'gre0\x00', 0x5d51}) 03:59:39 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x24, 0x4f, 0x7}, 0x24}}, 0x0) 03:59:39 executing program 1: r0 = socket$inet(0x10, 0x3, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000000240)="4c0000001200ff09fffefd956fa283b724a6000000000700000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) 03:59:39 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000540)="5500000019007f5300fe01b2a4a280930a60ffff00a84302910000003900090008000c00062504f3180015e005000600000000dc1320d54407000000000000004170011400000000000000000000000000fd000000", 0x55}], 0x1}, 0x0) r0 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492191, 0x0) 03:59:39 executing program 4: r0 = socket$nl_crypto(0x10, 0x3, 0x15) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_crypto(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@upd={0xe0, 0x10, 0x690ee9b7eac96925, 0x0, 0x0, {{'drbg-pr_sha1(-(\x00'}}}, 0xe0}}, 0x0) [ 2822.184525][ T5951] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 03:59:40 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000540)="5500000019007f5300fe01b2a4a280930a60ffff00a84302910000003900090008000c00062504f3180015e005000600000000dc1320d54407000000000000004170011400000000000000000000000000fd000000", 0x55}], 0x1}, 0x0) r0 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492191, 0x0) 03:59:40 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000002780)={'gre0\x00', 0x1ff}) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'gre0\x00', 0x5d51}) 03:59:40 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x24, 0x4f, 0x7}, 0x24}}, 0x0) 03:59:40 executing program 1: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x2172, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000100)="f7", 0xfffffe96}], 0x1, 0x0) 03:59:40 executing program 4: r0 = socket$nl_crypto(0x10, 0x3, 0x15) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_crypto(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@upd={0xe0, 0x10, 0x690ee9b7eac96925, 0x0, 0x0, {{'drbg-pr_sha1(-(\x00'}}}, 0xe0}}, 0x0) [ 2822.437167][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2822.443043][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2822.462412][ T5964] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 03:59:40 executing program 1: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x2172, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000100)="f7", 0xfffffe96}], 0x1, 0x0) 03:59:40 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000540)="5500000019007f5300fe01b2a4a280930a60ffff00a84302910000003900090008000c00062504f3180015e005000600000000dc1320d54407000000000000004170011400000000000000000000000000fd000000", 0x55}], 0x1}, 0x0) r0 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492191, 0x0) 03:59:40 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x24, 0x4f, 0x7}, 0x24}}, 0x0) 03:59:40 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000002780)={'gre0\x00', 0x1ff}) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'gre0\x00', 0x5d51}) 03:59:40 executing program 1: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x2172, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000100)="f7", 0xfffffe96}], 0x1, 0x0) 03:59:40 executing program 5: shmget(0x2, 0x3000, 0x78000a08, &(0x7f0000ffa000/0x3000)=nil) 03:59:40 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) socket$inet_udp(0x2, 0x2, 0x0) openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) creat(0x0, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) pivot_root(0x0, 0x0) sendmsg$sock(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="7c6fb0dc0309a2df8c18528d2cae40adb0b859d0337de4f864f1e0ed70880f33c190ac91a5cb4864a7a3d43038e5a6be9964d70791f57198e54d8aa884dce5a00c480222160b6e643c93caeee185cf737f8eb5737be2dbeb7df2d468088a8b8e5b8eb73a08bbccc04d9c2551075588b550b9ccd992bb0f06367f38efcaddfbc65a7bdad416d07006138ba99dd6bb25a5f12fe026560ad6dd25522225c334934788f3", 0xa2}], 0x1}, 0x4004045) splice(r3, 0x0, r2, 0x0, 0x60000, 0x0) [ 2822.879615][ T5984] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2822.917922][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2822.923801][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:40 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x24, 0x4f, 0x7}, 0x24}}, 0x0) 03:59:40 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64fa436460234432479aed75d492b41fd983f79e65199615607672c59957ab35f4ad614fd33cebbc150bb2b03b5b2461179f5000bba001b5080da6218a8106df2858ec973328e5a2c078a3fe35ee74e82ba80a0fa881e689f7615baf78f08ea33bcb860d6a0b61193d4a1cb622431d42fee5e9153fdfe5cb19ff15d6d891a92efa823a3c231ea82fdf0e7fcf567bf50600a243422daa960ab9f4b41d535a4e723362f56de8c859fa668b046005fc1e44e4e4b79669fe7127f77c26d987b2f430203237cc8bbd036be5e23eb4b3d4e3d5bfe025b413ce4fd56f7ec78071f58e2979f98979a9013af6dae8eaf503d87", 0x119}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 03:59:40 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCG_STATS(r0, 0x9208, &(0x7f0000000100)) 03:59:40 executing program 5: shmget(0x2, 0x3000, 0x78000a08, &(0x7f0000ffa000/0x3000)=nil) [ 2823.077163][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2823.083171][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:40 executing program 1: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x2172, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000100)="f7", 0xfffffe96}], 0x1, 0x0) [ 2823.207732][ T6006] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 03:59:41 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCG_STATS(r0, 0x9208, &(0x7f0000000100)) 03:59:41 executing program 3: syz_mount_image$jfs(&(0x7f0000000080)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={[{@resize='resize'}]}) 03:59:41 executing program 5: shmget(0x2, 0x3000, 0x78000a08, &(0x7f0000ffa000/0x3000)=nil) 03:59:41 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f00000011c0)='\x00\x00\x10\x80\x00\x00\x80\x00\x00') 03:59:41 executing program 1: syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500), 0xffffff30, 0x0, 0x25, 0x0, 0xfffffffffffffcaf}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x4018) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000480)={0x7, &(0x7f0000000340)=[{0x8001}, {0x85}, {0x6, 0x7}, {0x1ff, 0x401}, {0x3, 0x20}, {0x9}, {0x0, 0x400}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x2}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:59:41 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCG_STATS(r0, 0x9208, &(0x7f0000000100)) 03:59:43 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:43 executing program 5: shmget(0x2, 0x3000, 0x78000a08, &(0x7f0000ffa000/0x3000)=nil) 03:59:43 executing program 3: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000003c0)=ANY=[@ANYBLOB="5600000081a3a51b1c30e8f0ae2ede5285251f147fb8d227c9ef569fb3c792426fda754ab5b82c"], &(0x7f0000000440)=0x1) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000100)={0x0, 0x5fca1324}, 0x8) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_dev$media(0x0, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f000001d000)={0x1, 0x386, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x0, 0x210881) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) io_submit(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) fcntl$dupfd(0xffffffffffffffff, 0x0, r4) getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x18, 0x0, &(0x7f0000004000)) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x2c8, &(0x7f0000000100)={&(0x7f00000001c0)={0x24, 0x23, 0x847, 0x0, 0x0, {0x2804}, [@typed={0x5, 0xb, @str='\x02\xac\x0f\x00me_type\x00'}]}, 0x269}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x8}, @SEG6_ATTR_ALGID={0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xd97}]}, 0x2c}, 0x1, 0x6c}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, 0x0, 0x400, 0x0, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0x14, 0x4, [0x8, 0x44, 0x0, 0x56]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa19bf8ba19fb817}, 0x4000) 03:59:43 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCG_STATS(r0, 0x9208, &(0x7f0000000100)) 03:59:43 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_SUBMITURB(r0, 0xc0185500, &(0x7f00000003c0)=@urb_type_control={0x2, {0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 03:59:43 executing program 1: syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500), 0xffffff30, 0x0, 0x25, 0x0, 0xfffffffffffffcaf}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x4018) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000480)={0x7, &(0x7f0000000340)=[{0x8001}, {0x85}, {0x6, 0x7}, {0x1ff, 0x401}, {0x3, 0x20}, {0x9}, {0x0, 0x400}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x2}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:59:44 executing program 2: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x2007fff) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(0x0, 0x14103e, 0x0) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x1018b, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="f80000001600170300000000000000000000000000000000000000000000000100000000000000000000ffffe00000010400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe880000000000000000000000000001000000006c000000fe880000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/176], 0xf8}}, 0x20000800) 03:59:44 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, 0x0, 0x0) [ 2826.218717][ T6139] cgroup: fork rejected by pids controller in /syz3 03:59:44 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_SUBMITURB(r0, 0xc0185500, &(0x7f00000003c0)=@urb_type_control={0x2, {0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 03:59:44 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000080)) 03:59:44 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:44 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, 0x0, 0x0) 03:59:44 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000080)) 03:59:44 executing program 2: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x2007fff) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(0x0, 0x14103e, 0x0) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x1018b, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="f80000001600170300000000000000000000000000000000000000000000000100000000000000000000ffffe00000010400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe880000000000000000000000000001000000006c000000fe880000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/176], 0xf8}}, 0x20000800) [ 2826.597139][ C1] net_ratelimit: 18 callbacks suppressed [ 2826.597150][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2826.608920][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:44 executing program 1: syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500), 0xffffff30, 0x0, 0x25, 0x0, 0xfffffffffffffcaf}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x4018) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000480)={0x7, &(0x7f0000000340)=[{0x8001}, {0x85}, {0x6, 0x7}, {0x1ff, 0x401}, {0x3, 0x20}, {0x9}, {0x0, 0x400}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x2}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:59:44 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_SUBMITURB(r0, 0xc0185500, &(0x7f00000003c0)=@urb_type_control={0x2, {0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 03:59:44 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000080)) 03:59:44 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, 0x0, 0x0) 03:59:44 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:44 executing program 2: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x2007fff) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(0x0, 0x14103e, 0x0) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x1018b, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="f80000001600170300000000000000000000000000000000000000000000000100000000000000000000ffffe00000010400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe880000000000000000000000000001000000006c000000fe880000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/176], 0xf8}}, 0x20000800) 03:59:44 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000080)) 03:59:44 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_SUBMITURB(r0, 0xc0185500, &(0x7f00000003c0)=@urb_type_control={0x2, {0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 2827.077191][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2827.083384][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:44 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, 0x0, 0x0) 03:59:45 executing program 3: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 2: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x2007fff) creat(0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) open(0x0, 0x14103e, 0x0) read(0xffffffffffffffff, &(0x7f0000000180)=""/19, 0xfffffe47) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x1018b, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="f80000001600170300000000000000000000000000000000000000000000000100000000000000000000ffffe00000010400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe880000000000000000000000000001000000006c000000fe880000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/176], 0xf8}}, 0x20000800) [ 2827.237163][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2827.243246][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2827.249314][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2827.255256][ C0] protocol 88fb is buggy, dev hsr_slave_1 03:59:45 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 1: syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500), 0xffffff30, 0x0, 0x25, 0x0, 0xfffffffffffffcaf}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x4018) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000480)={0x7, &(0x7f0000000340)=[{0x8001}, {0x85}, {0x6, 0x7}, {0x1ff, 0x401}, {0x3, 0x20}, {0x9}, {0x0, 0x400}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x2}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:59:45 executing program 0: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 5: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) [ 2827.557160][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2827.563169][ C1] protocol 88fb is buggy, dev hsr_slave_1 03:59:45 executing program 2: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 3: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 5: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 4: ioctl$USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@dev}, {@in6=@empty, 0x0, 0x33}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0x2}, [@replay_esn_val={0x1c}, @algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x154}}, 0x0) 03:59:45 executing program 0: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:45 executing program 1: r0 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f00004fd000), 0x4) r1 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r1, 0x0, 0xc8, &(0x7f00004fd000), 0x4) 03:59:45 executing program 2: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:46 executing program 3: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:46 executing program 4: ioctl$USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@dev}, {@in6=@empty, 0x0, 0x33}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0x2}, [@replay_esn_val={0x1c}, @algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x154}}, 0x0) 03:59:46 executing program 1: r0 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f00004fd000), 0x4) r1 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r1, 0x0, 0xc8, &(0x7f00004fd000), 0x4) 03:59:46 executing program 0: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:46 executing program 5: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:46 executing program 2: syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) unshare(0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000000000000080000020269a5cdc291e96e7167dd54953f0367afef55c044ab05dc005efe703f176000000"], 0x6}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="08000000010000000000009d7d00"/24], 0x48}}, 0x0) dup2(r0, r1) setns(0xffffffffffffffff, 0x40000000) 03:59:46 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x29, 0x845, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) r0 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r0, &(0x7f0000000080), 0x492492492492751, 0x0) 03:59:46 executing program 4: ioctl$USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@dev}, {@in6=@empty, 0x0, 0x33}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0x2}, [@replay_esn_val={0x1c}, @algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x154}}, 0x0) 03:59:46 executing program 1: r0 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f00004fd000), 0x4) r1 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r1, 0x0, 0xc8, &(0x7f00004fd000), 0x4) 03:59:46 executing program 0: r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$kcm(r0, &(0x7f0000001200)={&(0x7f0000000500)=@nl=@unspec, 0x80, 0x0, 0x0, &(0x7f0000000200)=[{0x10, 0x29}], 0x10}, 0x0) 03:59:46 executing program 5: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000100)={0xc, 0x0, "123a994d"}, 0x0) 03:59:46 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x200, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x8003, &(0x7f0000000300)=0x75f, 0x9) openat$zero(0xffffffffffffff9c, 0x0, 0x200, 0x0) writev(0xffffffffffffffff, &(0x7f0000001800)=[{&(0x7f00000004c0)='\"', 0x1}, {0x0}], 0x2) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = semget$private(0x0, 0x6698701259407afa, 0x0) semctl$IPC_RMID(r1, 0x0, 0x0) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x5) ftruncate(r2, 0x1000000) socket$isdn_base(0x22, 0x3, 0x0) sendfile(r0, r2, &(0x7f00000000c0)=0xf18001, 0xeefffdef) 03:59:46 executing program 4: ioctl$USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@dev}, {@in6=@empty, 0x0, 0x33}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0x2}, [@replay_esn_val={0x1c}, @algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x154}}, 0x0) 03:59:46 executing program 1: r0 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f00004fd000), 0x4) r1 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r1, 0x0, 0xc8, &(0x7f00004fd000), 0x4) 03:59:46 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f0000000200)='gfs2\x00', &(0x7f0000000240)='./file0\x00', 0x2a01, 0x0, 0x0, 0x0, &(0x7f0000000600)={[{@acl='acl'}]}) 03:59:47 executing program 5: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000100)={0xc, 0x0, "123a994d"}, 0x0) 03:59:47 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000280)={0xffffffffffffffff}) read(r2, &(0x7f0000000a40)=""/250, 0xffffff72) r3 = gettid() timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r3, 0x16) 03:59:47 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0xfb, &(0x7f00000003c0)=""/251, 0x0, 0x0, [], 0x0, 0xd}, 0x48) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={r2, r1, 0xd, 0x2}, 0x10) 03:59:47 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x29, 0x845, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) r0 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r0, &(0x7f0000000080), 0x492492492492751, 0x0) 03:59:47 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@deltfilter={0x74, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {0x4}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, @TCA_POLICE_TBF={0x3c}}]}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@deltfilter={0x34, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {}, {0xc}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:59:47 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="f9b936a2e22665"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r3, @ANYBLOB="00000000ffffffff0000000008000100736671004800020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ffffffffffffff00000000000000000000000000000000008769697a8d0b17de6bb3fc89ec4af32bba7573cf1c489aec2786e301d2bd2eed5589862e198942c0eebcc19bb77a02f848525eef6ea4204526183efbd0fae86e9bb7b66b682c8e0bc116bff82909a903d5bfd7527496e606589b4c992f868fc3b8084283dd65bc97e42ff1f27052098bbff2e8941168d53ad0096e368cb1fc43e4b8b83642b10279a36d9b94edb99ab16d2788193a2a20180af6d1962323ee4390746bb12ab9d0fb88a23e9e6bd7ca9ce06091669a3b9ea5365a94aab2a6d2aa00f9797415ae54c323dcf7bf4675658988285ce2b8c42d3f94f67f3c26bec1606822712332e04bfcea84cc29"], 0x74}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x134, 0x2c, 0x701, 0x0, 0x0, {0x0, r3, {0x18}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x104, 0x2, [@TCA_CGROUP_ACT={0x2cd, 0x1, @m_nat={0xd0, 0x0, {{0x1be, 0x1, 'nat\x00'}, {0x2c, 0x2, @TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @loopback}}}, {0x94, 0x6, "69b8c5f3ee26789f8763c2702b1139e5e9cf14cde2ebc2e7948cecdf4c3bab8bc1359b090dc500cd8f1a36bc682c7fb6e065aff0f733a31b494f95f19f92a63d2b61709c51709a648e84d18b45c7f953f0790bfae4be05bc901faea6eb6f20b329d9f833c5cb53060664f86188c57816352b517bc61850e110804ebdd9ebe2b783b13aa9c5e7d81c1a0d18568b"}}}}, @TCA_CGROUP_EMATCHES={0x2c, 0x3, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0xfffffed9}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x134}}, 0x0) 03:59:47 executing program 5: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000100)={0xc, 0x0, "123a994d"}, 0x0) 03:59:47 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0xfb, &(0x7f00000003c0)=""/251, 0x0, 0x0, [], 0x0, 0xd}, 0x48) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={r2, r1, 0xd, 0x2}, 0x10) 03:59:47 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@deltfilter={0x74, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {0x4}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, @TCA_POLICE_TBF={0x3c}}]}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@deltfilter={0x34, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {}, {0xc}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x4}}]}, 0x34}}, 0x0) [ 2829.713730][ T6719] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.0'. 03:59:47 executing program 5: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000100)={0xc, 0x0, "123a994d"}, 0x0) 03:59:47 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0xfb, &(0x7f00000003c0)=""/251, 0x0, 0x0, [], 0x0, 0xd}, 0x48) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={r2, r1, 0xd, 0x2}, 0x10) 03:59:47 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x400455cb, 0x0) 03:59:47 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="f9b936a2e22665"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r3, @ANYBLOB="00000000ffffffff0000000008000100736671004800020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ffffffffffffff00000000000000000000000000000000008769697a8d0b17de6bb3fc89ec4af32bba7573cf1c489aec2786e301d2bd2eed5589862e198942c0eebcc19bb77a02f848525eef6ea4204526183efbd0fae86e9bb7b66b682c8e0bc116bff82909a903d5bfd7527496e606589b4c992f868fc3b8084283dd65bc97e42ff1f27052098bbff2e8941168d53ad0096e368cb1fc43e4b8b83642b10279a36d9b94edb99ab16d2788193a2a20180af6d1962323ee4390746bb12ab9d0fb88a23e9e6bd7ca9ce06091669a3b9ea5365a94aab2a6d2aa00f9797415ae54c323dcf7bf4675658988285ce2b8c42d3f94f67f3c26bec1606822712332e04bfcea84cc29"], 0x74}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x134, 0x2c, 0x701, 0x0, 0x0, {0x0, r3, {0x18}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x104, 0x2, [@TCA_CGROUP_ACT={0x2cd, 0x1, @m_nat={0xd0, 0x0, {{0x1be, 0x1, 'nat\x00'}, {0x2c, 0x2, @TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @loopback}}}, {0x94, 0x6, "69b8c5f3ee26789f8763c2702b1139e5e9cf14cde2ebc2e7948cecdf4c3bab8bc1359b090dc500cd8f1a36bc682c7fb6e065aff0f733a31b494f95f19f92a63d2b61709c51709a648e84d18b45c7f953f0790bfae4be05bc901faea6eb6f20b329d9f833c5cb53060664f86188c57816352b517bc61850e110804ebdd9ebe2b783b13aa9c5e7d81c1a0d18568b"}}}}, @TCA_CGROUP_EMATCHES={0x2c, 0x3, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0xfffffed9}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x134}}, 0x0) [ 2830.208651][T10411] Bluetooth: hci0: sending frame failed (-49) 03:59:48 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000280)={0xffffffffffffffff}) read(r2, &(0x7f0000000a40)=""/250, 0xffffff72) r3 = gettid() timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r3, 0x16) 03:59:48 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@deltfilter={0x74, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {0x4}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, @TCA_POLICE_TBF={0x3c}}]}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@deltfilter={0x34, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {}, {0xc}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:59:48 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x29, 0x845, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) r0 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r0, &(0x7f0000000080), 0x492492492492751, 0x0) 03:59:48 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0xfb, &(0x7f00000003c0)=""/251, 0x0, 0x0, [], 0x0, 0xd}, 0x48) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={r2, r1, 0xd, 0x2}, 0x10) 03:59:48 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="f9b936a2e22665"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r3, @ANYBLOB="00000000ffffffff0000000008000100736671004800020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ffffffffffffff00000000000000000000000000000000008769697a8d0b17de6bb3fc89ec4af32bba7573cf1c489aec2786e301d2bd2eed5589862e198942c0eebcc19bb77a02f848525eef6ea4204526183efbd0fae86e9bb7b66b682c8e0bc116bff82909a903d5bfd7527496e606589b4c992f868fc3b8084283dd65bc97e42ff1f27052098bbff2e8941168d53ad0096e368cb1fc43e4b8b83642b10279a36d9b94edb99ab16d2788193a2a20180af6d1962323ee4390746bb12ab9d0fb88a23e9e6bd7ca9ce06091669a3b9ea5365a94aab2a6d2aa00f9797415ae54c323dcf7bf4675658988285ce2b8c42d3f94f67f3c26bec1606822712332e04bfcea84cc29"], 0x74}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x134, 0x2c, 0x701, 0x0, 0x0, {0x0, r3, {0x18}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x104, 0x2, [@TCA_CGROUP_ACT={0x2cd, 0x1, @m_nat={0xd0, 0x0, {{0x1be, 0x1, 'nat\x00'}, {0x2c, 0x2, @TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @loopback}}}, {0x94, 0x6, "69b8c5f3ee26789f8763c2702b1139e5e9cf14cde2ebc2e7948cecdf4c3bab8bc1359b090dc500cd8f1a36bc682c7fb6e065aff0f733a31b494f95f19f92a63d2b61709c51709a648e84d18b45c7f953f0790bfae4be05bc901faea6eb6f20b329d9f833c5cb53060664f86188c57816352b517bc61850e110804ebdd9ebe2b783b13aa9c5e7d81c1a0d18568b"}}}}, @TCA_CGROUP_EMATCHES={0x2c, 0x3, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0xfffffed9}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x134}}, 0x0) 03:59:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xb02cc1fcd98a9c60}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom$llc(0xffffffffffffffff, 0x0, 0x0, 0x40000020, 0x0, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f0000000140)) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffff1821, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x80000001}, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) umount2(&(0x7f0000000540)='./file0\x00', 0x4) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000400)="2cb61badd77feac65df39e2c79b56accfff8078985305a47544975975b2320747ed889bfe12f1efb7948d568baa45dec4a10b87f5b836aafa5d6f615b7cfa2827df54278561c471e7fb80568ed47c6b9b8292930525677d5d667177d7cb5c77bf8fad50f57d5acda9633942f99bec14d99092469c4b6ed6f2b05963923d457f26603f33733c4cf6ecc403fda9efcbc0c96946971e418c9037e786d9030597adf6c77dbecfbf4ebcace498fac0458e31f2fbb558545401cb58ba8447afa3432648f852d9be45c35ca8c1007b12699f457ef", 0xd1) 03:59:48 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@deltfilter={0x74, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {0x4}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, @TCA_POLICE_TBF={0x3c}}]}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@deltfilter={0x34, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {}, {0xc}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x4}}]}, 0x34}}, 0x0) 03:59:48 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="f9b936a2e22665"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r3, @ANYBLOB="00000000ffffffff0000000008000100736671004800020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ffffffffffffff00000000000000000000000000000000008769697a8d0b17de6bb3fc89ec4af32bba7573cf1c489aec2786e301d2bd2eed5589862e198942c0eebcc19bb77a02f848525eef6ea4204526183efbd0fae86e9bb7b66b682c8e0bc116bff82909a903d5bfd7527496e606589b4c992f868fc3b8084283dd65bc97e42ff1f27052098bbff2e8941168d53ad0096e368cb1fc43e4b8b83642b10279a36d9b94edb99ab16d2788193a2a20180af6d1962323ee4390746bb12ab9d0fb88a23e9e6bd7ca9ce06091669a3b9ea5365a94aab2a6d2aa00f9797415ae54c323dcf7bf4675658988285ce2b8c42d3f94f67f3c26bec1606822712332e04bfcea84cc29"], 0x74}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x134, 0x2c, 0x701, 0x0, 0x0, {0x0, r3, {0x18}, {}, {0x3}}, [@filter_kind_options=@f_cgroup={{0xb, 0x1, 'cgroup\x00'}, {0x104, 0x2, [@TCA_CGROUP_ACT={0x2cd, 0x1, @m_nat={0xd0, 0x0, {{0x1be, 0x1, 'nat\x00'}, {0x2c, 0x2, @TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @loopback}}}, {0x94, 0x6, "69b8c5f3ee26789f8763c2702b1139e5e9cf14cde2ebc2e7948cecdf4c3bab8bc1359b090dc500cd8f1a36bc682c7fb6e065aff0f733a31b494f95f19f92a63d2b61709c51709a648e84d18b45c7f953f0790bfae4be05bc901faea6eb6f20b329d9f833c5cb53060664f86188c57816352b517bc61850e110804ebdd9ebe2b783b13aa9c5e7d81c1a0d18568b"}}}}, @TCA_CGROUP_EMATCHES={0x2c, 0x3, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0xfffffed9}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x134}}, 0x0) 03:59:48 executing program 2: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv6_getaddr={0x18, 0x16, 0x1, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x18}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924b68, 0x0) 03:59:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xb02cc1fcd98a9c60}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom$llc(0xffffffffffffffff, 0x0, 0x0, 0x40000020, 0x0, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f0000000140)) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffff1821, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000000, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x5, 0x0, 0x71cff475, 0x0, @perf_config_ext={0x80000001}, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) umount2(&(0x7f0000000540)='./file0\x00', 0x4) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000400)="2cb61badd77feac65df39e2c79b56accfff8078985305a47544975975b2320747ed889bfe12f1efb7948d568baa45dec4a10b87f5b836aafa5d6f615b7cfa2827df54278561c471e7fb80568ed47c6b9b8292930525677d5d667177d7cb5c77bf8fad50f57d5acda9633942f99bec14d99092469c4b6ed6f2b05963923d457f26603f33733c4cf6ecc403fda9efcbc0c96946971e418c9037e786d9030597adf6c77dbecfbf4ebcace498fac0458e31f2fbb558545401cb58ba8447afa3432648f852d9be45c35ca8c1007b12699f457ef", 0xd1) [ 2830.944529][ T7072] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2831.717125][ C1] net_ratelimit: 22 callbacks suppressed [ 2831.717134][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2831.728717][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2831.957276][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2831.963302][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2832.289575][T24704] Bluetooth: hci0: command 0x1003 tx timeout [ 2832.298444][T10411] Bluetooth: hci0: sending frame failed (-49) [ 2832.837147][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2832.843146][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2833.317165][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2833.323172][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2833.477191][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2833.483457][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2834.357177][ T4342] Bluetooth: hci0: command 0x1001 tx timeout [ 2834.363996][T10411] Bluetooth: hci0: sending frame failed (-49) [ 2836.437299][T24704] Bluetooth: hci0: command 0x1009 tx timeout [ 2836.997293][ C1] net_ratelimit: 18 callbacks suppressed [ 2837.003124][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2837.008964][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2837.477179][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2837.483132][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2837.637253][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2837.643239][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2837.649465][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 2837.655327][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 2837.957159][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 2837.963045][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 2840.302754][ T4342] ------------[ cut here ]------------ [ 2840.308417][ T4342] WARNING: CPU: 1 PID: 4342 at kernel/locking/lockdep.c:4819 zap_class+0x76b/0xe60 [ 2840.317677][ T4342] Kernel panic - not syncing: panic_on_warn set ... [ 2840.324253][ T4342] CPU: 1 PID: 4342 Comm: kworker/1:0 Not tainted 5.4.0-rc3-next-20191015 #0 [ 2840.332904][ T4342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2840.342966][ T4342] Workqueue: events pwq_unbound_release_workfn [ 2840.349101][ T4342] Call Trace: [ 2840.352402][ T4342] dump_stack+0x172/0x1f0 [ 2840.356712][ T4342] ? zap_class+0x690/0xe60 [ 2840.361116][ T4342] panic+0x2e3/0x75c [ 2840.364992][ T4342] ? add_taint.cold+0x16/0x16 [ 2840.369648][ T4342] ? printk+0xba/0xed [ 2840.373614][ T4342] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 2840.379588][ T4342] ? __warn.cold+0x14/0x35 [ 2840.383996][ T4342] ? __warn+0xd9/0x1d0 [ 2840.388076][ T4342] ? zap_class+0x76b/0xe60 [ 2840.392471][ T4342] __warn.cold+0x2f/0x35 [ 2840.396693][ T4342] ? report_bug.cold+0x63/0xb2 [ 2840.401435][ T4342] ? zap_class+0x76b/0xe60 [ 2840.405832][ T4342] report_bug+0x289/0x300 [ 2840.410156][ T4342] do_error_trap+0x11b/0x200 [ 2840.414739][ T4342] do_invalid_op+0x37/0x50 [ 2840.419170][ T4342] ? zap_class+0x76b/0xe60 [ 2840.423567][ T4342] invalid_op+0x23/0x30 [ 2840.427699][ T4342] RIP: 0010:zap_class+0x76b/0xe60 [ 2840.432704][ T4342] Code: c1 e8 03 42 0f b6 14 30 4c 89 e0 83 e0 07 83 c0 01 38 d0 7c 80 84 d2 0f 84 78 ff ff ff 4c 89 e7 e8 6a 3a 56 00 e9 6b ff ff ff <0f> 0b e8 0e e2 e6 01 e9 4e fb ff ff 48 89 4d a8 48 89 55 c0 e8 8c [ 2840.452287][ T4342] RSP: 0018:ffff88807f38fc00 EFLAGS: 00010046 [ 2840.458605][ T4342] RAX: 0000000000000000 RBX: ffffffff8a2bbf20 RCX: 0000000000000b02 [ 2840.466553][ T4342] RDX: 0000000000000000 RSI: ffffffff8341567a RDI: 0000000000000006 [ 2840.474511][ T4342] RBP: ffff88807f38fc68 R08: ffff88806089a440 R09: fffffbfff14eef22 [ 2840.482476][ T4342] R10: fffffbfff14eef21 R11: ffffffff8a77790f R12: ffffffff8a7330d0 [ 2840.490438][ T4342] R13: ffffffff8a303b88 R14: dffffc0000000000 R15: ffffffff8a303b80 [ 2840.498512][ T4342] ? find_first_zero_bit+0x9a/0xc0 [ 2840.503623][ T4342] __lockdep_free_key_range+0x64/0x120 [ 2840.509066][ T4342] lockdep_unregister_key+0x201/0x4c0 [ 2840.514421][ T4342] pwq_unbound_release_workfn+0x233/0x2f0 [ 2840.520124][ T4342] process_one_work+0x9af/0x1740 [ 2840.525055][ T4342] ? pwq_dec_nr_in_flight+0x320/0x320 [ 2840.530421][ T4342] ? lock_acquire+0x190/0x410 [ 2840.535082][ T4342] worker_thread+0x98/0xe40 [ 2840.539571][ T4342] ? trace_hardirqs_on+0x67/0x240 [ 2840.544584][ T4342] kthread+0x361/0x430 [ 2840.548635][ T4342] ? process_one_work+0x1740/0x1740 [ 2840.553825][ T4342] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 2840.560056][ T4342] ret_from_fork+0x24/0x30 [ 2841.671403][ T4342] Shutting down cpus with NMI [ 2841.677766][ T4342] Kernel Offset: disabled [ 2841.682105][ T4342] Rebooting in 86400 seconds..