am 0: getpid() r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:43 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x85}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 683.536389] oom_reaper: reaped process 14988 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:51:44 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 683.639786] input: syz1 as /devices/virtual/input/input51 01:51:44 executing program 3: 01:51:44 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 683.765564] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 01:51:44 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x86}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 683.853672] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 683.873971] input: syz1 as /devices/virtual/input/input52 [ 683.895565] CPU: 0 PID: 15224 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 683.903463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.912818] Call Trace: [ 683.915421] dump_stack+0x188/0x20d [ 683.919061] dump_header+0x159/0xa5e [ 683.922789] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 683.927899] ? ___ratelimit+0x59/0x573 [ 683.931802] oom_kill_process.cold+0x10/0x6dc [ 683.936329] ? task_will_free_mem+0x134/0x6d0 [ 683.940842] out_of_memory+0x349/0x1250 [ 683.944829] ? oom_killer_disable+0x270/0x270 [ 683.949351] mem_cgroup_out_of_memory+0x1c7/0x240 [ 683.954214] ? memcg_event_wake+0x210/0x210 [ 683.958556] ? do_raw_spin_unlock+0x171/0x260 [ 683.963062] try_charge+0xe22/0x1300 [ 683.966798] ? __kmalloc_node_track_caller+0x38/0x70 [ 683.971918] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 683.976780] ? mark_held_locks+0xa6/0xf0 [ 683.980869] ? mem_cgroup_charge_skmem+0x111/0x270 [ 683.985813] ? mark_held_locks+0xa6/0xf0 [ 683.989881] ? mem_cgroup_charge_skmem+0x111/0x270 [ 683.994827] mem_cgroup_charge_skmem+0x126/0x270 [ 683.999598] ? mem_cgroup_sk_free+0x80/0x80 [ 684.003936] ? __sk_mem_raise_allocated+0x617/0x1360 [ 684.009055] __sk_mem_raise_allocated+0x543/0x1360 [ 684.014001] __sk_mem_schedule+0x65/0xd0 [ 684.018083] tcp_sendmsg_locked+0x1898/0x2ff0 [ 684.022606] ? tcp_sendpage+0x60/0x60 [ 684.026424] ? mark_held_locks+0xa6/0xf0 [ 684.030491] ? __local_bh_enable_ip+0x159/0x270 [ 684.035169] tcp_sendmsg+0x2b/0x40 [ 684.038716] inet_sendmsg+0x12e/0x590 [ 684.042523] ? ipip_gro_receive+0x100/0x100 [ 684.046846] sock_sendmsg+0xcf/0x120 [ 684.050572] ___sys_sendmsg+0x3e2/0x920 [ 684.054557] ? copy_msghdr_from_user+0x410/0x410 [ 684.059319] ? mark_held_locks+0xf0/0xf0 [ 684.063377] ? lock_downgrade+0x740/0x740 [ 684.067525] ? check_preemption_disabled+0x41/0x280 [ 684.072549] ? find_held_lock+0x2d/0x110 [ 684.076610] ? __might_fault+0x11f/0x1d0 [ 684.080672] ? lock_downgrade+0x740/0x740 [ 684.084841] __sys_sendmmsg+0x195/0x470 [ 684.088822] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 684.093145] ? lock_downgrade+0x740/0x740 [ 684.097330] ? __might_fault+0x192/0x1d0 [ 684.101427] ? _copy_to_user+0xb8/0x100 [ 684.105418] ? put_timespec64+0xcb/0x120 [ 684.109481] ? nsecs_to_jiffies+0x30/0x30 [ 684.113636] ? __x64_sys_clock_gettime+0x165/0x240 [ 684.118566] ? __ia32_sys_clock_settime+0x260/0x260 [ 684.123587] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 684.128345] __x64_sys_sendmmsg+0x99/0x100 [ 684.132581] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 684.137188] do_syscall_64+0xf9/0x620 [ 684.140999] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 684.146188] RIP: 0033:0x45c479 [ 684.149383] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 684.168286] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 684.175994] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 684.183259] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 684.190534] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 684.197800] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff 01:51:44 executing program 3: [ 684.205171] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c [ 684.334632] Task in /syz1 killed as a result of limit of /syz1 [ 684.346399] memory: usage 307180kB, limit 307200kB, failcnt 3503 [ 684.368543] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 684.394821] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 684.401123] Memory cgroup stats for /syz1: cache:0KB rss:136KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:160KB inactive_file:0KB active_file:0KB unevictable:0KB [ 684.422317] Memory cgroup out of memory: Kill process 15221 (syz-executor.1) score 1103 or sacrifice child [ 684.434226] Killed process 15221 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB 01:51:44 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:44 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:51:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:44 executing program 3: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x168, 0x168, 0x168, 0x0, 0x0, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@mcast2, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'veth0_to_bridge\x00', 'batadv_slave_0\x00', {}, {}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x128, 0x168, 0x0, {}, [@common=@inet=@ecn={{0x28, 'ecn\x00'}}, @common=@inet=@hashlimit1={{0x58, 'hashlimit\x00'}, {'rose0\x00', {0x24, 0xde030000, 0x0, 0x2, 0x0, 0x5, 0xa6}}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "489e1c5140111982c047409b7ac3d722edd3fb24545886bbd1be494201b4"}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380) 01:51:44 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x87}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 684.463028] oom_reaper: reaped process 15221 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 684.557441] input: syz1 as /devices/virtual/input/input53 01:51:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:45 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) [ 684.627797] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 684.654127] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 684.695402] CPU: 1 PID: 15364 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 684.703313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.712669] Call Trace: [ 684.715273] dump_stack+0x188/0x20d [ 684.718931] dump_header+0x159/0xa5e [ 684.722678] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 684.727842] ? ___ratelimit+0x59/0x573 [ 684.731777] oom_kill_process.cold+0x10/0x6dc [ 684.736300] ? task_will_free_mem+0x134/0x6d0 [ 684.740813] ? lockdep_hardirqs_on+0x40b/0x5d0 01:51:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 684.745415] out_of_memory+0x349/0x1250 [ 684.749411] ? __schedule+0x86e/0x1d80 [ 684.753362] ? oom_killer_disable+0x270/0x270 [ 684.757934] mem_cgroup_out_of_memory+0x1c7/0x240 [ 684.762890] ? memcg_event_wake+0x210/0x210 [ 684.767230] ? ___preempt_schedule+0x16/0x18 [ 684.771650] try_charge+0xe22/0x1300 [ 684.775375] ? __kmalloc_node_track_caller+0x38/0x70 [ 684.780501] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 684.785365] ? mark_held_locks+0xa6/0xf0 [ 684.789433] ? mem_cgroup_charge_skmem+0x111/0x270 [ 684.794383] ? mark_held_locks+0xa6/0xf0 [ 684.798445] ? mem_cgroup_charge_skmem+0x111/0x270 [ 684.803379] mem_cgroup_charge_skmem+0x126/0x270 [ 684.808135] ? mem_cgroup_sk_free+0x80/0x80 [ 684.812460] ? __sk_mem_raise_allocated+0x617/0x1360 [ 684.817566] __sk_mem_raise_allocated+0x543/0x1360 [ 684.822504] __sk_mem_schedule+0x65/0xd0 [ 684.826568] tcp_sendmsg_locked+0x1898/0x2ff0 [ 684.831105] ? tcp_sendpage+0x60/0x60 [ 684.834909] ? mark_held_locks+0xa6/0xf0 [ 684.839007] ? __local_bh_enable_ip+0x159/0x270 [ 684.843689] tcp_sendmsg+0x2b/0x40 [ 684.847254] inet_sendmsg+0x12e/0x590 [ 684.851075] ? ipip_gro_receive+0x100/0x100 [ 684.855396] sock_sendmsg+0xcf/0x120 [ 684.859128] ___sys_sendmsg+0x3e2/0x920 [ 684.863105] ? copy_msghdr_from_user+0x410/0x410 [ 684.867867] ? mark_held_locks+0xf0/0xf0 [ 684.871938] ? lock_downgrade+0x740/0x740 [ 684.876091] ? check_preemption_disabled+0x41/0x280 [ 684.881114] ? find_held_lock+0x2d/0x110 [ 684.885175] ? __might_fault+0x11f/0x1d0 [ 684.889249] ? lock_downgrade+0x740/0x740 [ 684.893406] __sys_sendmmsg+0x195/0x470 [ 684.897384] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 684.901721] ? lock_downgrade+0x740/0x740 [ 684.905890] ? __might_fault+0x192/0x1d0 [ 684.909947] ? _copy_to_user+0xb8/0x100 [ 684.913950] ? put_timespec64+0xcb/0x120 [ 684.918029] ? nsecs_to_jiffies+0x30/0x30 [ 684.922204] ? __x64_sys_clock_gettime+0x165/0x240 [ 684.927146] ? __ia32_sys_clock_settime+0x260/0x260 [ 684.932166] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 684.936925] __x64_sys_sendmmsg+0x99/0x100 [ 684.941188] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 684.945782] do_syscall_64+0xf9/0x620 [ 684.949585] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 684.954772] RIP: 0033:0x45c479 [ 684.957966] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 684.976862] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 684.984567] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 684.991832] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 684.999095] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 685.006357] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 685.013647] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:51:45 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:45 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x88}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x58, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x8a) [ 685.128426] input: syz1 as /devices/virtual/input/input55 01:51:45 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x89}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:45 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) [ 685.384835] input: syz1 as /devices/virtual/input/input56 [ 685.454794] Task in /syz1 killed as a result of limit of /syz1 [ 685.464847] memory: usage 307196kB, limit 307200kB, failcnt 3536 [ 685.471187] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 685.494831] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 685.514554] Memory cgroup stats for /syz1: cache:0KB rss:136KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:168KB inactive_file:0KB active_file:0KB unevictable:0KB [ 685.545298] Memory cgroup out of memory: Kill process 15362 (syz-executor.1) score 1103 or sacrifice child [ 685.593212] Killed process 15362 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 685.627147] oom_reaper: reaped process 15362 (syz-executor.1), now anon-rss:0kB, file-rss:34868kB, shmem-rss:0kB 01:51:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:46 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 685.712761] input: syz1 as /devices/virtual/input/input57 01:51:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:46 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:46 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:46 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x8a}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 685.882825] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 01:51:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 685.953263] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 685.986039] input: syz1 as /devices/virtual/input/input58 [ 685.999149] CPU: 0 PID: 15514 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 686.007043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.016397] Call Trace: [ 686.019000] dump_stack+0x188/0x20d [ 686.022630] dump_header+0x159/0xa5e [ 686.026392] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 686.031493] ? ___ratelimit+0x59/0x573 [ 686.035392] oom_kill_process.cold+0x10/0x6dc [ 686.039921] ? task_will_free_mem+0x134/0x6d0 [ 686.044417] out_of_memory+0x349/0x1250 [ 686.048397] ? oom_killer_disable+0x270/0x270 [ 686.052901] mem_cgroup_out_of_memory+0x1c7/0x240 [ 686.057747] ? memcg_event_wake+0x210/0x210 [ 686.062080] ? do_raw_spin_unlock+0x171/0x260 [ 686.066575] try_charge+0xe22/0x1300 [ 686.070291] ? __kmalloc_node_track_caller+0x38/0x70 [ 686.075392] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 686.080266] ? mark_held_locks+0xa6/0xf0 [ 686.084318] ? mem_cgroup_charge_skmem+0x111/0x270 [ 686.089261] ? mark_held_locks+0xa6/0xf0 [ 686.093320] ? mem_cgroup_charge_skmem+0x111/0x270 [ 686.098282] mem_cgroup_charge_skmem+0x126/0x270 [ 686.103044] ? mem_cgroup_sk_free+0x80/0x80 [ 686.107368] ? __sk_mem_raise_allocated+0x617/0x1360 [ 686.112475] __sk_mem_raise_allocated+0x543/0x1360 [ 686.117411] __sk_mem_schedule+0x65/0xd0 [ 686.121479] tcp_sendmsg_locked+0x1898/0x2ff0 [ 686.125980] ? tcp_sendpage+0x60/0x60 [ 686.129796] ? mark_held_locks+0xa6/0xf0 [ 686.133854] ? __local_bh_enable_ip+0x159/0x270 [ 686.138559] tcp_sendmsg+0x2b/0x40 [ 686.142126] inet_sendmsg+0x12e/0x590 [ 686.145940] ? ipip_gro_receive+0x100/0x100 [ 686.150276] sock_sendmsg+0xcf/0x120 [ 686.153990] ___sys_sendmsg+0x3e2/0x920 [ 686.157976] ? copy_msghdr_from_user+0x410/0x410 [ 686.162735] ? mark_held_locks+0xf0/0xf0 [ 686.166809] ? lock_downgrade+0x740/0x740 [ 686.170959] ? check_preemption_disabled+0x41/0x280 [ 686.175980] ? find_held_lock+0x2d/0x110 [ 686.180057] ? __might_fault+0x11f/0x1d0 [ 686.184118] ? lock_downgrade+0x740/0x740 [ 686.188296] __sys_sendmmsg+0x195/0x470 [ 686.192278] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 686.196595] ? lock_acquire+0x170/0x400 [ 686.200566] ? finish_task_switch+0x118/0x780 [ 686.205074] ? __schedule+0x86e/0x1d80 [ 686.208962] ? firmware_map_remove+0x19a/0x19a [ 686.213547] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 686.218312] __x64_sys_sendmmsg+0x99/0x100 [ 686.222575] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 686.227154] do_syscall_64+0xf9/0x620 [ 686.230958] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 686.236146] RIP: 0033:0x45c479 [ 686.239378] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 686.258432] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 686.266141] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 686.273406] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 686.280668] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 686.287931] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 686.295200] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c [ 686.345552] input: syz1 as /devices/virtual/input/input59 01:51:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:47 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x8b}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 686.614541] Task in /syz1 killed as a result of limit of /syz1 [ 686.640908] memory: usage 307196kB, limit 307200kB, failcnt 3562 [ 686.753749] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 686.799514] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 686.806029] Memory cgroup stats for /syz1: cache:0KB rss:136KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:188KB inactive_file:0KB active_file:0KB unevictable:0KB [ 686.827731] Memory cgroup out of memory: Kill process 15512 (syz-executor.1) score 1103 or sacrifice child 01:51:47 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:47 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:47 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:51:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:47 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x8c}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 686.842670] Killed process 15514 (syz-executor.1) total-vm:75096kB, anon-rss:176kB, file-rss:35824kB, shmem-rss:0kB [ 686.855514] oom_reaper: reaped process 15514 (syz-executor.1), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB [ 686.945191] input: syz1 as /devices/virtual/input/input60 [ 686.960090] input: syz1 as /devices/virtual/input/input61 01:51:47 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:51:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:47 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:47 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 687.152981] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 01:51:47 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x80, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29, 0x2, 0x0, 0x0, 0x0, [@empty]}, @routing={0x0, 0x6, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c", @empty]}]}}}}}}, 0xb2) [ 687.229251] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 687.248603] CPU: 1 PID: 15568 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 687.256511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.265906] Call Trace: [ 687.268501] dump_stack+0x188/0x20d [ 687.272143] dump_header+0x159/0xa5e [ 687.275869] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 687.280964] ? ___ratelimit+0x59/0x573 [ 687.284861] oom_kill_process.cold+0x10/0x6dc [ 687.289354] ? task_will_free_mem+0x134/0x6d0 [ 687.293849] out_of_memory+0x349/0x1250 [ 687.297831] ? oom_killer_disable+0x270/0x270 [ 687.302341] mem_cgroup_out_of_memory+0x1c7/0x240 [ 687.307196] ? memcg_event_wake+0x210/0x210 [ 687.311527] ? do_raw_spin_unlock+0x171/0x260 [ 687.316021] try_charge+0xe22/0x1300 [ 687.319739] ? __kmalloc_node_track_caller+0x38/0x70 [ 687.324841] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 687.329683] ? rcu_read_lock_sched_held+0x10a/0x130 [ 687.334727] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 687.340008] ? mark_held_locks+0xa6/0xf0 [ 687.344100] ? mem_cgroup_charge_skmem+0x111/0x270 [ 687.349031] mem_cgroup_charge_skmem+0x126/0x270 [ 687.353783] ? mem_cgroup_sk_free+0x80/0x80 [ 687.358106] ? __alloc_skb+0x3ad/0x5b0 [ 687.362004] __sk_mem_raise_allocated+0x543/0x1360 [ 687.366954] __sk_mem_schedule+0x65/0xd0 [ 687.371012] tcp_sendmsg_locked+0x1898/0x2ff0 [ 687.375527] ? tcp_sendpage+0x60/0x60 [ 687.379327] ? mark_held_locks+0xa6/0xf0 [ 687.383385] ? __local_bh_enable_ip+0x159/0x270 [ 687.388085] tcp_sendmsg+0x2b/0x40 [ 687.391629] inet_sendmsg+0x12e/0x590 [ 687.395442] ? ipip_gro_receive+0x100/0x100 [ 687.399770] sock_sendmsg+0xcf/0x120 [ 687.403485] ___sys_sendmsg+0x3e2/0x920 [ 687.407459] ? copy_msghdr_from_user+0x410/0x410 [ 687.412230] ? mark_held_locks+0xf0/0xf0 [ 687.416297] ? lock_downgrade+0x740/0x740 [ 687.420458] ? check_preemption_disabled+0x41/0x280 [ 687.425485] ? find_held_lock+0x2d/0x110 [ 687.429543] ? __might_fault+0x11f/0x1d0 [ 687.433617] ? lock_downgrade+0x740/0x740 [ 687.437779] __sys_sendmmsg+0x195/0x470 [ 687.441775] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 687.446111] ? lock_downgrade+0x740/0x740 [ 687.450311] ? __might_fault+0x192/0x1d0 [ 687.454381] ? _copy_to_user+0xb8/0x100 [ 687.458363] ? put_timespec64+0xcb/0x120 [ 687.462422] ? nsecs_to_jiffies+0x30/0x30 [ 687.466579] ? __x64_sys_clock_gettime+0x165/0x240 [ 687.471504] ? __ia32_sys_clock_settime+0x260/0x260 [ 687.476516] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 687.481286] __x64_sys_sendmmsg+0x99/0x100 [ 687.485520] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 687.490103] do_syscall_64+0xf9/0x620 [ 687.493922] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 687.499113] RIP: 0033:0x45c479 [ 687.502312] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 687.521211] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 01:51:47 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x8d}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 687.528922] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 687.536189] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 687.543463] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 687.550734] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 687.557999] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c [ 687.637309] input: syz1 as /devices/virtual/input/input62 01:51:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 687.739048] Task in /syz1 killed as a result of limit of /syz1 [ 687.748869] memory: usage 307200kB, limit 307200kB, failcnt 3579 [ 687.772263] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 687.821328] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 687.850375] Memory cgroup stats for /syz1: cache:0KB rss:4KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:160KB inactive_file:0KB active_file:0KB unevictable:0KB [ 687.924442] Memory cgroup out of memory: Kill process 15566 (syz-executor.1) score 1103 or sacrifice child [ 687.959264] Killed process 15566 (syz-executor.1) total-vm:74832kB, anon-rss:152kB, file-rss:35836kB, shmem-rss:0kB [ 687.994039] oom_reaper: reaped process 15566 (syz-executor.1), now anon-rss:0kB, file-rss:34884kB, shmem-rss:0kB 01:51:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:48 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:48 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x8e}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:48 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x80, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29, 0x2, 0x0, 0x0, 0x0, [@empty]}, @routing={0x0, 0x6, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c", @empty]}]}}}}}}, 0xb2) [ 688.179838] input: syz1 as /devices/virtual/input/input63 01:51:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:48 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:48 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x8f}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 688.399257] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 688.470312] input: syz1 as /devices/virtual/input/input64 [ 688.494597] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 688.500085] CPU: 1 PID: 15645 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 688.507977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.517333] Call Trace: [ 688.519946] dump_stack+0x188/0x20d [ 688.523574] dump_header+0x159/0xa5e [ 688.527289] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 688.532403] ? ___ratelimit+0x59/0x573 [ 688.536294] oom_kill_process.cold+0x10/0x6dc [ 688.540786] ? task_will_free_mem+0x134/0x6d0 [ 688.545283] out_of_memory+0x349/0x1250 [ 688.549261] ? oom_killer_disable+0x270/0x270 [ 688.553777] mem_cgroup_out_of_memory+0x1c7/0x240 [ 688.558625] ? memcg_event_wake+0x210/0x210 [ 688.562959] ? do_raw_spin_unlock+0x171/0x260 [ 688.567458] try_charge+0xe22/0x1300 [ 688.571178] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 688.576058] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 688.580943] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 688.587012] mem_cgroup_try_charge+0x249/0x5c0 [ 688.591597] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 688.596533] __handle_mm_fault+0x1cfb/0x3b60 [ 688.600944] ? copy_page_range+0x1e70/0x1e70 [ 688.605355] ? count_memcg_event_mm+0x279/0x4c0 [ 688.610048] handle_mm_fault+0x1a5/0x670 [ 688.614115] __do_page_fault+0x5ed/0xdd0 [ 688.618194] ? trace_hardirqs_off_caller+0x55/0x210 [ 688.623205] ? vmalloc_fault+0x730/0x730 [ 688.627277] ? page_fault+0x8/0x30 [ 688.630828] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 688.635706] ? page_fault+0x8/0x30 [ 688.639242] page_fault+0x1e/0x30 [ 688.642695] RIP: 0033:0x4436c1 [ 688.645889] Code: 8d 15 43 05 0b 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 688.664790] RSP: 002b:00007fff9a822a08 EFLAGS: 00010202 [ 688.670153] RAX: 0000000020001940 RBX: 000000000076c920 RCX: 00000000000000a5 [ 688.677415] RDX: 0000000000000001 RSI: 0000000000770640 RDI: 0000000020001940 [ 688.684679] RBP: 0000000000770620 R08: 0000000000000000 R09: 0000000000000000 [ 688.691952] R10: 00007fff9a822ae0 R11: 0000000000000246 R12: 000000000076bf20 [ 688.699218] R13: 0000000000770628 R14: 00000000000a8103 R15: 000000000076bf2c 01:51:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) [ 689.024189] Task in /syz1 killed as a result of limit of /syz1 [ 689.030563] memory: usage 307200kB, limit 307200kB, failcnt 3637 [ 689.037555] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 689.053751] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 689.065139] Memory cgroup stats for /syz1: cache:0KB rss:4KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 689.079068] input: syz1 as /devices/virtual/input/input65 [ 689.098941] Memory cgroup out of memory: Kill process 15645 (syz-executor.1) score 1103 or sacrifice child [ 689.119244] Killed process 15645 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 689.148879] oom_reaper: reaped process 15645 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:51:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:49 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x0, 0x8004401f071, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r1, 0x0) recvmmsg(r0, &(0x7f0000001f4c), 0x209a6b90bb7b17, 0x0, 0x0) 01:51:49 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x90}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:51:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 689.343065] input: syz1 as /devices/virtual/input/input66 [ 689.378265] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 01:51:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, 0x0, 0x0) [ 689.430048] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 689.484248] CPU: 1 PID: 15766 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 689.492172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.501566] Call Trace: [ 689.504178] dump_stack+0x188/0x20d [ 689.507811] dump_header+0x159/0xa5e [ 689.511525] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 689.516628] ? ___ratelimit+0x59/0x573 [ 689.520525] oom_kill_process.cold+0x10/0x6dc [ 689.525028] ? task_will_free_mem+0x134/0x6d0 [ 689.529527] out_of_memory+0x349/0x1250 [ 689.533505] ? oom_killer_disable+0x270/0x270 [ 689.538012] mem_cgroup_out_of_memory+0x1c7/0x240 [ 689.542853] ? memcg_event_wake+0x210/0x210 [ 689.547179] ? do_raw_spin_unlock+0x171/0x260 [ 689.551670] try_charge+0xe22/0x1300 [ 689.555398] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 689.560242] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 689.565093] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 689.571175] ? __lock_acquire+0x6ee/0x49c0 [ 689.575417] mem_cgroup_try_charge+0x249/0x5c0 [ 689.580031] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 689.585002] wp_page_copy+0x3fe/0x1530 [ 689.588893] ? follow_pfn+0x260/0x260 [ 689.592704] ? __lock_acquire+0x6ee/0x49c0 [ 689.596957] do_wp_page+0x518/0xfa0 [ 689.600586] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 689.605273] __handle_mm_fault+0x21a4/0x3b60 [ 689.609703] ? copy_page_range+0x1e70/0x1e70 [ 689.614116] ? count_memcg_event_mm+0x279/0x4c0 [ 689.618809] handle_mm_fault+0x1a5/0x670 [ 689.622878] __do_page_fault+0x5ed/0xdd0 [ 689.626970] ? trace_hardirqs_off_caller+0x55/0x210 [ 689.631995] ? vmalloc_fault+0x730/0x730 [ 689.636069] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 689.640920] page_fault+0x1e/0x30 [ 689.644375] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 689.650004] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a [ 689.668999] RSP: 0018:ffff888040edf9c0 EFLAGS: 00010206 [ 689.674357] RAX: ffffed10081dbf4f RBX: 0000000000000028 RCX: 0000000000000005 [ 689.681639] RDX: 0000000000000000 RSI: ffff888040edfa50 RDI: 000000000071a058 [ 689.688917] RBP: ffff888040edfa50 R08: 0000000000006f6c R09: ffffed10081dbf4f [ 689.696182] R10: ffffed10081dbf4e R11: ffff888040edfa77 R12: 000000000071a058 [ 689.703455] R13: 000000000071a080 R14: 00007ffffffff000 R15: 0000000000000000 [ 689.710749] _copy_to_user+0xe2/0x100 [ 689.714557] inet_gifconf+0x21d/0x360 [ 689.718367] ? inet_netconf_get_devconf+0x520/0x520 [ 689.723409] ? inet_netconf_get_devconf+0x520/0x520 [ 689.728436] dev_ifconf+0xd3/0x230 [ 689.732009] sock_do_ioctl+0x260/0x2f0 [ 689.735924] ? compat_ifr_data_ioctl+0x160/0x160 [ 689.740709] sock_ioctl+0x325/0x610 [ 689.744339] ? dlci_ioctl_set+0x30/0x30 [ 689.748324] ? dlci_ioctl_set+0x30/0x30 [ 689.752299] do_vfs_ioctl+0xcda/0x12e0 [ 689.756190] ? selinux_file_ioctl+0x46c/0x5d0 [ 689.760687] ? selinux_file_ioctl+0x125/0x5d0 [ 689.765180] ? check_preemption_disabled+0x41/0x280 [ 689.770191] ? ioctl_preallocate+0x200/0x200 [ 689.774601] ? selinux_file_mprotect+0x600/0x600 [ 689.779360] ? __fget+0x340/0x510 [ 689.782814] ? iterate_fd+0x350/0x350 [ 689.786625] ? security_file_ioctl+0x6c/0xb0 [ 689.791042] ksys_ioctl+0x9b/0xc0 [ 689.794508] __x64_sys_ioctl+0x6f/0xb0 [ 689.798405] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 689.802997] do_syscall_64+0xf9/0x620 [ 689.806816] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 689.812004] RIP: 0033:0x45c479 [ 689.815195] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 689.834087] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 689.841819] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 689.849101] RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000005 [ 689.856382] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 689.863685] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 689.870975] R13: 000000000000040e R14: 00000000004c66f9 R15: 000000000076bf2c [ 689.900700] Task in /syz1 killed as a result of limit of /syz1 [ 689.909967] memory: usage 307200kB, limit 307200kB, failcnt 3677 [ 689.910905] input: syz1 as /devices/virtual/input/input67 [ 689.917820] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 689.929274] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 689.935938] Memory cgroup stats for /syz1: cache:0KB rss:4KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB [ 689.973799] Memory cgroup out of memory: Kill process 15762 (syz-executor.1) score 1103 or sacrifice child [ 690.005132] Killed process 15762 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB 01:51:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:50 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, 0x0, 0x0) [ 690.025056] oom_reaper: reaped process 15762 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:51:50 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x91}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:50 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x0, 0x8004401f071, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r1, 0x20000000000001) recvmmsg(r0, &(0x7f0000001f4c), 0x209a6b90bb7b17, 0x0, 0x0) [ 690.195236] input: syz1 as /devices/virtual/input/input68 01:51:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:50 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, 0x0, 0x0) [ 690.317696] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 690.414126] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 690.425657] CPU: 0 PID: 15841 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 690.433563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.442938] Call Trace: [ 690.445546] dump_stack+0x188/0x20d [ 690.449178] dump_header+0x159/0xa5e [ 690.452906] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 690.458017] ? ___ratelimit+0x59/0x573 [ 690.461904] oom_kill_process.cold+0x10/0x6dc [ 690.466395] ? task_will_free_mem+0x134/0x6d0 [ 690.470893] out_of_memory+0x349/0x1250 [ 690.474894] ? oom_killer_disable+0x270/0x270 [ 690.479400] mem_cgroup_out_of_memory+0x1c7/0x240 [ 690.484270] ? memcg_event_wake+0x210/0x210 [ 690.488593] ? do_raw_spin_unlock+0x171/0x260 [ 690.493082] try_charge+0xe22/0x1300 [ 690.496815] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 690.501673] ? kasan_unpoison_shadow+0x30/0x40 [ 690.506257] ? kasan_kmalloc+0xbf/0xe0 [ 690.510160] ? mark_held_locks+0xa6/0xf0 [ 690.514229] ? mem_cgroup_charge_skmem+0x111/0x270 [ 690.519181] mem_cgroup_charge_skmem+0x126/0x270 [ 690.523938] ? mem_cgroup_sk_free+0x80/0x80 [ 690.528262] ? skb_trim+0x180/0x180 [ 690.531906] sk_forced_mem_schedule+0x133/0x160 [ 690.536579] sk_stream_alloc_skb+0x124/0x850 [ 690.540991] tcp_connect+0xf09/0x3df0 [ 690.544818] ? __tcp_transmit_skb+0x3750/0x3750 [ 690.549486] ? siphash_1u64+0x13/0x260 [ 690.553376] ? secure_ipv6_port_ephemeral+0x250/0x250 [ 690.558573] ? xfrm_lookup_route+0x56/0x1e0 [ 690.562913] ? check_preemption_disabled+0x41/0x280 [ 690.567951] ? prandom_u32_state+0xe/0x170 [ 690.572204] tcp_v4_connect+0x13fe/0x1a80 [ 690.576365] ? tcp_v4_parse_md5_keys+0x250/0x250 [ 690.581128] __inet_stream_connect+0x7d8/0xdf0 [ 690.585718] ? lock_sock_nested+0xa6/0x110 [ 690.589956] ? inet_dgram_connect+0x2d0/0x2d0 [ 690.594452] ? lock_acquire+0x170/0x400 [ 690.598436] ? mark_held_locks+0xa6/0xf0 [ 690.602498] ? __local_bh_enable_ip+0x159/0x270 [ 690.607166] ? __inet_stream_connect+0xdf0/0xdf0 [ 690.611922] ? __inet_stream_connect+0xdf0/0xdf0 [ 690.616679] inet_stream_connect+0x53/0xa0 [ 690.620913] __sys_connect+0x238/0x2c0 [ 690.624796] ? __ia32_sys_accept+0xb0/0xb0 [ 690.629030] ? put_timespec64+0xcb/0x120 [ 690.633091] ? nsecs_to_jiffies+0x30/0x30 [ 690.637245] ? __x64_sys_clock_gettime+0x165/0x240 [ 690.642168] ? __ia32_sys_clock_settime+0x260/0x260 [ 690.647191] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 690.651939] ? trace_hardirqs_off_caller+0x55/0x210 [ 690.656957] __x64_sys_connect+0x6f/0xb0 [ 690.661037] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 690.665629] do_syscall_64+0xf9/0x620 [ 690.669435] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 690.674621] RIP: 0033:0x45c479 [ 690.677846] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 690.696768] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 690.704483] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 01:51:51 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x92}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 690.711749] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003 [ 690.719028] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 690.726287] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 690.733563] R13: 0000000000000081 R14: 00000000004c2d9d R15: 000000000076bf2c 01:51:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:51 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x0, 0x8004401f071, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r1, 0x20000000000001) recvmmsg(r0, &(0x7f0000001f4c), 0x209a6b90bb7b17, 0x0, 0x0) [ 690.802723] input: syz1 as /devices/virtual/input/input69 01:51:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:51 executing program 2: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r1, 0x20000000000001) recvmmsg(r0, &(0x7f0000001f4c), 0x209a6b90bb7b17, 0x0, 0x0) 01:51:51 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x93}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:51 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r1, 0x20000000000001) recvmmsg(r0, &(0x7f0000001f4c), 0x209a6b90bb7b17, 0x0, 0x0) 01:51:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 691.385604] Task in /syz1 killed as a result of limit of /syz1 [ 691.391630] memory: usage 307184kB, limit 307200kB, failcnt 3725 [ 691.488851] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 691.587189] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 691.626706] Memory cgroup stats for /syz1: cache:0KB rss:4KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB [ 691.787114] Memory cgroup out of memory: Kill process 15794 (syz-executor.1) score 1103 or sacrifice child [ 691.829960] Killed process 15794 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 691.869110] oom_reaper: reaped process 15794 (syz-executor.1), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB 01:51:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:52 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x94}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 692.491546] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 692.599553] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 692.625076] CPU: 1 PID: 16168 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 692.632967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.642323] Call Trace: [ 692.644935] dump_stack+0x188/0x20d [ 692.648574] dump_header+0x159/0xa5e [ 692.652309] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 692.657453] ? ___ratelimit+0x59/0x573 [ 692.661369] oom_kill_process.cold+0x10/0x6dc [ 692.665876] ? task_will_free_mem+0x134/0x6d0 [ 692.670383] out_of_memory+0x349/0x1250 [ 692.674379] ? oom_killer_disable+0x270/0x270 [ 692.678945] mem_cgroup_out_of_memory+0x1c7/0x240 [ 692.683814] ? memcg_event_wake+0x210/0x210 [ 692.688182] ? do_raw_spin_unlock+0x171/0x260 [ 692.692714] try_charge+0xe22/0x1300 [ 692.696472] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 692.701341] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 692.706217] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 692.712282] ? __lock_is_held+0xad/0x140 [ 692.716354] ? __lock_acquire+0x6ee/0x49c0 [ 692.720605] mem_cgroup_try_charge+0x249/0x5c0 [ 692.725212] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 692.730152] wp_page_copy+0x3fe/0x1530 [ 692.734067] ? tcp_send_mss+0x160/0x2b0 [ 692.738068] ? follow_pfn+0x260/0x260 [ 692.741900] ? __lock_acquire+0x6ee/0x49c0 [ 692.746147] ? reacquire_held_locks+0xb5/0x430 [ 692.750741] do_wp_page+0x518/0xfa0 [ 692.754381] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 692.759066] __handle_mm_fault+0x21a4/0x3b60 [ 692.763490] ? copy_page_range+0x1e70/0x1e70 [ 692.767912] ? count_memcg_event_mm+0x279/0x4c0 [ 692.772613] handle_mm_fault+0x1a5/0x670 [ 692.776704] __do_page_fault+0x5ed/0xdd0 [ 692.780782] ? trace_hardirqs_off_caller+0x55/0x210 [ 692.785837] ? vmalloc_fault+0x730/0x730 [ 692.789951] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 692.794824] page_fault+0x1e/0x30 [ 692.798302] RIP: 0010:__put_user_4+0x1c/0x30 [ 692.802752] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 692.821690] RSP: 0018:ffff8880a11b7cd0 EFLAGS: 00010293 [ 692.827057] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000020007038 [ 692.834333] RDX: 000000000003c079 RSI: ffffffff8594d462 RDI: 0000000000000282 [ 692.841611] RBP: 0000000004040000 R08: 0000000000000000 R09: 0000000000000000 [ 692.848883] R10: ffff888088dd0c00 R11: ffffffff8b1aaa38 R12: 00000000000000d3 [ 692.856195] R13: 0000000020007000 R14: 00000000000001cc R15: 00000000000001cb [ 692.863526] ? __sys_sendmmsg+0x1c2/0x470 [ 692.867790] __sys_sendmmsg+0x1d3/0x470 [ 692.871789] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 692.876129] ? lock_downgrade+0x740/0x740 [ 692.880297] ? __might_fault+0x192/0x1d0 [ 692.884372] ? _copy_to_user+0xb8/0x100 [ 692.888361] ? put_timespec64+0xcb/0x120 [ 692.892428] ? nsecs_to_jiffies+0x30/0x30 [ 692.896595] ? __x64_sys_clock_gettime+0x165/0x240 [ 692.901536] ? __ia32_sys_clock_settime+0x260/0x260 [ 692.906563] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 692.911334] __x64_sys_sendmmsg+0x99/0x100 [ 692.915577] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 692.920168] do_syscall_64+0xf9/0x620 [ 692.923980] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 692.929171] RIP: 0033:0x45c479 [ 692.932394] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 692.951304] RSP: 002b:00007f5ff65cac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 692.959015] RAX: ffffffffffffffda RBX: 00007f5ff65cb6d4 RCX: 000000000045c479 [ 692.966404] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 692.973673] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 692.980941] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 692.988226] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 693.076983] Task in /syz1 killed as a result of limit of /syz1 [ 693.098664] memory: usage 307200kB, limit 307200kB, failcnt 3740 [ 693.113125] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 693.120260] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 693.135519] Memory cgroup stats for /syz1: cache:0KB rss:136KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:180KB inactive_file:0KB active_file:0KB unevictable:0KB [ 693.194421] Memory cgroup out of memory: Kill process 16068 (syz-executor.1) score 1103 or sacrifice child [ 693.227126] Killed process 16068 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 693.261438] oom_reaper: reaped process 16068 (syz-executor.1), now anon-rss:0kB, file-rss:34848kB, shmem-rss:0kB 01:51:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x51}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:56 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x95}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:56 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x4000005, 0x8004401f071, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x20000000000001) recvmmsg(0xffffffffffffffff, &(0x7f0000001f4c), 0x209a6b90bb7b17, 0x0, 0x0) 01:51:56 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) r2 = memfd_create(0x0, 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a3", 0x1}], 0x1, 0x81003) r3 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000080)='pkcs7_test\x00', 0x0, &(0x7f0000000200)="1f00", 0x2, r3) keyctl$set_timeout(0xf, r3, 0xffffffff) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f00000002c0)=[@in6={0xa, 0x4e26, 0x0, @ipv4={[], [], @empty}}], 0x1c) connect$inet6(r8, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f0000000180)=ANY=[@ANYBLOB="fb68070124f109db", @ANYRES32=0x0], &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x76, &(0x7f0000000000)={r9, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x7a}}}}, &(0x7f0000000240)=0x9c) r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='cpuacct.usage_all\x00', 0x0, 0x0) ioctl$BLKTRACESTART(r10, 0x1274, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000000)={r9, 0x8}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0x11, &(0x7f00000000c0)={r11, 0x2000}, 0x8) sendfile(r0, r1, 0x0, 0x102000004) [ 695.990978] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 01:51:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 696.089332] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 696.144738] CPU: 0 PID: 16198 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 696.152659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 696.162015] Call Trace: [ 696.164614] dump_stack+0x188/0x20d [ 696.168263] dump_header+0x159/0xa5e [ 696.171985] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 696.177096] ? ___ratelimit+0x59/0x573 [ 696.181010] oom_kill_process.cold+0x10/0x6dc [ 696.185550] ? task_will_free_mem+0x134/0x6d0 [ 696.190053] out_of_memory+0x349/0x1250 [ 696.194044] ? oom_killer_disable+0x270/0x270 [ 696.198555] mem_cgroup_out_of_memory+0x1c7/0x240 [ 696.203409] ? memcg_event_wake+0x210/0x210 [ 696.207753] ? do_raw_spin_unlock+0x171/0x260 [ 696.212260] try_charge+0xe22/0x1300 [ 696.215990] ? __kmalloc_node_track_caller+0x38/0x70 [ 696.221108] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 696.225975] ? mark_held_locks+0xa6/0xf0 [ 696.230051] ? mem_cgroup_charge_skmem+0x111/0x270 [ 696.235017] ? mark_held_locks+0xa6/0xf0 [ 696.239106] ? mem_cgroup_charge_skmem+0x111/0x270 [ 696.244059] mem_cgroup_charge_skmem+0x126/0x270 [ 696.248828] ? mem_cgroup_sk_free+0x80/0x80 [ 696.253164] ? __sk_mem_raise_allocated+0x617/0x1360 [ 696.258293] __sk_mem_raise_allocated+0x543/0x1360 [ 696.263239] __sk_mem_schedule+0x65/0xd0 [ 696.267310] tcp_sendmsg_locked+0x1898/0x2ff0 [ 696.271841] ? tcp_sendpage+0x60/0x60 [ 696.275655] ? mark_held_locks+0xa6/0xf0 [ 696.279726] ? __local_bh_enable_ip+0x159/0x270 [ 696.284422] tcp_sendmsg+0x2b/0x40 [ 696.288007] inet_sendmsg+0x12e/0x590 [ 696.291843] ? ipip_gro_receive+0x100/0x100 [ 696.296170] sock_sendmsg+0xcf/0x120 [ 696.299897] ___sys_sendmsg+0x3e2/0x920 [ 696.303896] ? copy_msghdr_from_user+0x410/0x410 [ 696.308679] ? mark_held_locks+0xf0/0xf0 [ 696.312753] ? lock_downgrade+0x740/0x740 [ 696.316911] ? check_preemption_disabled+0x41/0x280 [ 696.321984] ? find_held_lock+0x2d/0x110 [ 696.326091] ? __might_fault+0x11f/0x1d0 [ 696.330174] ? lock_downgrade+0x740/0x740 [ 696.334340] __sys_sendmmsg+0x195/0x470 [ 696.338334] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 696.342669] ? lock_downgrade+0x740/0x740 [ 696.346836] ? __might_fault+0x192/0x1d0 [ 696.350913] ? _copy_to_user+0xb8/0x100 [ 696.354905] ? put_timespec64+0xcb/0x120 [ 696.358992] ? nsecs_to_jiffies+0x30/0x30 [ 696.363156] ? __x64_sys_clock_gettime+0x165/0x240 [ 696.368099] ? __ia32_sys_clock_settime+0x260/0x260 [ 696.373132] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 696.377935] __x64_sys_sendmmsg+0x99/0x100 [ 696.382181] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 696.386785] do_syscall_64+0xf9/0x620 [ 696.390602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 696.395809] RIP: 0033:0x45c479 [ 696.399004] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 696.417903] RSP: 002b:00007f5ff65cac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 696.425617] RAX: ffffffffffffffda RBX: 00007f5ff65cb6d4 RCX: 000000000045c479 [ 696.432890] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 696.440162] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 696.447433] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 696.454729] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 696.467756] Task in /syz1 killed as a result of limit of /syz1 [ 696.473765] memory: usage 307172kB, limit 307200kB, failcnt 3756 01:51:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x51}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 696.494546] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 696.501345] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 696.509954] Memory cgroup stats for /syz1: cache:0KB rss:136KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:168KB inactive_file:0KB active_file:0KB unevictable:0KB 01:51:56 executing program 3: r0 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000700)={'macsec0\x00', @random="7f4d00d8c8b9"}) socket$kcm(0x2, 0xa, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0xc240, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getrandom(0x0, 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') perf_event_open(&(0x7f0000000400)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x7ff, 0x1}, 0x808, 0x0, 0x84c, 0x0, 0x4000000000, 0x0, 0xffff}, 0x0, 0x1, r1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x4800, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000013001d0400000000000000000000003f", @ANYRES32=0x0, @ANYBLOB="000000000000000008000a000f000000140003006970766c616e31000000e40000000000cc47bb1ff5be0d64c83cdf850715aa7c59c5e71aecbd0cd5f2cf2b6ada241a83b5d9b92c6ee7fa9250b0ef7bdf525f19681f2a20dc7e2060d7d7ce20f00fd65b3043f87765579a81995a8d40a6953eff8cdaf84d86ef9f730865919b2beb37090845dbe2edbc58944d199411cd60000000000000000000"], 0x3c}, 0x1, 0xf0}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$BATADV_CMD_GET_GATEWAYS(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="110700000000000000000800000008000300", @ANYRES32=r8, @ANYBLOB="18000600", @ANYRES32=r10, @ANYBLOB="1609c8edc1a852f9341a4ea9613a7fb35fd5a9384d369b7ba13f71348ff73721a0a9af74b81814fdb4c971e93b1c6168480e192edf98c35d0e21bf9ffe0bb2e7e9e8f992dbd0dae0231046d2a06c329fe3bd2d21341796d9352dc50c921747256789ab093a2a1d1aec45cb398019b241d6b6cc2ec29ca1e3a1efdeeebb3bd49f985d78c7d6431e810e8a12ea166a7a3fe2e9339e1b10784edbb1360f8eb6d16311ad5de227fffc00c6ab8b204f342495594736d88239cc8e940c7236b260cd242423cc416eafc15a6cd1161c756d95d9602effd4adb830caab7d1cbeffb66e1571616e1236d66b386c1f10c3237874a9568c1d4c58d12333ddf8578bfc652e6e357c70aabf9f396e76"], 0x24}}, 0x0) r11 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r11, &(0x7f0000000080)={0x2, 0x4ea1, @remote}, 0x10) sendto$inet(r11, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0) 01:51:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 696.559400] Memory cgroup out of memory: Kill process 16187 (syz-executor.1) score 1103 or sacrifice child [ 696.574590] Killed process 16187 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 696.628028] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 696.629102] oom_reaper: reaped process 16187 (syz-executor.1), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 696.643265] batman_adv: batadv0: Removing interface: batadv_slave_0 01:51:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:51:57 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x96}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 696.674928] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 696.709493] batman_adv: batadv0: Removing interface: batadv_slave_1 01:51:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 696.766285] device bridge_slave_1 left promiscuous mode [ 696.804646] bridge0: port 2(bridge_slave_1) entered disabled state 01:51:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 696.875615] device bridge_slave_0 left promiscuous mode [ 696.881123] bridge0: port 1(bridge_slave_0) entered disabled state [ 696.930710] syz-executor.1 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 696.946229] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 696.957401] CPU: 1 PID: 16333 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 696.965309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 696.974657] Call Trace: [ 696.977249] dump_stack+0x188/0x20d [ 696.980889] dump_header+0x159/0xa5e [ 696.984617] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 696.989729] ? ___ratelimit+0x59/0x573 [ 696.993637] oom_kill_process.cold+0x10/0x6dc [ 696.998146] ? task_will_free_mem+0x134/0x6d0 [ 697.002650] out_of_memory+0x349/0x1250 [ 697.006629] ? oom_killer_disable+0x270/0x270 [ 697.011136] mem_cgroup_out_of_memory+0x1c7/0x240 [ 697.015981] ? memcg_event_wake+0x210/0x210 [ 697.020315] ? do_raw_spin_unlock+0x171/0x260 [ 697.024807] try_charge+0xe22/0x1300 [ 697.028530] ? find_held_lock+0x2d/0x110 [ 697.032585] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 697.037448] ? lock_downgrade+0x740/0x740 [ 697.041611] ? check_preemption_disabled+0x41/0x280 [ 697.046646] memcg_kmem_charge_memcg+0x7b/0x150 [ 697.051314] ? memcg_kmem_put_cache+0xb0/0xb0 [ 697.055827] ? should_fail+0x142/0x7bc [ 697.059729] ? __isolate_free_page+0x4c0/0x4c0 [ 697.064309] memcg_kmem_charge+0x132/0x360 [ 697.068548] __alloc_pages_nodemask+0x396/0x6a0 [ 697.073229] ? __alloc_pages_slowpath+0x26a0/0x26a0 [ 697.078256] ? _raw_spin_unlock_irq+0x24/0x80 [ 697.082757] copy_process.part.0+0x3d6/0x7a60 [ 697.087251] ? _raw_spin_unlock_irqrestore+0x67/0xe0 [ 697.092367] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 697.096961] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 697.102085] ? __lock_acquire+0x6ee/0x49c0 [ 697.106320] ? do_try_to_free_pages+0xd13/0x1090 [ 697.111099] ? __cleanup_sighand+0x60/0x60 [ 697.115349] ? mark_held_locks+0xf0/0xf0 [ 697.119405] ? shrink_node+0x1350/0x1350 [ 697.123502] ? rcu_read_lock_sched_held+0x10a/0x130 [ 697.128525] _do_fork+0x22f/0xf40 [ 697.131990] ? fork_idle+0x1e0/0x1e0 [ 697.135712] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 697.141596] ? check_preemption_disabled+0x41/0x280 [ 697.146627] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 697.151373] ? trace_hardirqs_off_caller+0x55/0x210 [ 697.156393] ? do_syscall_64+0x21/0x620 [ 697.160387] do_syscall_64+0xf9/0x620 [ 697.164206] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 697.169393] RIP: 0033:0x45ee49 [ 697.172597] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 697.191489] RSP: 002b:00007fff9a8228d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 697.199195] RAX: ffffffffffffffda RBX: 00007f5ff65cb700 RCX: 000000000045ee49 [ 697.206462] RDX: 00007f5ff65cb9d0 RSI: 00007f5ff65cadb0 RDI: 00000000003d0f00 [ 697.213721] RBP: 00007fff9a822af0 R08: 00007f5ff65cb700 R09: 00007f5ff65cb700 [ 697.220990] R10: 00007f5ff65cb9d0 R11: 0000000000000202 R12: 0000000000000000 [ 697.228259] R13: 00007fff9a82298f R14: 00007f5ff65cb9c0 R15: 000000000076bfcc [ 697.244319] device veth1_macvtap left promiscuous mode [ 697.254739] Task in /syz1 killed as a result of limit of /syz1 [ 697.262256] device veth0_macvtap left promiscuous mode 01:51:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 697.278900] memory: usage 307172kB, limit 307200kB, failcnt 3791 [ 697.286686] device veth1_vlan left promiscuous mode [ 697.297689] device veth0_vlan left promiscuous mode [ 697.304183] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 697.324407] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 697.355622] Memory cgroup stats for /syz1: cache:0KB rss:136KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:164KB inactive_file:0KB active_file:0KB unevictable:0KB [ 697.386674] Memory cgroup out of memory: Kill process 16333 (syz-executor.1) score 1103 or sacrifice child 01:51:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 697.405999] Killed process 16333 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 697.444318] oom_reaper: reaped process 16333 (syz-executor.1), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB 01:51:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:51:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 703.268778] device hsr_slave_1 left promiscuous mode [ 703.309062] device hsr_slave_0 left promiscuous mode [ 703.355251] team0 (unregistering): Port device team_slave_1 removed [ 703.366515] team0 (unregistering): Port device team_slave_0 removed [ 703.376913] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 703.429941] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 703.516055] bond0 (unregistering): Released all slaves 01:52:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x51}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 703.579117] device macsec0 entered promiscuous mode [ 703.598966] bond0: enslaved VLAN challenged slave ipvlan1. Adding VLANs will be blocked as long as ipvlan1 is part of bond bond0 [ 703.633319] bond0: The slave device specified does not support setting the MAC address 01:52:04 executing program 3: r0 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000700)={'macsec0\x00', @random="7f4d00d8c8b9"}) socket$kcm(0x2, 0xa, 0x2) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0xc240, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getrandom(0x0, 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') perf_event_open(&(0x7f0000000400)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x7ff, 0x1}, 0x808, 0x0, 0x84c, 0x0, 0x4000000000, 0x0, 0xffff}, 0x0, 0x1, r1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x4800, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000013001d0400000000000000000000003f", @ANYRES32=0x0, @ANYBLOB="000000000000000008000a000f000000140003006970766c616e31000000e40000000000cc47bb1ff5be0d64c83cdf850715aa7c59c5e71aecbd0cd5f2cf2b6ada241a83b5d9b92c6ee7fa9250b0ef7bdf525f19681f2a20dc7e2060d7d7ce20f00fd65b3043f87765579a81995a8d40a6953eff8cdaf84d86ef9f730865919b2beb37090845dbe2edbc58944d199411cd60000000000000000000"], 0x3c}, 0x1, 0xf0}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00'}) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$BATADV_CMD_GET_GATEWAYS(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="110700000000000000000800000008000300", @ANYRES32=r8, @ANYBLOB="18000600", @ANYRES32=r10, @ANYBLOB="1609c8edc1a852f9341a4ea9613a7fb35fd5a9384d369b7ba13f71348ff73721a0a9af74b81814fdb4c971e93b1c6168480e192edf98c35d0e21bf9ffe0bb2e7e9e8f992dbd0dae0231046d2a06c329fe3bd2d21341796d9352dc50c921747256789ab093a2a1d1aec45cb398019b241d6b6cc2ec29ca1e3a1efdeeebb3bd49f985d78c7d6431e810e8a12ea166a7a3fe2e9339e1b10784edbb1360f8eb6d16311ad5de227fffc00c6ab8b204f342495594736d88239cc8e940c7236b260cd242423cc416eafc15a6cd1161c756d95d9602effd4adb830caab7d1cbeffb66e1571616e1236d66b386c1f10c3237874a9568c1d4c58d12333ddf8578bfc652e6e357c70aabf9f396e76"], 0x24}}, 0x0) r11 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r11, &(0x7f0000000080)={0x2, 0x4ea1, @remote}, 0x10) sendto$inet(r11, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0) 01:52:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:04 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x97}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 703.868246] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 01:52:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 703.916169] bond0: enslaved VLAN challenged slave ipvlan1. Adding VLANs will be blocked as long as ipvlan1 is part of bond bond0 [ 703.962424] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 703.982393] CPU: 1 PID: 16486 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 703.990303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 703.999657] Call Trace: [ 704.002259] dump_stack+0x188/0x20d [ 704.005894] dump_header+0x159/0xa5e [ 704.009611] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 704.014710] ? ___ratelimit+0x59/0x573 [ 704.018599] oom_kill_process.cold+0x10/0x6dc [ 704.023095] ? task_will_free_mem+0x134/0x6d0 [ 704.027594] out_of_memory+0x349/0x1250 [ 704.031572] ? oom_killer_disable+0x270/0x270 [ 704.036080] mem_cgroup_out_of_memory+0x1c7/0x240 [ 704.040931] ? memcg_event_wake+0x210/0x210 [ 704.045297] ? do_raw_spin_unlock+0x171/0x260 [ 704.049795] try_charge+0xe22/0x1300 [ 704.053517] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 704.058369] ? mark_held_locks+0xa6/0xf0 [ 704.062431] ? mem_cgroup_charge_skmem+0x111/0x270 [ 704.067361] mem_cgroup_charge_skmem+0x126/0x270 [ 704.072120] ? mem_cgroup_sk_free+0x80/0x80 [ 704.076444] ? lock_downgrade+0x740/0x740 [ 704.080594] ? iov_iter_advance+0x219/0xe10 [ 704.084933] __sk_mem_raise_allocated+0x543/0x1360 [ 704.089890] __sk_mem_schedule+0x65/0xd0 [ 704.093964] tcp_sendmsg_locked+0x1898/0x2ff0 [ 704.098503] ? tcp_sendpage+0x60/0x60 [ 704.102311] ? mark_held_locks+0xa6/0xf0 [ 704.106372] ? __local_bh_enable_ip+0x159/0x270 [ 704.111042] tcp_sendmsg+0x2b/0x40 [ 704.114584] inet_sendmsg+0x12e/0x590 [ 704.118382] ? ipip_gro_receive+0x100/0x100 [ 704.122699] sock_sendmsg+0xcf/0x120 [ 704.126429] ___sys_sendmsg+0x3e2/0x920 [ 704.130401] ? copy_msghdr_from_user+0x410/0x410 [ 704.135161] ? mark_held_locks+0xf0/0xf0 [ 704.139217] ? lock_downgrade+0x740/0x740 [ 704.143371] ? check_preemption_disabled+0x41/0x280 [ 704.148419] ? find_held_lock+0x2d/0x110 [ 704.152493] ? __might_fault+0x11f/0x1d0 [ 704.156574] ? lock_downgrade+0x740/0x740 [ 704.160733] __sys_sendmmsg+0x195/0x470 [ 704.164710] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 704.169036] ? lock_downgrade+0x740/0x740 [ 704.173193] ? __might_fault+0x192/0x1d0 [ 704.177252] ? _copy_to_user+0xb8/0x100 [ 704.181231] ? put_timespec64+0xcb/0x120 [ 704.185294] ? nsecs_to_jiffies+0x30/0x30 [ 704.189473] ? __x64_sys_clock_gettime+0x165/0x240 [ 704.194412] ? __ia32_sys_clock_settime+0x260/0x260 [ 704.199430] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 704.204200] __x64_sys_sendmmsg+0x99/0x100 [ 704.208430] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 704.213021] do_syscall_64+0xf9/0x620 [ 704.216835] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.222019] RIP: 0033:0x45c479 [ 704.225224] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 704.244131] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 704.251841] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 01:52:04 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, &(0x7f0000000040), &(0x7f0000000180)=0x4) sendto$inet(r0, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x802, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0)='nl80211\x00') r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@mcast1, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@local}}, &(0x7f0000000500)=0xe8) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000007c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000540)={0x230, r3, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x30}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_TX_RATES={0x204, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xd0, 0x2, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x0, 0x2, 0x0, 0x40, 0x3, 0x6, 0x20]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x51, 0x2, "b47aa90cfaa2a81e0fe50b15e216f2e1c2147f3a0d903a9503be22d798a87b5ffca37df45d9da6396837559a3293af370e8a86651dac58f7bb8b8f61bdd6aa4254ce355dfe1470b7a47b3a9f68"}, @NL80211_TXRATE_LEGACY={0xc, 0x1, "e604cab491cfff3b"}, @NL80211_TXRATE_HT={0x45, 0x2, "a1dc3b2f753245425db4fa7fe7f3317d5a78c01d9f4349a6ac3d469aa752de99581b25b0c2ca5cc3038b74cc96e2744b6e71696e0917d1dde8262b964af0821ac4"}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x18, 0x0, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x186, 0x3f, 0x1ff, 0x5, 0x1, 0xe572, 0x1]}}]}, @NL80211_BAND_5GHZ={0x9c, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, "85644bbbc2199853640acf5251e92e90bdd52f43e3152768"}, @NL80211_TXRATE_HT={0xb, 0x2, "cff0753c34fbc0"}, @NL80211_TXRATE_LEGACY={0x18, 0x1, "40b91265bc68e2a258340dfa2c2d3b5a655d3ab5"}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_LEGACY={0x21, 0x1, "1c9404ae6a5e0b9edb10797966172089a7aa6d29e24c0fd43a3b871a6c"}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, "e41c770ae74e3ca1d11006b39b65ca566d4f57cb6c93a1ba8480"}, @NL80211_TXRATE_LEGACY={0xf, 0x1, "f331e767ccef63627fbb84"}]}, @NL80211_BAND_6GHZ={0xc, 0x3, [@NL80211_TXRATE_GI={0x5, 0x4, 0x3}]}, @NL80211_BAND_60GHZ={0x14, 0x2, [@NL80211_TXRATE_HT={0xe, 0x2, "b6bd1855f3907ddd904e"}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, [@NL80211_TXRATE_LEGACY={0x14, 0x1, "74f04a6d9e750f3d6cf49816764cdb29"}, @NL80211_TXRATE_LEGACY={0x23, 0x1, "fb1fa7478c6a00d34d4212864ee9c1e2893759aefb4463db7652df127fb640"}]}, @NL80211_BAND_6GHZ={0x20, 0x3, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff, 0x5, 0xbebf, 0x7, 0x1cea, 0x3, 0x7f, 0x7fff]}}]}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x8000}, 0x8800) r7 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$sock_SIOCDELRT(r7, 0x890c, &(0x7f00000000c0)={0x0, @nfc={0x27, 0x1, 0x0, 0x4}, @ethernet={0x306, @remote}, @vsock={0x28, 0x0, 0x2711, @hyper}, 0xffff, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)='caif0\x00', 0x1, 0x80000000, 0x2}) memfd_create(0x0, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) setsockopt$RDS_GET_MR(0xffffffffffffffff, 0x114, 0x2, &(0x7f0000000340)={{&(0x7f0000000240)=""/173, 0xad}, &(0x7f0000000300), 0x1}, 0x20) sendfile(r0, r1, 0x0, 0x102000004) [ 704.259105] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 704.266387] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 704.273669] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 704.280939] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:52:04 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x98}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 704.323063] bond0: The slave device specified does not support setting the MAC address 01:52:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:04 executing program 2 (fault-call:4 fault-nth:0): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:52:04 executing program 3 (fault-call:4 fault-nth:0): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:05 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x99}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 704.635290] input: syz1 as /devices/virtual/input/input70 [ 704.661873] FAULT_INJECTION: forcing a failure. [ 704.661873] name failslab, interval 1, probability 0, space 0, times 0 [ 704.736096] CPU: 0 PID: 16611 Comm: syz-executor.3 Not tainted 4.19.107-syzkaller #0 [ 704.743998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 704.753351] Call Trace: [ 704.755961] dump_stack+0x188/0x20d [ 704.759615] should_fail.cold+0xa/0x1b [ 704.763526] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 704.768653] __should_failslab+0x115/0x180 [ 704.772904] should_failslab+0x5/0xf [ 704.776669] kmem_cache_alloc_node+0x260/0x730 [ 704.781290] ? __lock_acquire+0x6ee/0x49c0 [ 704.785543] ? __lock_acquire+0x6ee/0x49c0 [ 704.789784] __alloc_skb+0xba/0x5b0 [ 704.793409] ? skb_trim+0x180/0x180 [ 704.797036] ? mark_held_locks+0xf0/0xf0 [ 704.801106] ? __lock_acquire+0x6ee/0x49c0 [ 704.805353] alloc_skb_with_frags+0x92/0x560 [ 704.809773] sock_alloc_send_pskb+0x6b9/0x810 [ 704.814273] ? sock_wmalloc+0x120/0x120 [ 704.818252] ? copyin+0xa4/0xf0 [ 704.821545] ? iov_iter_advance+0x219/0xe10 [ 704.825990] tun_get_user+0xa1a/0x4930 [ 704.829922] ? tun_build_skb.isra.0+0x1960/0x1960 [ 704.834762] ? find_held_lock+0x2d/0x110 [ 704.838827] ? lock_downgrade+0x740/0x740 [ 704.842990] ? check_preemption_disabled+0x41/0x280 [ 704.848037] tun_chr_write_iter+0xb0/0x147 [ 704.852271] __vfs_write+0x512/0x760 [ 704.855989] ? kernel_read+0x110/0x110 [ 704.859893] ? avc_policy_seqno+0x9/0x70 [ 704.863983] ? selinux_file_permission+0x87/0x520 [ 704.868843] ? security_file_permission+0x84/0x220 [ 704.873791] vfs_write+0x206/0x550 [ 704.877335] ksys_write+0x12b/0x2a0 [ 704.880959] ? __ia32_sys_read+0xb0/0xb0 [ 704.885019] ? __ia32_sys_clock_settime+0x260/0x260 [ 704.890058] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 704.894809] ? trace_hardirqs_off_caller+0x55/0x210 [ 704.899824] ? do_syscall_64+0x21/0x620 [ 704.903839] do_syscall_64+0xf9/0x620 [ 704.907643] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.912829] RIP: 0033:0x45c479 [ 704.916023] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 704.934919] RSP: 002b:00007fbef68e5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 704.942635] RAX: ffffffffffffffda RBX: 00007fbef68e66d4 RCX: 000000000045c479 [ 704.949898] RDX: 0000000000000092 RSI: 00000000200011c0 RDI: 0000000000000003 [ 704.957181] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 704.964450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 704.971713] R13: 0000000000000d0b R14: 00000000004cef5f R15: 0000000000000000 01:52:05 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:52:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 705.122843] Task in /syz1 killed as a result of limit of /syz1 [ 705.160835] memory: usage 307196kB, limit 307200kB, failcnt 3811 [ 705.201790] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 705.232880] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 705.249555] input: syz1 as /devices/virtual/input/input71 [ 705.269513] Memory cgroup stats for /syz1: cache:0KB rss:132KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:168KB inactive_file:0KB active_file:0KB unevictable:0KB [ 705.315591] Memory cgroup out of memory: Kill process 16484 (syz-executor.1) score 1103 or sacrifice child [ 705.333146] Killed process 16484 (syz-executor.1) total-vm:74832kB, anon-rss:152kB, file-rss:35836kB, shmem-rss:0kB [ 705.368134] oom_reaper: reaped process 16484 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 01:52:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfa}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:05 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x9a}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) [ 705.703765] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 705.752333] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 705.781661] CPU: 1 PID: 16642 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 705.782589] input: syz1 as /devices/virtual/input/input72 [ 705.789567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 705.789573] Call Trace: [ 705.789596] dump_stack+0x188/0x20d [ 705.789616] dump_header+0x159/0xa5e [ 705.789634] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 705.789648] ? ___ratelimit+0x59/0x573 [ 705.789665] oom_kill_process.cold+0x10/0x6dc [ 705.789683] ? task_will_free_mem+0x134/0x6d0 [ 705.789701] out_of_memory+0x349/0x1250 [ 705.836417] ? oom_killer_disable+0x270/0x270 [ 705.840943] mem_cgroup_out_of_memory+0x1c7/0x240 [ 705.845792] ? memcg_event_wake+0x210/0x210 [ 705.850131] ? do_raw_spin_unlock+0x171/0x260 [ 705.854632] try_charge+0xe22/0x1300 [ 705.858358] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 705.863204] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 705.868067] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 705.874149] mem_cgroup_try_charge+0x249/0x5c0 [ 705.878740] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 705.883675] __handle_mm_fault+0x1cfb/0x3b60 [ 705.888083] ? copy_page_range+0x1e70/0x1e70 [ 705.892520] ? count_memcg_event_mm+0x279/0x4c0 [ 705.897225] handle_mm_fault+0x1a5/0x670 [ 705.901290] __do_page_fault+0x5ed/0xdd0 [ 705.905362] ? trace_hardirqs_off_caller+0x55/0x210 [ 705.910403] ? vmalloc_fault+0x730/0x730 [ 705.914477] ? page_fault+0x8/0x30 [ 705.918044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 705.922895] ? page_fault+0x8/0x30 [ 705.926448] page_fault+0x1e/0x30 [ 705.929907] RIP: 0033:0x45ee2d [ 705.933106] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8c fb ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 705.952008] RSP: 002b:00007fff9a8228d8 EFLAGS: 00010202 [ 705.957370] RAX: ffffffffffffffea RBX: 00007f5ff65cb700 RCX: 00007f5ff65cb700 [ 705.964648] RDX: 00000000003d0f00 RSI: 00007f5ff65cadb0 RDI: 0000000000413060 [ 705.971933] RBP: 00007fff9a822af0 R08: 00007f5ff65cb9d0 R09: 00007f5ff65cb700 [ 705.979201] R10: 00007f5ff65cadc0 R11: 0000000000000246 R12: 0000000000000000 [ 705.986471] R13: 00007fff9a82298f R14: 00007f5ff65cb9c0 R15: 000000000076bfcc 01:52:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:52:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:06 executing program 3 (fault-call:4 fault-nth:1): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 706.284168] input: syz1 as /devices/virtual/input/input73 01:52:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:52:06 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x9b}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 706.353925] Task in /syz1 killed as a result of limit of /syz1 [ 706.421033] memory: usage 307200kB, limit 307200kB, failcnt 3863 01:52:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x2}, 0xfe4f) [ 706.479424] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 706.513735] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 706.521356] FAULT_INJECTION: forcing a failure. [ 706.521356] name failslab, interval 1, probability 0, space 0, times 0 [ 706.552419] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:164KB inactive_file:0KB active_file:0KB unevictable:0KB [ 706.572482] CPU: 0 PID: 16773 Comm: syz-executor.3 Not tainted 4.19.107-syzkaller #0 [ 706.580385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 706.589743] Call Trace: [ 706.592347] dump_stack+0x188/0x20d [ 706.596022] should_fail.cold+0xa/0x1b [ 706.599923] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 706.605044] __should_failslab+0x115/0x180 [ 706.609292] should_failslab+0x5/0xf [ 706.613022] kmem_cache_alloc_node_trace+0x272/0x750 [ 706.618143] __kmalloc_node_track_caller+0x38/0x70 [ 706.623105] __kmalloc_reserve.isra.0+0x39/0xe0 [ 706.627807] __alloc_skb+0xef/0x5b0 [ 706.631458] ? skb_trim+0x180/0x180 [ 706.635097] ? mark_held_locks+0xf0/0xf0 [ 706.639174] ? __lock_acquire+0x6ee/0x49c0 [ 706.643466] alloc_skb_with_frags+0x92/0x560 [ 706.647903] sock_alloc_send_pskb+0x6b9/0x810 [ 706.652423] ? sock_wmalloc+0x120/0x120 [ 706.656408] ? copyin+0xa4/0xf0 [ 706.659700] ? iov_iter_advance+0x219/0xe10 [ 706.664099] tun_get_user+0xa1a/0x4930 [ 706.668018] ? tun_build_skb.isra.0+0x1960/0x1960 [ 706.672874] ? find_held_lock+0x2d/0x110 [ 706.676952] ? lock_downgrade+0x740/0x740 [ 706.681110] ? check_preemption_disabled+0x41/0x280 [ 706.686143] tun_chr_write_iter+0xb0/0x147 [ 706.690392] __vfs_write+0x512/0x760 [ 706.694122] ? kernel_read+0x110/0x110 [ 706.698028] ? avc_policy_seqno+0x9/0x70 [ 706.702097] ? selinux_file_permission+0x87/0x520 [ 706.706960] ? security_file_permission+0x84/0x220 [ 706.711905] vfs_write+0x206/0x550 [ 706.715472] ksys_write+0x12b/0x2a0 [ 706.719127] ? __ia32_sys_read+0xb0/0xb0 [ 706.723225] ? __ia32_sys_clock_settime+0x260/0x260 [ 706.728247] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.733038] ? trace_hardirqs_off_caller+0x55/0x210 [ 706.738058] ? do_syscall_64+0x21/0x620 [ 706.742163] do_syscall_64+0xf9/0x620 [ 706.746140] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 706.751347] RIP: 0033:0x45c479 [ 706.754553] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 706.773460] RSP: 002b:00007fbef68e5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 706.781184] RAX: ffffffffffffffda RBX: 00007fbef68e66d4 RCX: 000000000045c479 [ 706.788453] RDX: 0000000000000092 RSI: 00000000200011c0 RDI: 0000000000000003 [ 706.795725] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 706.802993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 706.810261] R13: 0000000000000d0b R14: 00000000004cef5f R15: 0000000000000001 [ 706.857842] input: syz1 as /devices/virtual/input/input74 [ 706.893310] Memory cgroup out of memory: Kill process 16642 (syz-executor.1) score 1103 or sacrifice child [ 706.964909] Killed process 16642 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 707.022216] oom_reaper: reaped process 16642 (syz-executor.1), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB 01:52:07 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:07 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x9c}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:52:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 707.128372] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 707.142959] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 707.149417] CPU: 0 PID: 16794 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 707.157329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 707.166708] Call Trace: [ 707.169330] dump_stack+0x188/0x20d [ 707.172997] dump_header+0x159/0xa5e [ 707.176773] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 707.181876] ? ___ratelimit+0x59/0x573 [ 707.185770] oom_kill_process.cold+0x10/0x6dc [ 707.190268] ? task_will_free_mem+0x134/0x6d0 [ 707.194764] out_of_memory+0x349/0x1250 [ 707.198740] ? oom_killer_disable+0x270/0x270 [ 707.203247] mem_cgroup_out_of_memory+0x1c7/0x240 [ 707.208093] ? memcg_event_wake+0x210/0x210 [ 707.212420] ? do_raw_spin_unlock+0x171/0x260 [ 707.216935] try_charge+0xe22/0x1300 [ 707.220657] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 707.225499] ? kasan_unpoison_shadow+0x30/0x40 [ 707.230078] ? kasan_kmalloc+0xbf/0xe0 [ 707.233972] ? mark_held_locks+0xa6/0xf0 [ 707.238035] ? mem_cgroup_charge_skmem+0x111/0x270 [ 707.242964] mem_cgroup_charge_skmem+0x126/0x270 [ 707.247723] ? mem_cgroup_sk_free+0x80/0x80 [ 707.252119] ? skb_trim+0x180/0x180 [ 707.255769] sk_forced_mem_schedule+0x133/0x160 [ 707.260448] sk_stream_alloc_skb+0x124/0x850 [ 707.264906] tcp_connect+0xf09/0x3df0 [ 707.268758] ? __tcp_transmit_skb+0x3750/0x3750 [ 707.273423] ? siphash_1u64+0x13/0x260 [ 707.277343] ? secure_ipv6_port_ephemeral+0x250/0x250 [ 707.282558] ? xfrm_lookup_route+0x56/0x1e0 [ 707.286921] ? check_preemption_disabled+0x41/0x280 [ 707.291932] ? prandom_u32_state+0xe/0x170 [ 707.296180] tcp_v4_connect+0x13fe/0x1a80 [ 707.300340] ? tcp_v4_parse_md5_keys+0x250/0x250 [ 707.305097] __inet_stream_connect+0x7d8/0xdf0 [ 707.309673] ? lock_sock_nested+0xa6/0x110 [ 707.313935] ? inet_dgram_connect+0x2d0/0x2d0 [ 707.318447] ? lock_acquire+0x170/0x400 [ 707.322420] ? mark_held_locks+0xa6/0xf0 [ 707.326497] ? __local_bh_enable_ip+0x159/0x270 [ 707.331165] ? __inet_stream_connect+0xdf0/0xdf0 [ 707.335921] ? __inet_stream_connect+0xdf0/0xdf0 [ 707.340686] inet_stream_connect+0x53/0xa0 [ 707.344918] __sys_connect+0x238/0x2c0 [ 707.348804] ? __ia32_sys_accept+0xb0/0xb0 [ 707.353042] ? put_timespec64+0xcb/0x120 [ 707.357107] ? nsecs_to_jiffies+0x30/0x30 [ 707.361267] ? __x64_sys_clock_gettime+0x165/0x240 [ 707.366196] ? __ia32_sys_clock_settime+0x260/0x260 [ 707.371241] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 707.375995] ? trace_hardirqs_off_caller+0x55/0x210 [ 707.381009] __x64_sys_connect+0x6f/0xb0 [ 707.385069] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 707.389660] do_syscall_64+0xf9/0x620 [ 707.393475] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 707.398666] RIP: 0033:0x45c479 [ 707.401856] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 707.420751] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 707.428466] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 707.435747] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003 [ 707.443031] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 707.450292] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 707.457557] R13: 0000000000000081 R14: 00000000004c2d9d R15: 000000000076bf2c [ 707.475083] Task in /syz1 killed as a result of limit of /syz1 [ 707.497943] memory: usage 307196kB, limit 307200kB, failcnt 3883 [ 707.507157] input: syz1 as /devices/virtual/input/input75 [ 707.524868] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:52:08 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x3}, 0xfe4f) [ 707.587915] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 707.594132] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB 01:52:08 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x2}, 0xfe4f) [ 707.736814] input: syz1 as /devices/virtual/input/input76 [ 707.751623] input: syz1 as /devices/virtual/input/input77 [ 707.783310] Memory cgroup out of memory: Kill process 16793 (syz-executor.1) score 1103 or sacrifice child [ 707.896723] Killed process 16793 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB 01:52:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 708.033146] oom_reaper: reaped process 16793 (syz-executor.1), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 708.069382] input: syz1 as /devices/virtual/input/input78 01:52:08 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x9d}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:08 executing program 5 (fault-call:6 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfc}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:08 executing program 3 (fault-call:4 fault-nth:2): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:08 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x4}, 0xfe4f) [ 708.496143] FAULT_INJECTION: forcing a failure. [ 708.496143] name failslab, interval 1, probability 0, space 0, times 0 [ 708.513983] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 01:52:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 708.543384] CPU: 1 PID: 16832 Comm: syz-executor.5 Not tainted 4.19.107-syzkaller #0 [ 708.551312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 708.553857] input: syz1 as /devices/virtual/input/input79 [ 708.560700] Call Trace: [ 708.560740] dump_stack+0x188/0x20d [ 708.560764] should_fail.cold+0xa/0x1b [ 708.560783] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 708.560804] ? __lock_is_held+0xad/0x140 [ 708.585587] __should_failslab+0x115/0x180 [ 708.589848] should_failslab+0x5/0xf [ 708.593578] kmem_cache_alloc+0x29f/0x710 [ 708.597740] ? __lock_acquire+0x6ee/0x49c0 [ 708.602089] mmu_topup_memory_caches+0x92/0x380 [ 708.606777] kvm_mmu_load+0x1e/0xf70 [ 708.610560] ? handle_vmwrite+0xd30/0xd30 [ 708.614740] ? handle_ept_violation+0x510/0x510 [ 708.619427] vcpu_enter_guest+0x3ac5/0x5ed0 [ 708.623771] ? __mutex_lock+0x3cd/0x1300 [ 708.627855] ? emulator_read_emulated+0x40/0x40 [ 708.632584] ? lock_acquire+0x170/0x400 [ 708.636567] ? kvm_arch_vcpu_ioctl_run+0x26b/0x16a0 [ 708.641363] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 708.641597] ? kvm_arch_vcpu_ioctl_run+0x446/0x16a0 [ 708.641610] ? kvm_arch_vcpu_ioctl_run+0x2a8/0x16a0 [ 708.641629] kvm_arch_vcpu_ioctl_run+0x446/0x16a0 [ 708.661891] kvm_vcpu_ioctl+0x493/0xe20 [ 708.665878] ? check_preemption_disabled+0x41/0x280 [ 708.670901] ? kvm_vcpu_block+0xc40/0xc40 [ 708.675065] ? mark_held_locks+0xf0/0xf0 [ 708.679140] ? proc_fail_nth_write+0x95/0x1d0 [ 708.683651] ? proc_cwd_link+0x1d0/0x1d0 [ 708.687738] ? find_held_lock+0x2d/0x110 [ 708.691814] ? __fget+0x319/0x510 [ 708.695274] ? kvm_vcpu_block+0xc40/0xc40 [ 708.699431] do_vfs_ioctl+0xcda/0x12e0 [ 708.703329] ? selinux_file_ioctl+0x125/0x5d0 [ 708.707831] ? check_preemption_disabled+0x41/0x280 [ 708.712862] ? ioctl_preallocate+0x200/0x200 [ 708.717277] ? selinux_file_mprotect+0x600/0x600 [ 708.722046] ? __fget+0x340/0x510 [ 708.725531] ? iterate_fd+0x350/0x350 [ 708.729345] ? security_file_ioctl+0x6c/0xb0 [ 708.733763] ksys_ioctl+0x9b/0xc0 [ 708.737228] __x64_sys_ioctl+0x6f/0xb0 [ 708.741136] ? lockdep_hardirqs_on+0x40b/0x5d0 01:52:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 708.745735] do_syscall_64+0xf9/0x620 [ 708.749550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 708.754746] RIP: 0033:0x45c479 [ 708.757948] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 708.776854] RSP: 002b:00007f5b94987c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 708.784566] RAX: ffffffffffffffda RBX: 00007f5b949886d4 RCX: 000000000045c479 [ 708.791841] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 708.799110] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 708.806381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 708.813659] R13: 00000000000003bf R14: 00000000004c6098 R15: 0000000000000000 [ 708.824134] CPU: 1 PID: 16831 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 708.832054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 708.841408] Call Trace: [ 708.844030] dump_stack+0x188/0x20d [ 708.847694] dump_header+0x159/0xa5e [ 708.851448] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 708.856554] ? ___ratelimit+0x59/0x573 [ 708.860484] oom_kill_process.cold+0x10/0x6dc [ 708.865022] ? task_will_free_mem+0x134/0x6d0 [ 708.869539] out_of_memory+0x349/0x1250 [ 708.873533] ? oom_killer_disable+0x270/0x270 [ 708.878062] mem_cgroup_out_of_memory+0x1c7/0x240 [ 708.882931] ? memcg_event_wake+0x210/0x210 [ 708.887274] ? do_raw_spin_unlock+0x171/0x260 [ 708.891773] try_charge+0xe22/0x1300 [ 708.895499] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 708.900342] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 708.905210] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 708.911284] ? __lock_acquire+0x6ee/0x49c0 [ 708.915535] mem_cgroup_try_charge+0x249/0x5c0 [ 708.920130] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 708.925079] wp_page_copy+0x3fe/0x1530 [ 708.929006] ? follow_pfn+0x260/0x260 [ 708.932807] ? __lock_acquire+0x6ee/0x49c0 [ 708.937042] ? __lock_acquire+0x6ee/0x49c0 [ 708.941286] do_wp_page+0x518/0xfa0 [ 708.944939] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 708.949610] __handle_mm_fault+0x21a4/0x3b60 [ 708.954035] ? copy_page_range+0x1e70/0x1e70 [ 708.958443] ? count_memcg_event_mm+0x279/0x4c0 [ 708.963129] handle_mm_fault+0x1a5/0x670 [ 708.967206] __do_page_fault+0x5ed/0xdd0 [ 708.971356] ? trace_hardirqs_off_caller+0x55/0x210 [ 708.976373] ? vmalloc_fault+0x730/0x730 [ 708.980450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 708.985298] page_fault+0x1e/0x30 [ 708.988751] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 708.994369] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a [ 709.013266] RSP: 0018:ffff88801493f9c0 EFLAGS: 00010206 [ 709.018624] RAX: ffffed1002927f4f RBX: 0000000000000028 RCX: 0000000000000005 [ 709.025885] RDX: 0000000000000000 RSI: ffff88801493fa50 RDI: 000000000071a058 [ 709.033147] RBP: ffff88801493fa50 R08: 0000000000006f6c R09: ffffed1002927f4f [ 709.040442] R10: ffffed1002927f4e R11: ffff88801493fa77 R12: 000000000071a058 [ 709.047741] R13: 000000000071a080 R14: 00007ffffffff000 R15: 0000000000000000 [ 709.055061] _copy_to_user+0xe2/0x100 [ 709.058863] inet_gifconf+0x21d/0x360 [ 709.062665] ? inet_netconf_get_devconf+0x520/0x520 [ 709.067728] ? inet_netconf_get_devconf+0x520/0x520 [ 709.072745] dev_ifconf+0xd3/0x230 [ 709.076294] sock_do_ioctl+0x260/0x2f0 [ 709.080195] ? compat_ifr_data_ioctl+0x160/0x160 [ 709.084971] sock_ioctl+0x325/0x610 [ 709.088613] ? dlci_ioctl_set+0x30/0x30 [ 709.092610] ? dlci_ioctl_set+0x30/0x30 [ 709.096596] do_vfs_ioctl+0xcda/0x12e0 [ 709.100482] ? selinux_file_ioctl+0x46c/0x5d0 [ 709.104999] ? selinux_file_ioctl+0x125/0x5d0 [ 709.109490] ? check_preemption_disabled+0x41/0x280 [ 709.114502] ? ioctl_preallocate+0x200/0x200 [ 709.118936] ? selinux_file_mprotect+0x600/0x600 [ 709.123700] ? __fget+0x340/0x510 [ 709.127159] ? iterate_fd+0x350/0x350 [ 709.130965] ? security_file_ioctl+0x6c/0xb0 [ 709.135374] ksys_ioctl+0x9b/0xc0 [ 709.138828] __x64_sys_ioctl+0x6f/0xb0 [ 709.142717] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 709.147317] do_syscall_64+0xf9/0x620 [ 709.151119] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 709.156309] RIP: 0033:0x45c479 [ 709.159500] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 709.178396] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 709.186109] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 01:52:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 709.193370] RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000005 [ 709.200634] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 709.207903] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 709.215166] R13: 000000000000040e R14: 00000000004c66f9 R15: 000000000076bf2c 01:52:09 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x5}, 0xfe4f) [ 709.246871] Task in /syz1 killed as a result of limit of /syz1 [ 709.253077] memory: usage 307200kB, limit 307200kB, failcnt 3914 [ 709.267347] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 709.281024] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 01:52:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 709.317908] Memory cgroup stats for /syz1: cache:0KB rss:128KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB [ 709.344654] Memory cgroup out of memory: Kill process 16828 (syz-executor.1) score 1103 or sacrifice child [ 709.365846] input: syz1 as /devices/virtual/input/input81 [ 709.386474] Killed process 16828 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 709.430458] oom_reaper: reaped process 16828 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:52:09 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x9e}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:10 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:10 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfd}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x2, 0x0) 01:52:10 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x11}, 0xfe4f) 01:52:10 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x9f}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 710.014109] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 710.014747] input: syz1 as /devices/virtual/input/input83 [ 710.095695] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 710.114733] CPU: 0 PID: 16984 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 710.122639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 710.132019] Call Trace: [ 710.134615] dump_stack+0x188/0x20d [ 710.138266] dump_header+0x159/0xa5e [ 710.142019] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 710.147135] ? ___ratelimit+0x59/0x573 [ 710.151052] oom_kill_process.cold+0x10/0x6dc [ 710.155555] ? task_will_free_mem+0x134/0x6d0 [ 710.160075] out_of_memory+0x349/0x1250 [ 710.164076] ? oom_killer_disable+0x270/0x270 [ 710.168601] mem_cgroup_out_of_memory+0x1c7/0x240 [ 710.173464] ? memcg_event_wake+0x210/0x210 [ 710.177803] ? do_raw_spin_unlock+0x171/0x260 [ 710.182309] try_charge+0xe22/0x1300 [ 710.186068] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 710.190918] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 710.195784] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 710.201914] ? __lock_acquire+0x6ee/0x49c0 [ 710.206167] mem_cgroup_try_charge+0x249/0x5c0 [ 710.210771] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 710.215711] wp_page_copy+0x3fe/0x1530 [ 710.219624] ? follow_pfn+0x260/0x260 [ 710.223431] ? __lock_acquire+0x6ee/0x49c0 [ 710.227722] do_wp_page+0x518/0xfa0 [ 710.231394] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 710.236091] __handle_mm_fault+0x21a4/0x3b60 [ 710.240509] ? copy_page_range+0x1e70/0x1e70 [ 710.244923] ? count_memcg_event_mm+0x279/0x4c0 [ 710.249618] handle_mm_fault+0x1a5/0x670 [ 710.253746] __do_page_fault+0x5ed/0xdd0 [ 710.257828] ? trace_hardirqs_off_caller+0x55/0x210 [ 710.262857] ? vmalloc_fault+0x730/0x730 [ 710.266926] ? page_fault+0x8/0x30 [ 710.270486] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 710.275368] ? page_fault+0x8/0x30 [ 710.278913] page_fault+0x1e/0x30 [ 710.282366] RIP: 0033:0x4114c8 01:52:10 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 710.285560] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf 78 1d 4c 00 31 c0 e8 e3 09 ff ff 31 ff e8 2c 06 ff ff 0f 1f 40 00 <89> 3c b5 00 00 74 00 eb b6 31 ed 0f 1f 44 00 00 80 3d 7e 11 87 00 [ 710.304464] RSP: 002b:00007fff9a822940 EFLAGS: 00010246 [ 710.309837] RAX: 000000005872530b RBX: 0000000072e3ade6 RCX: 0000001b30420000 [ 710.317106] RDX: 0000000000000000 RSI: 000000000000130b RDI: ffffffff5872530b [ 710.324397] RBP: 0000000000000005 R08: 000000005872530b R09: 000000005872530f [ 710.331664] R10: 00007fff9a822ae0 R11: 0000000000000246 R12: 000000000076bfa8 [ 710.338930] R13: 0000000080000000 R14: 00007f5ff85ed008 R15: 0000000000000005 01:52:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 710.355569] Task in /syz1 killed as a result of limit of /syz1 [ 710.400909] memory: usage 307200kB, limit 307200kB, failcnt 3938 [ 710.414727] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 710.430721] input: syz1 as /devices/virtual/input/input84 [ 710.439005] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 01:52:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4b47, 0x0) [ 710.470985] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:124KB inactive_file:0KB active_file:0KB unevictable:0KB 01:52:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:52:11 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x12}, 0xfe4f) [ 710.554565] Memory cgroup out of memory: Kill process 16984 (syz-executor.1) score 1103 or sacrifice child [ 710.615622] Killed process 16984 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 710.646240] oom_reaper: reaped process 16984 (syz-executor.1), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB 01:52:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4b49, 0x0) [ 710.678221] input: syz1 as /devices/virtual/input/input85 01:52:11 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:11 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfe}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:52:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x541b, 0x0) 01:52:11 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 711.159045] syz-executor.1 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 711.282403] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 711.323889] CPU: 1 PID: 17135 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 711.331784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 711.341135] Call Trace: [ 711.343744] dump_stack+0x188/0x20d [ 711.347385] dump_header+0x159/0xa5e [ 711.351157] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 711.356278] ? ___ratelimit+0x59/0x573 [ 711.360182] oom_kill_process.cold+0x10/0x6dc [ 711.364692] ? task_will_free_mem+0x134/0x6d0 [ 711.369209] out_of_memory+0x349/0x1250 01:52:11 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x14}, 0xfe4f) 01:52:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x5421, 0x0) [ 711.373195] ? oom_killer_disable+0x270/0x270 [ 711.377703] mem_cgroup_out_of_memory+0x1c7/0x240 [ 711.382556] ? memcg_event_wake+0x210/0x210 [ 711.387016] ? do_raw_spin_unlock+0x171/0x260 [ 711.391564] try_charge+0xe22/0x1300 [ 711.395412] ? find_held_lock+0x2d/0x110 [ 711.399508] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 711.404380] ? lock_downgrade+0x740/0x740 [ 711.408562] ? check_preemption_disabled+0x41/0x280 [ 711.413604] memcg_kmem_charge_memcg+0x7b/0x150 [ 711.418307] ? memcg_kmem_put_cache+0xb0/0xb0 [ 711.422819] ? should_fail+0x142/0x7bc [ 711.426717] ? __isolate_free_page+0x4c0/0x4c0 [ 711.431319] memcg_kmem_charge+0x132/0x360 [ 711.435579] __alloc_pages_nodemask+0x396/0x6a0 [ 711.440266] ? __alloc_pages_slowpath+0x26a0/0x26a0 [ 711.445344] ? _raw_spin_unlock_irq+0x24/0x80 [ 711.449874] copy_process.part.0+0x3d6/0x7a60 [ 711.454395] ? _raw_spin_unlock_irqrestore+0x67/0xe0 [ 711.459505] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 711.464084] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 711.469203] ? __lock_acquire+0x6ee/0x49c0 [ 711.473435] ? do_try_to_free_pages+0xd13/0x1090 [ 711.478241] ? __cleanup_sighand+0x60/0x60 [ 711.482473] ? mark_held_locks+0xf0/0xf0 [ 711.486544] ? shrink_node+0x1350/0x1350 [ 711.490613] ? rcu_read_lock_sched_held+0x10a/0x130 [ 711.495691] _do_fork+0x22f/0xf40 [ 711.499144] ? fork_idle+0x1e0/0x1e0 [ 711.502862] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 711.508759] ? check_preemption_disabled+0x41/0x280 [ 711.513780] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 711.518532] ? trace_hardirqs_off_caller+0x55/0x210 [ 711.523545] ? do_syscall_64+0x21/0x620 [ 711.527519] do_syscall_64+0xf9/0x620 [ 711.531323] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 711.536520] RIP: 0033:0x45ee49 [ 711.539718] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 711.558625] RSP: 002b:00007fff9a8228d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 711.566327] RAX: ffffffffffffffda RBX: 00007f5ff65ec700 RCX: 000000000045ee49 [ 711.573589] RDX: 00007f5ff65ec9d0 RSI: 00007f5ff65ebdb0 RDI: 00000000003d0f00 [ 711.580848] RBP: 00007fff9a822af0 R08: 00007f5ff65ec700 R09: 00007f5ff65ec700 [ 711.588142] R10: 00007f5ff65ec9d0 R11: 0000000000000202 R12: 0000000000000000 [ 711.595491] R13: 00007fff9a82298f R14: 00007f5ff65ec9c0 R15: 000000000076bf2c 01:52:12 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) 01:52:12 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x11}, 0xfe4f) 01:52:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x5450, 0x0) [ 711.696080] Task in /syz1 killed as a result of limit of /syz1 [ 711.744599] memory: usage 307176kB, limit 307200kB, failcnt 3970 [ 711.756837] input: syz1 as /devices/virtual/input/input88 [ 711.770835] input: syz1 as /devices/virtual/input/input89 [ 711.778165] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 711.792319] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 711.845813] Memory cgroup stats for /syz1: cache:0KB rss:128KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB [ 711.940435] Memory cgroup out of memory: Kill process 17135 (syz-executor.1) score 1103 or sacrifice child 01:52:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x5451, 0x0) [ 711.987356] Killed process 17135 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 712.012779] oom_reaper: reaped process 17135 (syz-executor.1), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 01:52:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x102}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 712.149854] input: syz1 as /devices/virtual/input/input90 [ 712.180229] syz-executor.1 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 [ 712.229180] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 712.251029] CPU: 1 PID: 17280 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 712.258936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 712.268296] Call Trace: [ 712.270905] dump_stack+0x188/0x20d [ 712.274559] dump_header+0x159/0xa5e [ 712.278280] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 712.283389] ? ___ratelimit+0x59/0x573 [ 712.287281] oom_kill_process.cold+0x10/0x6dc [ 712.291849] ? task_will_free_mem+0x134/0x6d0 [ 712.296354] out_of_memory+0x349/0x1250 [ 712.300384] ? oom_killer_disable+0x270/0x270 [ 712.304899] mem_cgroup_out_of_memory+0x1c7/0x240 [ 712.309759] ? memcg_event_wake+0x210/0x210 [ 712.314080] ? do_raw_spin_unlock+0x171/0x260 [ 712.318561] try_charge+0xe22/0x1300 [ 712.322277] ? find_held_lock+0x2d/0x110 [ 712.326353] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 712.331190] ? lock_downgrade+0x740/0x740 [ 712.335334] ? check_preemption_disabled+0x41/0x280 [ 712.340347] memcg_kmem_charge_memcg+0x7b/0x150 [ 712.345047] ? memcg_kmem_put_cache+0xb0/0xb0 [ 712.349543] ? should_fail+0x142/0x7bc [ 712.353475] ? __isolate_free_page+0x4c0/0x4c0 [ 712.358051] memcg_kmem_charge+0x132/0x360 [ 712.362395] __alloc_pages_nodemask+0x396/0x6a0 [ 712.367060] ? __alloc_pages_slowpath+0x26a0/0x26a0 [ 712.372074] ? _raw_spin_unlock_irq+0x24/0x80 [ 712.376584] copy_process.part.0+0x3d6/0x7a60 [ 712.381088] ? _raw_spin_unlock_irqrestore+0x67/0xe0 [ 712.386192] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 712.390770] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 712.395860] ? __lock_acquire+0x6ee/0x49c0 [ 712.400081] ? do_try_to_free_pages+0xd13/0x1090 [ 712.404828] ? __cleanup_sighand+0x60/0x60 [ 712.409049] ? mark_held_locks+0xf0/0xf0 [ 712.413138] ? shrink_node+0x1350/0x1350 [ 712.417252] ? rcu_read_lock_sched_held+0x10a/0x130 [ 712.422255] _do_fork+0x22f/0xf40 [ 712.425698] ? fork_idle+0x1e0/0x1e0 [ 712.429408] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 712.435278] ? check_preemption_disabled+0x41/0x280 [ 712.440281] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 712.445036] ? trace_hardirqs_off_caller+0x55/0x210 [ 712.450035] ? do_syscall_64+0x21/0x620 [ 712.454000] do_syscall_64+0xf9/0x620 [ 712.457789] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 712.462977] RIP: 0033:0x45ee49 [ 712.466164] Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 712.485066] RSP: 002b:00007fff9a8228d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 712.492761] RAX: ffffffffffffffda RBX: 00007f5ff65ec700 RCX: 000000000045ee49 [ 712.500024] RDX: 00007f5ff65ec9d0 RSI: 00007f5ff65ebdb0 RDI: 00000000003d0f00 [ 712.507288] RBP: 00007fff9a822af0 R08: 00007f5ff65ec700 R09: 00007f5ff65ec700 [ 712.514546] R10: 00007f5ff65ec9d0 R11: 0000000000000202 R12: 0000000000000000 [ 712.521842] R13: 00007fff9a82298f R14: 00007f5ff65ec9c0 R15: 000000000076bf2c [ 712.531459] Task in /syz1 killed as a result of limit of /syz1 [ 712.538569] memory: usage 282144kB, limit 307200kB, failcnt 4001 [ 712.545268] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 712.552345] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 712.566816] Memory cgroup stats for /syz1: cache:0KB rss:128KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB [ 712.606864] Memory cgroup out of memory: Kill process 17280 (syz-executor.1) score 1103 or sacrifice child [ 712.652367] Killed process 17280 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 712.673841] oom_reaper: reaped process 17280 (syz-executor.1), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 01:52:13 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x2}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:13 executing program 0 (fault-call:7 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:13 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x16}, 0xfe4f) 01:52:13 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x5452, 0x0) 01:52:13 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x103}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 712.986051] input: syz1 as /devices/virtual/input/input91 01:52:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:13 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x5460, 0x0) 01:52:13 executing program 0: r0 = socket$caif_seqpacket(0x25, 0x5, 0x3) sendmsg(r0, &(0x7f0000000480)={&(0x7f0000000100)=@ax25={{0x3, @bcast, 0x3}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="b3c2954072541dbf5dd9686e136e039fc4e1aa378a4cb0e839c44a246f0cd168e9d92ed5f00681dcd29d", 0x2a}, {&(0x7f00000001c0)="d2005a5c88ebdf5416c5c3b019e0677c", 0x10}, {&(0x7f0000000380)="0875a76a7f9fd9174b2a6be863c8ed52c15fae6a5605ea74e478bc09f51aec26e6175dad875376bb63f1571a17a9597e43c88874c18d3abc5cecc5be030e7b2777884ebf21c9547563773eaa4bcce2ee0998a9a27be02b8586ae5ae21b7108b1a1db8a8aac2b87491ebbd60baffbbdd4a8d5ead76d242f11079269dc002394a44ffa19b0be14c7641b70de97f3eed26241ce92e6eff295e6faeb9aa1d3d731553f1c793a1d5a26acf307a3ad0e4a5f35c6154a6c3b62a7110739e42a61c1069464", 0xc1}], 0x3, &(0x7f0000000280)=[{0x30, 0x114, 0x1, "f295f421ae998cae31943580dc1d039fa03cdb3fce9096c646aad04c"}], 0x30}, 0x80) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000080)="f2a60f20e06635002000000f22e0b00f7b6dc730303036f30f1a970000660f3806581e0f08bad004b0be53f30f2af8baa100b000ee", 0x35}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x20a01, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB(r4, 0xc01c64ae, &(0x7f00000000c0)={0xfffffeff, 0x0, 0x401, 0x7, 0x2, 0x7fff, 0xe1}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e1], 0x2}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, &(0x7f00000004c0)=0x5, 0x4) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r4, 0x80605414, &(0x7f0000000500)) [ 713.407460] input: syz1 as /devices/virtual/input/input92 01:52:13 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x300}, 0xfe4f) 01:52:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x40049409, 0x0) [ 713.558937] input: syz1 as /devices/virtual/input/input93 01:52:14 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x3}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:14 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x104}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) 01:52:14 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 713.948290] input: syz1 as /devices/virtual/input/input94 01:52:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = gettid() tkill(r4, 0x1000000000016) sendmsg$AUDIT_SET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2020}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x34, 0x3e9, 0x20, 0x70bd2d, 0x25dfdbfc, {0x0, 0x1, 0x2, r4, 0x8, 0x2, 0x2, 0x0, 0x10000}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x8804}, 0x4000000) r5 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r5, 0xc008551b, &(0x7f0000000380)=ANY=[@ANYBLOB="040000001800000c018000001bf2000000100000020000000202000000000000df77984cca94e678da0fb036101713ed23bd67fdde1b41323ede412da4b4be3f721349eb021c6b385704de6ba81c62ecd740170004c0e76fcf9959b95807a7a54d40453a783d3081bc5cf0348f9617467c36ba44cb427f1e90e60a9287c2c898eb6c2a909393eac79747ff99663fae9012667ce148968252a09d23da31baaa333ea7b0a6d182d5ef122acf780d590a442f1c167eb827d8ca0f3bc08f7bc6e7a54921fa2c711e1e2f7ecba20e776e9385ead5c8b5e0573cd0b7668301e453c3b2e4037d32e928574012a8595535c3d7108f237b3f0ce5cb22e94ea1306e14000000000000000000000000003349fd8b92a5129cfdeb10b5d7de35ae8e478e51a4352eb55d4ea3bcb3567bc44b2731d245655e8d712b9667ac03289558f81230ab514c0888b511117c8318b9757096b82a8f970693b4271ee55bcd62a6931f59c81a13461873e456f55e9e2587cfe4535c16ecd80651064d393c71e996c36c9643581b97219b644ea0a032963f177ef787c499da03c6f4dfba5759a210041deaa0e335faf5a011ca2c5736a93c471ad31685b8e0a61548d43e1d757a640d4f98"]) 01:52:14 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x500}, 0xfe4f) 01:52:14 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x105}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) [ 714.210182] input: syz1 as /devices/virtual/input/input95 01:52:14 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x40086602, 0x0) 01:52:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000040)={0x2, 'batadv_slave_1\x00', {0x9}, 0x800}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r6) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) recvfrom$packet(0xffffffffffffffff, &(0x7f0000000100)=""/202, 0xca, 0x40006002, &(0x7f0000000200)={0x11, 0xc, r9, 0x1, 0x1}, 0x14) r10 = gettid() tkill(r10, 0x1000000000016) r11 = gettid() tkill(r11, 0x1000000000016) r12 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r13 = dup(r12) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0x400200) pipe(&(0x7f0000000280)={0xffffffffffffffff}) kcmp$KCMP_EPOLL_TFD(r10, r11, 0x7, 0xffffffffffffffff, &(0x7f0000000380)={r13, r14, 0xf9e}) epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000080)={0x50000000}) [ 714.637901] input: syz1 as /devices/virtual/input/input96 01:52:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x40087602, 0x0) 01:52:15 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x4}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:15 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x1100}, 0xfe4f) 01:52:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 01:52:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$netlink(0x10, 0x3, 0x15) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080)='l2tp\x00') sendmsg$L2TP_CMD_NOOP(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r4, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x1a076eeb}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e20}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008004}, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:15 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x106}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 715.252563] input: syz1 as /devices/virtual/input/input97 [ 715.299948] audit: type=1400 audit(1582941135.704:168): avc: denied { create } for pid=17826 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 715.405881] audit: type=1400 audit(1582941135.744:169): avc: denied { write } for pid=17826 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 01:52:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) 01:52:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x107}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x1200}, 0xfe4f) 01:52:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$P9_RXATTRWALK(r4, &(0x7f0000000040)={0xf, 0x1f, 0x2, 0x100000001}, 0xf) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) [ 715.777446] input: syz1 as /devices/virtual/input/input99 01:52:16 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:16 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x5}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:16 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x108}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x4000, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x40042409, 0x1) ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x800) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_VERSION(r6, 0xc0406400, &(0x7f0000000200)={0x4, 0x8, 0x34990002, 0x5a, &(0x7f0000000500)=""/136, 0x12, &(0x7f00000005c0)=""/33, 0x8d, &(0x7f0000000600)=""/125}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x1400}, 0xfe4f) 01:52:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) 01:52:16 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 716.546425] input: syz1 as /devices/virtual/input/input101 01:52:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) [ 716.662222] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 716.677397] input: syz1 as /devices/virtual/input/input102 [ 716.683218] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 716.732700] CPU: 1 PID: 18104 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 716.740620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.750000] Call Trace: [ 716.752600] dump_stack+0x188/0x20d [ 716.756241] dump_header+0x159/0xa5e [ 716.760001] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 716.765111] ? ___ratelimit+0x59/0x573 [ 716.769016] oom_kill_process.cold+0x10/0x6dc [ 716.773547] ? task_will_free_mem+0x134/0x6d0 [ 716.778073] out_of_memory+0x349/0x1250 [ 716.782066] ? oom_killer_disable+0x270/0x270 [ 716.786583] mem_cgroup_out_of_memory+0x1c7/0x240 [ 716.791461] ? memcg_event_wake+0x210/0x210 [ 716.795826] ? do_raw_spin_unlock+0x171/0x260 [ 716.800324] try_charge+0xe22/0x1300 [ 716.804043] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 716.808896] ? mark_held_locks+0xa6/0xf0 [ 716.812957] ? mem_cgroup_charge_skmem+0x111/0x270 [ 716.817896] mem_cgroup_charge_skmem+0x126/0x270 [ 716.822648] ? mem_cgroup_sk_free+0x80/0x80 [ 716.826968] ? lock_downgrade+0x740/0x740 [ 716.831117] ? iov_iter_advance+0x219/0xe10 [ 716.835465] __sk_mem_raise_allocated+0x543/0x1360 [ 716.840419] __sk_mem_schedule+0x65/0xd0 [ 716.844482] tcp_sendmsg_locked+0x1898/0x2ff0 [ 716.849011] ? tcp_sendpage+0x60/0x60 [ 716.852827] ? mark_held_locks+0xa6/0xf0 [ 716.856887] ? __local_bh_enable_ip+0x159/0x270 [ 716.861574] tcp_sendmsg+0x2b/0x40 [ 716.865115] inet_sendmsg+0x12e/0x590 [ 716.868912] ? ipip_gro_receive+0x100/0x100 [ 716.873226] sock_sendmsg+0xcf/0x120 [ 716.876938] ___sys_sendmsg+0x3e2/0x920 [ 716.880915] ? copy_msghdr_from_user+0x410/0x410 [ 716.885674] ? mark_held_locks+0xf0/0xf0 [ 716.889747] ? lock_downgrade+0x740/0x740 [ 716.893895] ? check_preemption_disabled+0x41/0x280 [ 716.898923] ? find_held_lock+0x2d/0x110 [ 716.902996] ? __might_fault+0x11f/0x1d0 [ 716.907063] ? lock_downgrade+0x740/0x740 [ 716.911223] __sys_sendmmsg+0x195/0x470 [ 716.915203] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 716.919557] ? lock_downgrade+0x740/0x740 [ 716.923719] ? __might_fault+0x192/0x1d0 [ 716.927793] ? _copy_to_user+0xb8/0x100 [ 716.931773] ? put_timespec64+0xcb/0x120 [ 716.935835] ? nsecs_to_jiffies+0x30/0x30 [ 716.939997] ? __x64_sys_clock_gettime+0x165/0x240 [ 716.944937] ? __ia32_sys_clock_settime+0x260/0x260 [ 716.949977] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 716.954754] __x64_sys_sendmmsg+0x99/0x100 [ 716.958985] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 716.963565] do_syscall_64+0xf9/0x620 [ 716.967368] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 716.972553] RIP: 0033:0x45c479 [ 716.975748] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 716.994651] RSP: 002b:00007f5ff65a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 717.002361] RAX: ffffffffffffffda RBX: 00007f5ff65aa6d4 RCX: 000000000045c479 [ 717.009625] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 717.016890] RBP: 000000000076c060 R08: 0000000000000000 R09: 0000000000000000 [ 717.024188] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff 01:52:17 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xa9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 717.031450] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076c06c 01:52:17 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x1500}, 0xfe4f) [ 717.203833] input: syz1 as /devices/virtual/input/input103 [ 717.223328] Task in /syz1 killed as a result of limit of /syz1 01:52:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x2000000400200) ioctl$UI_GET_VERSION(r4, 0x8004552d, &(0x7f0000000040)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r5) r6 = fcntl$dupfd(r5, 0x406, r3) r7 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r7, &(0x7f0000000140)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e24, 0x0, @empty}}, 0x24) sendmmsg(r7, &(0x7f0000005c00)=[{{0x0, 0xfffffffffffffd95, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000001001000001000000ec80000000a025a5906782ace162e1469a4000000000"], 0x18}}], 0x1, 0x0) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r7, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="083c1fe90000f05a396ed3bd18c9492a0c091a1e9a2f372094e79bdce9e68e9b22e2ea0506424d2ba1eb96dc3756e3e4dc296e5c42bd5192d7776d938ae4bf20eac92fe4f990131072da3abd12fd2840d86ff90437e06a348a355c1b769d8f64f7eaa0dc4f02322de5c448f54fb56e7c5f643815212c82bfaa990d694a08f9f1a9a989dba1e83278d4fa0d063d8c25fbc3a75c7939b5cf2abed486f11ca99af422be3dd5bc569d751502", @ANYRES16=r8, @ANYBLOB="04002dbd7000fbdb27d0189dbcedb2ec3fca26df250100000020ea227e284100000010001375"], 0x3}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmsg$TIPC_CMD_GET_MAX_PORTS(r6, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r8, 0x4, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) [ 717.288327] memory: usage 307080kB, limit 307200kB, failcnt 4010 [ 717.350787] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 717.383444] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 717.394533] Memory cgroup stats for /syz1: cache:0KB rss:88KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:208KB inactive_file:0KB active_file:0KB unevictable:0KB 01:52:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x109}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 717.456727] Memory cgroup out of memory: Kill process 18082 (syz-executor.1) score 1107 or sacrifice child [ 717.469180] Killed process 18104 (syz-executor.1) total-vm:74964kB, anon-rss:196kB, file-rss:35840kB, shmem-rss:0kB [ 717.482525] oom_reaper: reaped process 18104 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 01:52:18 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x6}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000040)={0x6000, 0x100000}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 717.584757] input: syz1 as /devices/virtual/input/input104 01:52:18 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xaa}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 01:52:18 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x1600}, 0xfe4f) 01:52:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10a}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x80086601, 0x0) [ 717.865335] input: syz1 as /devices/virtual/input/input105 01:52:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x80087601, 0x0) [ 718.227472] input: syz1 as /devices/virtual/input/input106 01:52:18 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xab}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:18 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x1f00}, 0xfe4f) 01:52:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10b}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 718.475292] input: syz1 as /devices/virtual/input/input107 01:52:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) [ 718.826697] input: syz1 as /devices/virtual/input/input108 01:52:19 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x7}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fcntl$getflags(r0, 0x408) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_GET_NR_MMU_PAGES(r4, 0xae45, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) 01:52:19 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:52:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10c}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:19 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xac}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 719.034771] input: syz1 as /devices/virtual/input/input109 01:52:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) 01:52:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x8000, 0x0) ioctl$UI_SET_FFBIT(r3, 0x4004556b, 0x30) 01:52:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) [ 719.429311] input: syz1 as /devices/virtual/input/input110 01:52:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 01:52:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x2}, 0xfe4f) 01:52:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f000001b000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x34}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 719.720212] input: syz1 as /devices/virtual/input/input111 [ 720.114870] input: syz1 as /devices/virtual/input/input112 01:52:20 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x8}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 01:52:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, &(0x7f0000000040)="f4660f63f2c4c221df5ebc660f3882210fc7797d0f01f666b83a018ec0660f38803bb9d90a0000b800000080ba000000000f30b8040000000f23d00f21f835000000040f23f8", 0x46}], 0x1, 0x8, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ca, 0x2], 0x0, 0x200000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:20 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10d}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:20 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xad}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x3}, 0xfe4f) [ 720.386434] input: syz1 as /devices/virtual/input/input113 [ 720.447257] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 01:52:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) [ 720.489520] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 720.525618] CPU: 1 PID: 18880 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 720.533516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 720.542875] Call Trace: [ 720.545473] dump_stack+0x188/0x20d [ 720.549113] dump_header+0x159/0xa5e [ 720.552893] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 720.558013] ? ___ratelimit+0x59/0x573 [ 720.561912] oom_kill_process.cold+0x10/0x6dc [ 720.566425] ? task_will_free_mem+0x134/0x6d0 [ 720.570937] out_of_memory+0x349/0x1250 [ 720.574939] ? oom_killer_disable+0x270/0x270 [ 720.579481] mem_cgroup_out_of_memory+0x1c7/0x240 [ 720.584331] ? memcg_event_wake+0x210/0x210 [ 720.588684] ? do_raw_spin_unlock+0x171/0x260 [ 720.593211] try_charge+0xe22/0x1300 [ 720.596965] ? __kmalloc_node_track_caller+0x38/0x70 [ 720.602078] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 720.606956] ? rcu_read_lock_sched_held+0x10a/0x130 [ 720.611979] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 720.617292] ? mark_held_locks+0xa6/0xf0 [ 720.621393] ? mem_cgroup_charge_skmem+0x111/0x270 [ 720.626330] mem_cgroup_charge_skmem+0x126/0x270 [ 720.631101] ? mem_cgroup_sk_free+0x80/0x80 [ 720.635442] ? __alloc_skb+0x3ad/0x5b0 [ 720.639343] __sk_mem_raise_allocated+0x543/0x1360 [ 720.644283] __sk_mem_schedule+0x65/0xd0 [ 720.648348] tcp_sendmsg_locked+0x1898/0x2ff0 [ 720.652892] ? tcp_sendpage+0x60/0x60 [ 720.656699] ? mark_held_locks+0xa6/0xf0 [ 720.660798] ? __local_bh_enable_ip+0x159/0x270 [ 720.665476] tcp_sendmsg+0x2b/0x40 [ 720.669027] inet_sendmsg+0x12e/0x590 [ 720.672834] ? ipip_gro_receive+0x100/0x100 [ 720.677161] sock_sendmsg+0xcf/0x120 [ 720.680878] ___sys_sendmsg+0x3e2/0x920 [ 720.684875] ? copy_msghdr_from_user+0x410/0x410 [ 720.689647] ? mark_held_locks+0xf0/0xf0 [ 720.693713] ? lock_downgrade+0x740/0x740 [ 720.697875] ? check_preemption_disabled+0x41/0x280 [ 720.702961] ? find_held_lock+0x2d/0x110 [ 720.707083] ? __might_fault+0x11f/0x1d0 [ 720.711163] ? lock_downgrade+0x740/0x740 [ 720.715357] __sys_sendmmsg+0x195/0x470 [ 720.719360] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 720.723689] ? lock_downgrade+0x740/0x740 [ 720.727879] ? __might_fault+0x192/0x1d0 [ 720.731968] ? _copy_to_user+0xb8/0x100 [ 720.735999] ? put_timespec64+0xcb/0x120 [ 720.740063] ? nsecs_to_jiffies+0x30/0x30 [ 720.744263] ? __x64_sys_clock_gettime+0x165/0x240 [ 720.749250] ? __ia32_sys_clock_settime+0x260/0x260 [ 720.754324] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 720.759101] __x64_sys_sendmmsg+0x99/0x100 [ 720.763338] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 720.767945] do_syscall_64+0xf9/0x620 [ 720.771755] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 720.776958] RIP: 0033:0x45c479 [ 720.780151] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 720.799065] RSP: 002b:00007f5ff65ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 720.806775] RAX: ffffffffffffffda RBX: 00007f5ff65ec6d4 RCX: 000000000045c479 [ 720.814049] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 720.821333] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 720.828620] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 720.835887] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:52:21 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xae}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 720.912368] Task in /syz1 killed as a result of limit of /syz1 [ 720.996062] memory: usage 307176kB, limit 307200kB, failcnt 4022 [ 721.002272] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 721.054639] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 721.063724] Memory cgroup stats for /syz1: cache:0KB rss:212KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:160KB inactive_file:0KB active_file:0KB unevictable:0KB 01:52:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) [ 721.223078] Memory cgroup out of memory: Kill process 18878 (syz-executor.1) score 1103 or sacrifice child 01:52:21 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x4}, 0xfe4f) [ 721.283207] Killed process 18878 (syz-executor.1) total-vm:74832kB, anon-rss:152kB, file-rss:35836kB, shmem-rss:0kB [ 721.313296] oom_reaper: reaped process 18878 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB [ 721.328847] input: syz1 as /devices/virtual/input/input115 01:52:21 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10e}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 721.537744] syz-executor.1 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 721.564666] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 721.570165] CPU: 1 PID: 14905 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 721.578053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.587402] Call Trace: [ 721.590020] dump_stack+0x188/0x20d [ 721.593654] dump_header+0x159/0xa5e [ 721.597370] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 721.602473] ? ___ratelimit+0x59/0x573 [ 721.606363] oom_kill_process.cold+0x10/0x6dc [ 721.610861] ? task_will_free_mem+0x134/0x6d0 [ 721.615384] out_of_memory+0x349/0x1250 [ 721.619362] ? oom_killer_disable+0x270/0x270 [ 721.623863] mem_cgroup_out_of_memory+0x1c7/0x240 [ 721.628728] ? memcg_event_wake+0x210/0x210 [ 721.633058] ? do_raw_spin_unlock+0x171/0x260 [ 721.637552] try_charge+0xe22/0x1300 [ 721.641272] ? should_fail+0x142/0x7bc [ 721.645163] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 721.650008] ? __isolate_free_page+0x4c0/0x4c0 [ 721.654601] ? rcu_read_lock_sched_held+0x10a/0x130 [ 721.659617] ? __alloc_pages_nodemask+0x5d1/0x6a0 [ 721.664460] memcg_kmem_charge_memcg+0x7b/0x150 [ 721.669130] ? memcg_kmem_put_cache+0xb0/0xb0 [ 721.673620] ? kmem_cache_alloc_node+0xe7/0x730 [ 721.678288] ? cache_grow_begin+0x580/0x8a0 [ 721.682624] cache_grow_begin+0x3ed/0x8a0 [ 721.686778] fallback_alloc+0x205/0x2d0 [ 721.690758] kmem_cache_alloc_node+0xe7/0x730 [ 721.695258] ? _raw_spin_unlock_irq+0x24/0x80 [ 721.699766] copy_process.part.0+0x1d04/0x7a60 [ 721.704352] ? mark_held_locks+0xf0/0xf0 [ 721.708419] ? mark_held_locks+0xf0/0xf0 [ 721.712488] ? __cleanup_sighand+0x60/0x60 [ 721.716728] ? lock_downgrade+0x740/0x740 [ 721.720893] ? __might_fault+0x192/0x1d0 [ 721.724957] _do_fork+0x22f/0xf40 [ 721.728411] ? fork_idle+0x1e0/0x1e0 [ 721.732128] ? __x64_sys_clock_gettime+0x165/0x240 [ 721.737053] ? __ia32_sys_clock_settime+0x260/0x260 [ 721.742070] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 721.746841] ? trace_hardirqs_off_caller+0x55/0x210 [ 721.751874] ? do_syscall_64+0x21/0x620 [ 721.755869] do_syscall_64+0xf9/0x620 [ 721.759689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 721.764891] RIP: 0033:0x45aa4a [ 721.768081] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 721.786978] RSP: 002b:00007fff9a822b70 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 721.794692] RAX: ffffffffffffffda RBX: 00007fff9a822b70 RCX: 000000000045aa4a [ 721.801979] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 721.809249] RBP: 00007fff9a822bb0 R08: 0000000000000001 R09: 0000000001484940 [ 721.816530] R10: 0000000001484c10 R11: 0000000000000246 R12: 0000000000000001 [ 721.823792] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff9a822c00 01:52:22 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x5}, 0xfe4f) [ 721.971303] input: syz1 as /devices/virtual/input/input117 [ 721.997190] Task in /syz1 killed as a result of limit of /syz1 [ 722.005340] memory: usage 307400kB, limit 307200kB, failcnt 4102 [ 722.012997] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 722.020512] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 722.027107] Memory cgroup stats for /syz1: cache:0KB rss:212KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:48KB inactive_file:0KB active_file:0KB unevictable:0KB [ 722.047299] Memory cgroup out of memory: Kill process 14905 (syz-executor.1) score 117 or sacrifice child [ 722.057443] Killed process 14905 (syz-executor.1) total-vm:74568kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB [ 722.069191] oom_reaper: reaped process 14905 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 01:52:22 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x9}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x2) 01:52:22 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xaf}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x3) [ 722.403411] input: syz1 as /devices/virtual/input/input118 01:52:22 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x11}, 0xfe4f) [ 722.660073] input: syz1 as /devices/virtual/input/input119 [ 722.927660] input: syz1 as /devices/virtual/input/input120 01:52:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x4) 01:52:23 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x12}, 0xfe4f) 01:52:23 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x5) [ 723.230262] input: syz1 as /devices/virtual/input/input121 [ 723.567361] input: syz1 as /devices/virtual/input/input122 01:52:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10f}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:24 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x14}, 0xfe4f) 01:52:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x6) 01:52:24 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0xa}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:24 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 723.852425] input: syz1 as /devices/virtual/input/input123 01:52:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x7) 01:52:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x110}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x8) 01:52:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0x8000, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f00000007c0)=""/4096) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCSIG(r3, 0x40045436, 0x1e) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r5, 0x894c, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r6, 0x894c, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r7, 0x894c, 0x0) r8 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) sendmsg$IPVS_CMD_DEL_SERVICE(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYRES64, @ANYPTR64, @ANYPTR=&(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYPTR=&(0x7f0000000400)=ANY=[@ANYRES64=r5, @ANYRESOCT=r4, @ANYBLOB="61b33354e0b6c83f5f908f09b94bf5f13ddc8d0da4c136719c10ba88af2c3713b97b33edf5963742dffd7d6d4bb8990a8cefae7e18c2166a6c8b5d2e3080279f0ba8aa4eb6c0fad700b28fbf4db3f00dc475330d79c773651b780cd033be6cdd619dfad703b2f5833ee9f067d0bde45a6a7a6ef93be9135c79e7d5dc511e3abd0a8f52129db0dd9c0da64ea078d24d11c0a752724d41820635bc90361e10975a3937e9fb4b3e0b53dca3ab8f244578fd0028317fb2736796114a00"/197, @ANYRESDEC=r6, @ANYRES16=r7], @ANYBLOB="7fd2122c82b27502caa5b64eb739d123352fe5a4d2de2c731872dbdfbb4c494a7e9c720170888fce4886e0a2461535999e96742f1d4a65583b66f099c5960a512fc9f0016844bc1a55e6a23964a1ba61029f637bb67e0437b69406670000"], @ANYPTR=&(0x7f0000000140)=ANY=[], @ANYPTR], 0x5}}, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000340)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r8, 0x4008642b, &(0x7f0000000500)={r9}) ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f00000001c0)={r9, 0x9, &(0x7f00000003c0)=[0xadee, 0x7f, 0x101, 0x25a318e3, 0x27, 0xe0000000, 0x1, 0xe24b, 0x1a63], &(0x7f0000000100)=[0x3, 0x9], 0x34, 0x2, 0x6, &(0x7f0000000140)=[0x3b2, 0x7], &(0x7f0000000180)=[0x6, 0x2, 0x1ff]}) r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e0defe0f22e0b0643b3b0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x31}], 0x1, 0x0, 0x0, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r11, 0x4090ae82, &(0x7f00000002c0)={[0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1f]}) ioctl$KVM_RUN(r11, 0xae80, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000000280)=0x81, 0x4) ioctl$KVM_RUN(r11, 0xae80, 0x0) [ 724.287733] input: syz1 as /devices/virtual/input/input124 01:52:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x9) 01:52:24 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x15}, 0xfe4f) [ 724.680233] input: syz1 as /devices/virtual/input/input125 01:52:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xa) 01:52:25 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x16}, 0xfe4f) 01:52:25 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VT_GETMODE(r4, 0x5601, &(0x7f0000000200)) r5 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$VIDIOC_QUERY_EXT_CTRL(r5, 0xc0e85667, &(0x7f0000000100)={0x40000000, 0x100, "c0c6e2a7e70ff56f1141c80c6497494b08753b7354ffd092a122d7f0fdeb1716", 0x2, 0x100, 0x1ff, 0x844234d, 0x5, 0x2, 0x7, 0x145, [0x0, 0x2, 0x7, 0x9]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000640)="b805000000b92f0000000f01d90f00192666460f383afdb9800000c00f3235000800000f300f20e035000200000f22e066baf80cb838758e89ef66bafc0c66edb9800000c00f3235004000000f3066baf80cb80f65698bef66bafc0cecb9df080000b80e49ca25ba412113b70f30f30f5e11", 0x72}], 0x1, 0x49, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0xaf7, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) socket$inet(0x2, 0xa, 0x1) getsockname$l2tp6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000080)=0x20) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0x210500, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) sendmsg$nl_generic(r8, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000540)={&(0x7f00000006c0)={0x29c, 0x38, 0x800, 0x70bd25, 0x25dfdbff, {0x1}, [@nested={0x20d, 0x60, 0x0, 0x1, [@typed={0x13, 0x27, 0x0, 0x0, @binary="0dd24744b862efe70cc97e91f9a13e"}, @typed={0x8, 0x24, 0x0, 0x0, @ipv4=@rand_addr=0x9}, @generic="18961bf53a994de505c767c050370bfb4b5bcfbe6d8a9ccdf15c1f635a88ade70b8ea1ddd0af88f6da59490d0ff5bb56da5fc42b1cfc388838e46e90146f", @generic="53db24cb15e156be646f9b6db4971f3dbaf529151b078289fb3a5a298f154587d303dfa965adf259c69dbb671584f385c2426b7490e5522ed95be6424f5debccc0831ef714657893f35ab572d9cb45fe6e066900221f05ff755d6172c6f0037e22ee7ade80e05c24f7409209efeb85aadebf466db220e799951d1e260c1f47af81f4b62582e6acef78d126c5229b49b796cf8ea8213244caab572250dfc1a0", @typed={0x5, 0x4a, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0x66, 0x0, 0x0, @ipv4=@rand_addr=0xffffff80}, @typed={0xc, 0x81, 0x0, 0x0, @u64=0x138}, @typed={0xf1, 0x30, 0x0, 0x0, @binary="fd6942bae53c10a7958ae04c578096980a53ad9ec30107bfa81826a7292fee07efeaff1f3b157118e6f6a967644961b8718aea973b110993d59c44e59326ff0b429fecb672f3f6aba1615f1e687e4202bb5bd0f62c5a8f33e151271ad60d82844f1eff34523718b88e252ed2b1068632e32e42a877069d00994505d335bda7b148f24bc31b72c4e265c69d6dfbae17068524a12974f446307355e4cebcd0f145dbeeb3120f14bbf02ed3ac5a1fbaf98bb854188cf8fd197e32f5ef0ce94dd20497e950d72e45bbd4a2add5dab9568566185064d94d151b3d9ce920fd85bfa0a68edb1d42f565d9eb7adb6613d1"}]}, @generic="154b2212f3324ad6d2a455ee4640de55c13e91661e9b023c67e3bb84b33ad569cea1427d01ef5d7205761b02f84058d56f1e33a2ab202b92959f487fbcc7924fdeb762562acfac1ae7b31b2e3a8c8f35efd8cf25ab7e74cfba3a6bbdc633d04bafcdc4a2afdf3704e04a04d0ce72b6ba663fee45c9"]}, 0x29c}, 0x1, 0x0, 0x0, 0x4000}, 0x40048cc) [ 724.957679] input: syz1 as /devices/virtual/input/input127 01:52:26 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x10}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:26 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x300}, 0xfe4f) 01:52:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xb) [ 725.663557] input: syz1 as /devices/virtual/input/input129 [ 726.000565] input: syz1 as /devices/virtual/input/input130 [ 727.163499] IPVS: ftp: loaded support on port[0] = 21 [ 727.251662] chnl_net:caif_netlink_parms(): no params data found [ 727.306900] bridge0: port 1(bridge_slave_0) entered blocking state [ 727.313299] bridge0: port 1(bridge_slave_0) entered disabled state [ 727.320649] device bridge_slave_0 entered promiscuous mode [ 727.329092] bridge0: port 2(bridge_slave_1) entered blocking state [ 727.335589] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.342649] device bridge_slave_1 entered promiscuous mode [ 727.364031] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 727.374263] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 727.395329] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 727.402677] team0: Port device team_slave_0 added [ 727.409094] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 727.417827] team0: Port device team_slave_1 added [ 727.432516] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 727.438947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 727.464332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 727.477463] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 727.483696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 727.508943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 727.520385] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 727.528071] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 727.619918] device hsr_slave_0 entered promiscuous mode [ 727.665025] device hsr_slave_1 entered promiscuous mode [ 727.705764] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 727.712869] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 727.792936] bridge0: port 2(bridge_slave_1) entered blocking state [ 727.799357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 727.806108] bridge0: port 1(bridge_slave_0) entered blocking state [ 727.812545] bridge0: port 1(bridge_slave_0) entered forwarding state [ 727.860645] 8021q: adding VLAN 0 to HW filter on device bond0 [ 727.872622] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 727.882538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 727.890799] bridge0: port 1(bridge_slave_0) entered disabled state [ 727.908888] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.921032] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 727.927522] 8021q: adding VLAN 0 to HW filter on device team0 [ 727.938654] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 727.946354] bridge0: port 1(bridge_slave_0) entered blocking state [ 727.952808] bridge0: port 1(bridge_slave_0) entered forwarding state [ 727.966312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 727.973967] bridge0: port 2(bridge_slave_1) entered blocking state [ 727.980356] bridge0: port 2(bridge_slave_1) entered forwarding state [ 728.000488] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 728.008514] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 728.021127] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 728.036164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 728.043779] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 728.053866] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 728.060630] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 728.076708] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 728.084307] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 728.091325] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 728.103810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 728.156516] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 728.169708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 728.222041] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 728.229713] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 728.236879] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 728.248474] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 728.255661] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 728.263243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 728.271817] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 728.279460] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 728.288719] device veth0_vlan entered promiscuous mode [ 728.303402] device veth1_vlan entered promiscuous mode [ 728.309269] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 728.318377] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 728.335937] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 728.347327] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 728.354169] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 728.362072] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 728.370269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 728.378271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 728.388594] device veth0_macvtap entered promiscuous mode [ 728.396065] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 728.405911] device veth1_macvtap entered promiscuous mode [ 728.412055] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 728.421100] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 728.432133] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 728.441198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.451104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.460352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.470130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.479825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.489575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.498847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.508971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.518424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.528685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.538152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.547992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.557227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.567009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.576201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 728.586179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.596836] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 728.603762] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 728.611389] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 728.619426] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 728.627262] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 728.635516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 728.647566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.657683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.666968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.676768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.687257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.697046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.706261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.716155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.725303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.735074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.744204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.753953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.763080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.773380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.782557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 728.792313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 728.802731] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 728.809763] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 728.818119] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 728.826359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 729.062575] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 01:52:29 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x111}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x102c0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:29 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xc) 01:52:29 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x500}, 0xfe4f) 01:52:29 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x11}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 729.143212] input: syz1 as /devices/virtual/input/input131 01:52:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xd) 01:52:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r5, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r9) ioctl$DRM_IOCTL_GET_CLIENT(r7, 0xc0286405, &(0x7f0000000180)={0x3ff, 0x2, {0xffffffffffffffff}, {r9}, 0x0, 0xb33}) r11 = getegid() fchownat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r10, r11, 0x1000) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x76, &(0x7f0000000000)={r12, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000040)={r12, 0x5, 0x3, [0x1f, 0x6, 0x9]}, &(0x7f0000000080)=0xe) setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000100)={r13, 0x1, 0x0, 0x9}, 0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 729.589021] input: syz1 as /devices/virtual/input/input132 01:52:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe) 01:52:30 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x1100}, 0xfe4f) 01:52:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xf) [ 729.822588] input: syz1 as /devices/virtual/input/input133 01:52:30 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x112}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x78, 0x949bff60fe8999ce) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_AGP_ALLOC(r6, 0xc0206434, &(0x7f0000000080)={0x6, 0x0, 0x2, 0xfff}) ioctl$DRM_IOCTL_SG_FREE(r4, 0x40106439, &(0x7f0000000100)={0x2, r7}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:30 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x28}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x10) [ 730.288220] input: syz1 as /devices/virtual/input/input134 01:52:30 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:30 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x1200}, 0xfe4f) 01:52:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = gettid() tkill(r2, 0x1000000000016) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000040)={0x100, 0x2, {r2}, {}, 0x7ff, 0x2}) rt_sigqueueinfo(r3, 0x3b, &(0x7f0000000100)={0x3c, 0x2, 0x7ff}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:52:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x11) 01:52:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x113}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 730.528505] input: syz1 as /devices/virtual/input/input135 01:52:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x12) [ 730.996805] input: syz1 as /devices/virtual/input/input136 01:52:31 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x114}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:31 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x1400}, 0xfe4f) 01:52:31 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x2c}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x13) [ 731.219524] input: syz1 as /devices/virtual/input/input137 01:52:31 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x1500}, 0xfe4f) 01:52:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x115}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:31 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 731.465579] input: syz1 as /devices/virtual/input/input139 [ 731.699963] input: syz1 as /devices/virtual/input/input140 01:52:33 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x1600}, 0xfe4f) 01:52:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x14) 01:52:34 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x116}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:34 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x30}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000040)={0x7, 0x93db, {}, {r4}, 0x55c, 0x5}) setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000100)={{{@in=@dev={0xac, 0x14, 0x14, 0x16}, @in=@empty, 0x4e23, 0x0, 0x4e21, 0xff2, 0xa, 0x0, 0x110, 0x33, 0x0, r5}, {0x5, 0x2, 0xffffffffffff379b, 0x7, 0x1, 0x7, 0x3f, 0x2}, {0x3, 0x6, 0xf66, 0xb61a}, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1}, {{@in6=@rand_addr="1ada998d08dd795fbfe0f2e7ec0da8db", 0x4d5, 0x33}, 0x2, @in6=@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x34ff, 0x3, 0x2, 0x40, 0x101, 0xffff0000, 0x81}}, 0xe8) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 733.643032] input: syz1 as /devices/virtual/input/input141 01:52:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x15) 01:52:34 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x1f00}, 0xfe4f) 01:52:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendto$rose(r3, &(0x7f00000001c0)="6483fcccabcf14bb1407cdf0137429", 0xf, 0x400c080, &(0x7f0000000200)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast]}, 0x40) r4 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_GET_MSR_INDEX_LIST(r4, 0xc004ae02, &(0x7f0000000180)=ANY=[@ANYBLOB="020000000000000000000001"]) r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa974) ioctl$TIOCMBIC(r5, 0x5417, &(0x7f0000000140)=0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) accept4$phonet_pipe(r8, &(0x7f0000000280), &(0x7f0000000380)=0x10, 0x800) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r9 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r9, 0x8982, &(0x7f0000000100)={0x8, 'netdevsim0\x00', {'bond_slave_1\x00'}, 0x5}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0xffffffffffff1809]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) [ 733.945010] input: syz1 as /devices/virtual/input/input143 01:52:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x16) 01:52:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x17) [ 734.260277] input: syz1 as /devices/virtual/input/input144 01:52:34 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xb9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:34 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xfe4f) 01:52:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x117}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x280000, 0x0) ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000000080)=0x8) 01:52:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x18) 01:52:35 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x33}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 734.598674] input: syz1 as /devices/virtual/input/input145 01:52:35 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xba}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x118}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x19) [ 734.938001] input: syz1 as /devices/virtual/input/input146 01:52:35 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x2}, 0xfe4f) 01:52:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000600)={0x1, @pix_mp={0x0, 0x0, 0x0, 0x7}}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:52:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1a) [ 735.226198] input: syz1 as /devices/virtual/input/input147 01:52:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1b) 01:52:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_GET_API_VERSION(r4, 0xae00, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 735.589595] input: syz1 as /devices/virtual/input/input148 01:52:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1c) 01:52:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x119}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xbb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:36 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x3a}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:36 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x3}, 0xfe4f) 01:52:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1d) 01:52:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11a}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xbc}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ocfs2_control\x00', 0x420e80, 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', r3, &(0x7f00000001c0)='./file0\x00') ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$MON_IOCX_MFETCH(r7, 0xc0109207, &(0x7f0000000280)={&(0x7f0000000200)=[0x0, 0x0, 0x0], 0x3, 0x6}) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000000100)=[@in={0x2, 0x4e23, @rand_addr=0x2}, @in6={0xa, 0x4e24, 0x100, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @in6={0xa, 0x4e23, 0x5, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x7fffffff}, @in6={0xa, 0x4e20, 0x0, @remote, 0xffffffe1}, @in6={0xa, 0x4e20, 0xfffffffe, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e22, 0xf9, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8001}, @in={0x2, 0x4e23, @multicast1}], 0xbc) [ 736.262845] input: syz1 as /devices/virtual/input/input149 01:52:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1e) 01:52:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xbd}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:36 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 01:52:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe0) [ 736.638562] input: syz1 as /devices/virtual/input/input150 01:52:37 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x4}, 0xfe4f) [ 736.883043] input: syz1 as /devices/virtual/input/input151 01:52:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x300) [ 737.329376] input: syz1 as /devices/virtual/input/input152 01:52:37 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x3c}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x6, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4ce, 0x0, 0x5, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4], 0x4000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) setsockopt$inet6_tcp_buf(r3, 0x6, 0x1a, &(0x7f0000000480)="750175432fee7ad55981e2fac5c77ee82bd6b3531929921a4ab7b112ee41a30d9b26fceb3baad35704906b97b3d09e16bd55e0ac963b05d847e15d1d76fb64865933de0b1d69c1588ad5ab1179990b7f6b85c9f6f137107a45605c6238671c69d26fd7f77afaaaa3d2511190643ed7223a103f13065b8646c4c711b277c2e1a53a910282918191f3f3bd9affde5d9ffc0c29830dadb10d5ab3d5ab15c49984c794ce655e8982d132bcfdb21fdaca3af026331e2da3a7c4b3d9c882a08d6e8b0592d416f550114ca51b5daec0c51335817ec4815e344be7155052f018694f5d056973003694dd0973c3d77a6d8520699e77", 0xf1) 01:52:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11b}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x3e8) 01:52:37 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xbe}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:37 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x5}, 0xfe4f) [ 737.560787] input: syz1 as /devices/virtual/input/input153 01:52:38 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xbf}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x500) 01:52:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000010000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x34}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x2, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x200100, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000140)={0x0, 0xc6, 0x0, &(0x7f0000000100)=0x401}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x600) [ 738.166951] input: syz1 as /devices/virtual/input/input154 01:52:38 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x11}, 0xfe4f) 01:52:38 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x200000, 0x0) write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0x0, 0x4000000000001, {0x20}}, 0x18) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x4ce]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 738.404969] input: syz1 as /devices/virtual/input/input155 01:52:39 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x88}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x700) 01:52:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11c}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:39 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:39 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x12}, 0xfe4f) 01:52:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000180)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e672ef008b452de000000bad0cf0404beeef30f2af8baa100b000baf80c66b86e9f108866efbafc0ced", 0xfffffffffffffe79}], 0x66f8248efc0ec41, 0x40, 0x0, 0xfffffe24) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhci\x00', 0x4d8880) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r4) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r5) fcntl$dupfd(r4, 0x0, r5) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x10000, 0x0) [ 738.960559] input: syz1 as /devices/virtual/input/input157 01:52:39 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x14}, 0xfe4f) 01:52:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11d}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x900) 01:52:39 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 739.214812] input: syz1 as /devices/virtual/input/input159 01:52:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000040)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0be03f30f2af8aaa148000000ee", 0x35}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xa00) [ 739.661521] input: syz1 as /devices/virtual/input/input160 01:52:40 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0xfc}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0xfffffffffffffffd, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x4ce, 0x80000001, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffd, 0x1], 0x0, 0x200000}) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x45) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000080)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11e}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:40 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x15}, 0xfe4f) 01:52:40 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xb00) [ 740.203843] input: syz1 as /devices/virtual/input/input161 01:52:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xc00) 01:52:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x804040, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xd00) [ 740.607630] input: syz1 as /devices/virtual/input/input162 01:52:41 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x16}, 0xfe4f) [ 740.825993] input: syz1 as /devices/virtual/input/input163 01:52:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe00) 01:52:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11f}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:41 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:41 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xf00) 01:52:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x10201, 0x1, 0xf000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000100)={0x0, 0x1, 0x4, 0x4, 0x4, {r3, r4/1000+10000}, {0x3, 0x1, 0x1, 0x2, 0xde, 0xb5, "f1623876"}, 0x0, 0x2, @offset=0xe15, 0x3, 0x0, r0}) ioctl$USBDEVFS_RESET(r5, 0x5514) setsockopt$inet_mreqsrc(r5, 0x0, 0x26, &(0x7f0000000080)={@empty, @multicast1, @rand_addr=0xffff}, 0xc) [ 741.278362] input: syz1 as /devices/virtual/input/input164 01:52:41 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x300}, 0xfe4f) 01:52:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1100) 01:52:41 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x120}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 741.555042] input: syz1 as /devices/virtual/input/input165 01:52:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1200) 01:52:42 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x8, 0xb5b, 0x7fffffff, 0x80000001, 0x9a}, &(0x7f0000000080)=0x14) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000100)={r4, 0x1}, 0x8) fcntl$dupfd(0xffffffffffffffff, 0x0, r1) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r11 = inotify_init1(0x800) ioctl$INOTIFY_IOC_SETNEXTWD(r11, 0x40044900, 0x5) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x4ce, 0xffffffffffffffff, 0x3], 0x0, 0xa0001}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) 01:52:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1300) [ 742.014869] input: syz1 as /devices/virtual/input/input166 01:52:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1400) 01:52:42 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x2}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$EVIOCSABS2F(r4, 0x401845ef, &(0x7f0000000080)={0x1, 0x910d, 0x8, 0x1, 0x2, 0x9}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r5 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1, 0x40000) fcntl$notify(r5, 0x402, 0x80000006) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x121}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:42 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x500}, 0xfe4f) 01:52:42 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1500) [ 742.444957] input: syz1 as /devices/virtual/input/input167 01:52:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1600) 01:52:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x402040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, 0x182000}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000040)={r4, 0x0, 0x387f84d6, r6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) r10 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) r12 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r12) ioctl$FIDEDUPERANGE(r8, 0xc0189436, &(0x7f0000000100)={0x8, 0x2, 0x7, 0x0, 0x0, [{{r0}, 0x19}, {{r9}, 0x80000001}, {{r11}, 0x2}, {{r4}, 0xfb6}, {{r6}, 0xfffffffffffffffc}, {{r6}, 0x400}, {{r12}, 0x7}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 742.818141] input: syz1 as /devices/virtual/input/input168 01:52:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1700) 01:52:43 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1100}, 0xfe4f) [ 743.065449] input: syz1 as /devices/virtual/input/input169 01:52:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1800) 01:52:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x122}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 743.453204] input: syz1 as /devices/virtual/input/input170 01:52:44 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x3}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:44 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x4]}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet_sctp6_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000080)={0x0, 0x4, 0x2}, 0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000040)=0xd2, 0x4) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000080), 0x2000, 0x1000, 0xa0000000, 0x2}, 0x20) 01:52:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1900) 01:52:44 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1200}, 0xfe4f) 01:52:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x123}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 743.774220] input: syz1 as /devices/virtual/input/input171 01:52:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1a00) 01:52:44 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x124}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1b00) 01:52:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb, 0x4ce]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) [ 744.298750] input: syz1 as /devices/virtual/input/input172 01:52:44 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1400}, 0xfe4f) [ 744.513722] input: syz1 as /devices/virtual/input/input173 [ 744.778873] input: syz1 as /devices/virtual/input/input174 01:52:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x4}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1c00) 01:52:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x34}], 0x1, 0x0, 0x0, 0xfffffc70) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000040)={@empty, 0x5, 0x0, 0x0, 0x16, 0x3, 0x4}, &(0x7f0000000080)=0x20) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000100)={[0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x2000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:45 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:45 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:45 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1500}, 0xfe4f) [ 745.163545] input: syz1 as /devices/virtual/input/input175 01:52:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1d00) 01:52:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/validatetrans\x00', 0x1, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:45 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x2}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:45 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xc9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1e00) 01:52:46 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1600}, 0xfe4f) [ 745.757464] input: syz1 as /devices/virtual/input/input177 01:52:46 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x5}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x4]}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x91, 0x200007, 0x1, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r3, &(0x7f0000000000), &(0x7f00000000c0)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r3, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) r4 = gettid() tkill(r4, 0x1000000000016) fcntl$setownex(r3, 0xf, &(0x7f0000000040)={0x0, r4}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x40, 0x2) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x4c92) 01:52:46 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1f00}, 0xfe4f) 01:52:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x3}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x2000) 01:52:46 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xca}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 746.294594] input: syz1 as /devices/virtual/input/input179 01:52:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x4}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x4000) 01:52:46 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xcb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 746.652459] input: syz1 as /devices/virtual/input/input180 01:52:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe0ff) 01:52:47 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1000000}, 0xfe4f) [ 746.919304] input: syz1 as /devices/virtual/input/input181 01:52:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe803) 01:52:47 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x6}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 747.357674] input: syz1 as /devices/virtual/input/input182 01:52:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc}}, 0x14}, 0x1, 0x0, 0x0, 0x8000000}, 0x40000) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0xe5f6, 0x9}) uname(&(0x7f0000000040)=""/1) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380)='/dev/loop-control\x00', 0x80000, 0x0) ioctl(r4, 0x5d92, &(0x7f00000003c0)="dcc3a5fb5629cf81409d73d36c0fe76f02237d637118456107b50634799ff57ddc3fc490d0136c606bd9c6fa8d6fce6d92831a9997f4047f146d807b6737640ec4a095064b429b2444dd64d721d02a7447603fab88683bbb7647b39a5d3d91d23da8c0028cc222e36c273167a995097d97dc78c0c50ba4c5b37ade70fd3e9f2a68c21d62bd6341eba47bc171db8289cec2af54830b692f74cdc4b370e8c2243cd1a02d9381a060364e54e811cb44b0024aeb0f45d4af85c5ff2a3090effc769a342f51e4dcd488fc22af13590dcf362f749eed963305c3f546308d2406bd00ff0c25204241d55367ab338bed348ecfad") fcntl$getownex(r0, 0x10, &(0x7f0000000100)) 01:52:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x5}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:49 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xcc}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xffe0) 01:52:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x2000000}, 0xfe4f) 01:52:49 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x7}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 749.321105] input: syz1 as /devices/virtual/input/input183 01:52:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff) 01:52:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1000000) [ 749.737821] input: syz1 as /devices/virtual/input/input184 01:52:50 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x3000000}, 0xfe4f) 01:52:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) [ 749.973143] input: syz1 as /devices/virtual/input/input185 01:52:50 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xcd}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x1]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:52:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x7}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x3000000) 01:52:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x4000000) [ 750.440311] input: syz1 as /devices/virtual/input/input186 01:52:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x91, 0x200007, 0x1, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000000), &(0x7f00000000c0)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r2, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) r3 = dup3(r2, r1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x0, 0x2000, &(0x7f0000019000/0x2000)=nil}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd2, &(0x7f0000000100)={{0xa, 0x4e20, 0x4, @local, 0x4}, {0xa, 0x4e24, 0x100, @ipv4={[], [], @multicast2}, 0x3ff}, 0x3, [0x4, 0x80000001, 0x0, 0x0, 0x6, 0x1, 0x0, 0x6]}, 0x5c) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_REINJECT_CONTROL(r6, 0xae71, &(0x7f0000000080)={0x4}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) getgid() ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:52:51 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x8}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x5000000) 01:52:51 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x4000000}, 0xfe4f) 01:52:51 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xce}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x8}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 750.933419] input: syz1 as /devices/virtual/input/input187 01:52:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r1) fcntl$setpipe(r1, 0x407, 0x5) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) getsockname$unix(r3, &(0x7f0000000100), &(0x7f0000000080)=0x6e) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r4) ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000040)={'team_slave_0\x00', {0x2, 0x4e22, @broadcast}}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:52:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x6000000) 01:52:51 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xcf}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x7000000) [ 751.319762] input: syz1 as /devices/virtual/input/input188 01:52:51 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x5000000}, 0xfe4f) 01:52:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x8000000) [ 751.561625] input: syz1 as /devices/virtual/input/input189 01:52:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xa}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:52 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x9}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x9000000) 01:52:52 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:52 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x11000000}, 0xfe4f) 01:52:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) write$FUSE_ENTRY(r4, &(0x7f0000000140)={0x90, 0xffffffffffffffda, 0x5, {0x6, 0x0, 0x1e, 0x8355, 0xffffffff, 0x3, {0x6, 0x3, 0x7, 0x0, 0x2, 0x7fff, 0x7fffffff, 0x6, 0x1, 0x800, 0x36dd9c6, r6, r7, 0x2, 0x5}}}, 0x90) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r8 = userfaultfd(0x80000) fcntl$setstatus(r8, 0x4, 0x40000) ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000040)={0x0, 0x3f, 0x90f, 0x8, 0x0, "bef9d513cc66786cbbf670ab695ae211512c43", 0x20, 0x4}) setsockopt$bt_hci_HCI_FILTER(r4, 0x0, 0x2, &(0x7f0000000200)={0x5, [0x7fffffff, 0x1], 0x4}, 0x10) 01:52:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 752.241398] input: syz1 as /devices/virtual/input/input191 01:52:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xa000000) 01:52:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x10}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000040)=0x6ab8, 0x4) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0) setsockopt$inet6_tcp_TLS_RX(r3, 0x6, 0x2, &(0x7f0000000280)=@gcm_128={{0x304}, "253c9e9147bb1dbc", "0929d6bec0313c5769181eae76c1e8fb", "31d02447", "c20c5f2391af5927"}, 0x28) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) fstatfs(r5, &(0x7f0000000100)=""/224) arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000080)) [ 752.639986] input: syz1 as /devices/virtual/input/input192 01:52:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xb000000) 01:52:53 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x12000000}, 0xfe4f) [ 752.891900] input: syz1 as /devices/virtual/input/input193 01:52:53 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:53 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0xa}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:53 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000040)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:52:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x11}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xc000000) 01:52:53 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:53 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x14000000}, 0xfe4f) [ 753.449422] input: syz1 as /devices/virtual/input/input195 01:52:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000100)={0x59000000, 0x200, 0x7, 0x8, [], [], [], 0x10000, 0x1, 0x3, 0x209, "95c1c28062d44c74bcec3da9eb054fbe"}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$USBDEVFS_GETDRIVER(r6, 0x41045508, &(0x7f0000000380)={0x6, "d0f888299dde40d2e3eb12f2d0a377fe66bad6a65d04d9b55277ccaf0fb0be4149d71219021c9ac16d655985e207f6c1fe3cd38ef5719209be891913baaeaffd6b28813d33e8d4b1d51bba46fb199b471f68274e127f826a8711bf54a1fb721d947588db3be74afe05a5d9cd84231220c78721951a62d24b1d2a373a4287593e4486083c3588e94093fba1c30f3a662404dd764f4ce7e8a8ccab7374dbae08f4eb47211eee1220960e53503394c271c46328bc5962fe612aed3f31da193672b9e790e0b91ecfca16aa8bada4cbc228a00570d3e0cb42c5071810441eff13d262f39e395c2438ae4015f261fcac87a8d8f11eb14f2d64e55e95e825c0e6cfc487"}) 01:52:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xd000000) [ 753.788752] input: syz1 as /devices/virtual/input/input196 01:52:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x15}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:54 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x15000000}, 0xfe4f) 01:52:54 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) semget$private(0x0, 0x1, 0x400) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 754.050680] input: syz1 as /devices/virtual/input/input197 01:52:55 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x10}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe000000) 01:52:55 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x16000000}, 0xfe4f) 01:52:55 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x60}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 754.682096] input: syz1 as /devices/virtual/input/input199 01:52:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xf000000) 01:52:55 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x8b}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x10000000) 01:52:55 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x0, 0x0, 0x1f000000}, 0xfe4f) [ 755.328575] input: syz1 as /devices/virtual/input/input201 01:52:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x11000000) 01:52:56 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xd9}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 755.772786] input: syz1 as /devices/virtual/input/input202 01:52:56 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x11}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x12000000) 01:52:56 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x18) 01:52:56 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1cb}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 756.279202] input: syz1 as /devices/virtual/input/input203 01:52:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x13000000) [ 756.378298] input: syz1 as /devices/virtual/input/input204 01:52:56 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x30) 01:52:56 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 756.624211] input: syz1 as /devices/virtual/input/input205 01:52:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x14000000) [ 756.705429] input: syz1 as /devices/virtual/input/input206 01:52:57 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x48) 01:52:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x15000000) [ 756.958089] input: syz1 as /devices/virtual/input/input207 01:52:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1f4}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:57 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x28}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:52:57 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:57 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x60) 01:52:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x16000000) 01:52:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x240}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 757.609020] input: syz1 as /devices/virtual/input/input209 01:52:58 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xd9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x17000000) [ 757.716929] input: syz1 as /devices/virtual/input/input210 01:52:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x300}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:52:58 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x78) [ 757.994712] input: syz1 as /devices/virtual/input/input211 01:52:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x18000000) [ 758.103695] input: syz1 as /devices/virtual/input/input212 01:52:58 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x90) 01:52:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x19000000) [ 758.408153] input: syz1 as /devices/virtual/input/input213 [ 758.477391] input: syz1 as /devices/virtual/input/input214 01:53:00 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x2c}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:00 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x3e8}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1a000000) 01:53:00 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa8) 01:53:00 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xda}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 759.854018] input: syz1 as /devices/virtual/input/input215 [ 759.942090] input: syz1 as /devices/virtual/input/input216 01:53:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1b000000) 01:53:00 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xc0) [ 760.162245] input: syz1 as /devices/virtual/input/input217 [ 760.257523] input: syz1 as /devices/virtual/input/input218 01:53:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1c000000) 01:53:00 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xd8) [ 760.482820] input: syz1 as /devices/virtual/input/input219 01:53:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1d000000) 01:53:01 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xf0) 01:53:01 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x500}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 760.754687] input: syz1 as /devices/virtual/input/input221 [ 760.847370] input: syz1 as /devices/virtual/input/input222 01:53:01 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x594}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:01 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xdb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1e000000) 01:53:01 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x108) 01:53:01 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x30}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 761.314931] input: syz1 as /devices/virtual/input/input223 01:53:01 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x120) 01:53:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x20000000) [ 761.563247] input: syz1 as /devices/virtual/input/input225 01:53:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) [ 761.656999] input: syz1 as /devices/virtual/input/input226 01:53:02 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x138) [ 761.860119] input: syz1 as /devices/virtual/input/input227 01:53:02 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xdc}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe0ffffff) 01:53:02 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x700}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:02 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x150) 01:53:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe8030000) [ 762.131119] input: syz1 as /devices/virtual/input/input229 [ 762.227869] input: syz1 as /devices/virtual/input/input230 01:53:02 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x168) [ 762.425706] input: syz1 as /devices/virtual/input/input231 01:53:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff) 01:53:03 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x33}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:03 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x180) 01:53:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xa00}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:03 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xdd}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xffff8000) [ 763.529375] input: syz1 as /devices/virtual/input/input233 01:53:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xfffffdfd) [ 763.627223] input: syz1 as /devices/virtual/input/input234 01:53:04 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x198) [ 763.882604] input: syz1 as /devices/virtual/input/input235 01:53:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xffffffe0) [ 763.980063] input: syz1 as /devices/virtual/input/input236 01:53:04 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x1b0) 01:53:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x200000003) [ 764.197138] input: syz1 as /devices/virtual/input/input237 01:53:04 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x1c8) 01:53:04 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xde}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 764.485723] input: syz1 as /devices/virtual/input/input239 01:53:05 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x3a}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xb28}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000) 01:53:05 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x1e0) 01:53:05 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket(0x27, 0x6, 0x9) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x2, 0x8001, 0x8001, 0x6}, 0x10) dup(r0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = dup3(r0, r3, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xffffffa2, 0x0, 0x5, 0x16, 0x0}) ioctl$DRM_IOCTL_MODE_MAP_DUMB(r4, 0xc01064b3, &(0x7f0000000100)={r5}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000001d000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, &(0x7f0000000040)="2e0f01b4ba01000000650f01cf66baf80cb848be3787ef66bafc0cedc744240000000000c7442402a33d0000c7442406000000000f011c24c4e1845c100f1a62009a00000000990066b83f000f00d02e2e36f30f2d8cf7d5000000df434d", 0x5e}], 0x1, 0x0, 0x0, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 01:53:05 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xdf}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 765.488495] input: syz1 as /devices/virtual/input/input241 01:53:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x1f8) 01:53:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x7f5b94988700) [ 765.744796] input: syz1 as /devices/virtual/input/input243 01:53:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x210) 01:53:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x80ffff00000000) [ 765.933318] input: syz1 as /devices/virtual/input/input245 [ 765.997314] input: syz1 as /devices/virtual/input/input246 01:53:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x228) 01:53:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x8798945b7f0000) [ 766.160974] input: syz1 as /devices/virtual/input/input247 [ 766.508024] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 766.515025] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 766.524282] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 766.531262] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 766.542480] device bridge_slave_1 left promiscuous mode [ 766.551722] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.576980] device bridge_slave_0 left promiscuous mode [ 766.582480] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.628370] device veth1_macvtap left promiscuous mode [ 766.633667] device veth0_macvtap left promiscuous mode [ 766.639167] device veth1_vlan left promiscuous mode [ 766.644259] device veth0_vlan left promiscuous mode [ 772.006808] device hsr_slave_1 left promiscuous mode [ 772.049109] device hsr_slave_0 left promiscuous mode [ 772.093369] team0 (unregistering): Port device team_slave_1 removed [ 772.105535] team0 (unregistering): Port device team_slave_0 removed [ 772.115328] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 772.147954] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 772.231712] bond0 (unregistering): Released all slaves 01:53:12 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x3c}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x394, 0x12, 0x800, 0x70bd2c, 0x25dfdbff, {0x69, 0x20, 0x1, 0x8, {0x4e20, 0x4e22, [0x3, 0x7ff, 0xfffeffff, 0x889], [0x6, 0xffffffff, 0x101, 0x1], r6, [0x7, 0x10001]}, 0x2de5, 0x40}, [@INET_DIAG_REQ_BYTECODE={0xe3, 0x1, "847785f7786ed566b8ff30f9a3d06b8ff813b8f8fb68ab2f0c4a66426059b6d01687b7d65901e436b7e52e15a126f13d610226a18274b5c4208a0fcf375eb2b978ffe507944d1535d0619e919b2c4d4c1831d827a3d15f46733b9ba369aba82d610a1e9fd4a17f2d63cf4ba66ff7bcaf25a2357149d14a516cdee5c210be1e38bdec60b394a5b58d11dbad3e18216fbea83923c0642d13383b9ab40e511c79f20064cfc4129501f48400347ccd098986d04d561d30cd2bf6864e0f2fe0fb363a28439f1bb0b27b17794c7c4e4cb67b7412a8cc7f96bbe6d9b650d2806cc3de"}, @INET_DIAG_REQ_BYTECODE={0xab, 0x1, "b6a72783e0b8d130199926639fe83e9b78f98888e657aa4eac14cbc6b99cd6b3a5b04f4afeeba5f54e8a44d8bc138d6f616a060499a5f4def9761955fc65bf0fb5e64b934ae89ab2c8925014edf892359bbdce3eacf6ceaa6bf9bb51e0bfdb6c25d5489cd577688ab6ca3c411b3245e53cb7767b66df89d852a3475a48369da3356b0ed70d2d11d2edb5a4f7713c91122d38293225e2937e1f80b97bfb5d48a05e762c93c29eb0"}, @INET_DIAG_REQ_BYTECODE={0x6f, 0x1, "710093d490103559360620a67616be8779dd126d2e0ad672648f8c2672c43ace291008dcf0aacee9128620d3de5e4fef5080fb43ad5803a1af3067ee6f979ca9e3a199515994dd8cf27e07e22548de3321ae644b463fe98824d552e6254feb952a838344d5de59c8f81e64"}, @INET_DIAG_REQ_BYTECODE={0x79, 0x1, "484da178e0f154845f7bb0e837c632395a458e98adccb555c5220f5760d8ec021ea7fead90380bd14c205a4607e1f81dc98acb2b5d79495063c734fac5f0cd0d31b2368b3469a8e128178e174c12106e2460167767996274c75829954fb3c713aab4baa37075ab60825a43e19c5a134132064f6577"}, @INET_DIAG_REQ_BYTECODE={0x8d, 0x1, "becb2bae479593f764f00e603b83b96f5de2bca29ce0bd562397b7a292d60f6ef5a9bbf673054ea80a6071d4ead2326ef28f4896ae1caf71b3a2467116ce3a3554d4ce596efeb2870954791a8f817edd8203018560995246941937e863c0ee86262d84fd5d77464fde6b6f8acb0b9f77a1ce8202f485db778381da9e9676f1cbd825b3bb593d188539"}, @INET_DIAG_REQ_BYTECODE={0x2b, 0x1, "ee82b553fb80a6167997ff2e0083655ab2ea117b654eea0cc0a512f94803a27b9e846908a56b99"}, @INET_DIAG_REQ_BYTECODE={0xe, 0x1, "8c3e0ffebe7393b304c5"}]}, 0x394}, 0x1, 0x0, 0x0, 0x40}, 0x82) r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 01:53:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe00}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x100000000000000) 01:53:12 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x240) 01:53:12 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 772.352604] input: syz1 as /devices/virtual/input/input249 01:53:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x200000000000000) 01:53:12 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x258) 01:53:12 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 772.679029] input: syz1 as /devices/virtual/input/input251 01:53:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f0000000100)={0x6, 0x9, 0x4, 0x1001, 0x2000000, {r5, r6/1000+10000}, {0x5, 0xc77ce18a25f597fe, 0x4, 0x6, 0x7c, 0x1f, '()qm'}, 0x8f, 0x4, @planes=&(0x7f0000000080)={0xfff, 0x80000001, @fd, 0x20}, 0xfffffff7, 0x0, 0xffffffffffffffff}) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r7, 0x84, 0x16, &(0x7f0000000180)={0x3, [0x3, 0x3f, 0x5130]}, 0xa) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) recvfrom$l2tp(r9, &(0x7f0000000380)=""/140, 0x8c, 0x2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0xffffffffffffffff, 0x200000000000000, 0x0, 0x4000000000000000, 0x1000, 0x0, 0x4cb, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x40000000000], 0x0, 0x104000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x300000000000000) [ 772.847628] input: syz1 as /devices/virtual/input/input252 01:53:13 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x270) [ 773.097927] input: syz1 as /devices/virtual/input/input253 [ 773.167589] input: syz1 as /devices/virtual/input/input254 01:53:14 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x288) 01:53:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x300000002000000) 01:53:14 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x10e5}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:14 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x88}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x1000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r5, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x76, &(0x7f0000000000)={r6, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000040)={r6, 0x7}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000100)={r7, 0x8}, &(0x7f0000000140)=0x8) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:14 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 773.875639] input: syz1 as /devices/virtual/input/input255 01:53:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x400000000000000) [ 773.967125] input: syz1 as /devices/virtual/input/input256 01:53:14 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:14 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x2a0) 01:53:14 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1100}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x40, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x10000]}) syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x8, 0x201) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 774.324860] input: syz1 as /devices/virtual/input/input257 01:53:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x500000000000000) 01:53:14 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x2b8) [ 774.627854] input: syz1 as /devices/virtual/input/input259 01:53:15 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x2d0) 01:53:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) 01:53:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = fcntl$dupfd(0xffffffffffffffff, 0x406, r4) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r8, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x76, &(0x7f0000000000)={r9, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r7, 0x84, 0x7c, &(0x7f0000000040)={r9, 0x3, 0x200}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r5, 0x84, 0xf, &(0x7f0000000100)={r10, @in={{0x2, 0x4e23, @empty}}, 0x4, 0x8, 0xf736, 0x5b, 0x1}, &(0x7f00000001c0)=0x98) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x4ce, 0x0, 0x3ea, 0x0, 0x0, 0x4]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r11) fcntl$getflags(r11, 0x40a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 774.930906] input: syz1 as /devices/virtual/input/input261 01:53:15 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0xfc}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1500}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:15 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:15 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x2e8) 01:53:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x700000000000000) 01:53:15 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1be4}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 775.294758] input: syz1 as /devices/virtual/input/input263 01:53:15 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20004010) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 775.416757] input: syz1 as /devices/virtual/input/input264 01:53:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x800000000000000) 01:53:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x300) 01:53:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x900000000000000) [ 775.700369] input: syz1 as /devices/virtual/input/input265 [ 775.769340] input: syz1 as /devices/virtual/input/input266 01:53:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x318) [ 775.952755] input: syz1 as /devices/virtual/input/input267 [ 776.042122] input: syz1 as /devices/virtual/input/input268 01:53:16 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xa00000000000000) 01:53:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r5) setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000380)={'filter\x00', 0x7, 0x4, 0x3f0, 0x0, 0x110, 0x1f8, 0x308, 0x308, 0x308, 0x4, &(0x7f0000000040), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @local, @broadcast, 0x4, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x7f}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="7be4ff35e9ca", @empty, @remote, @empty, 0x1, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x440) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:16 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x2000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:16 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x330) [ 776.550462] input: syz1 as /devices/virtual/input/input269 [ 776.631550] x_tables: duplicate underflow at hook 1 01:53:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xb00000000000000) [ 776.687996] input: syz1 as /devices/virtual/input/input270 01:53:17 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x280b}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:17 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x348) 01:53:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000040)="66ba2100b8f2ffffffef440f0f3697c462bdde702b650f01dfb9800000c00f3235000400000f30b926090000b8dda7eeb3bab6f487340f30480fc72d2720a094470f001c9526000000c4c185652a66b84e008ec0", 0x54}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$BLKALIGNOFF(r6, 0x127a, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VIDIOC_RESERVED(r4, 0x5601, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r7 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$security_capability(r7, &(0x7f0000000140)='security.capability\x00', &(0x7f0000000280)=@v3={0x3000000, [{0x2, 0x200}, {0xfdc, 0x9}], r8}, 0x18, 0x1) [ 776.931981] input: syz1 as /devices/virtual/input/input271 01:53:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xc00000000000000) 01:53:18 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x2}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:18 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x360) 01:53:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xd00000000000000) 01:53:18 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000200)={0x4, 0x916f6413ce675308, 0x4, 0x1, 0x4, {r3, r4/1000+30000}, {0x4, 0x1, 0x0, 0x6, 0x4, 0x0, "cee82a0c"}, 0x9, 0x4, @offset=0x7, 0x7ff, 0x0, 0xffffffffffffffff}) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000280)={0x2000, &(0x7f00000000c0), 0x1, r5, 0x4}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000100)="f30f59f56766c7442400008000006766c7442402df0000006766c744240600000000670f0114242e0fc76d0066b9b309000066b86915000066ba000000000f3066b8010000000f01c166b97100004066b80900000066ba000000000f30f20f2aa500300f013a6766c7442400c54c00006766c7442402370000006766c744240600000000670f01142464821046", 0x8d}], 0x1, 0x40, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9e1d]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r8, 0x111, 0x5, 0x2, 0x4) 01:53:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x3f00}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 777.703515] input: syz1 as /devices/virtual/input/input273 01:53:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe00000000000000) 01:53:18 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x378) 01:53:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x4000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 777.949443] input: syz1 as /devices/virtual/input/input275 01:53:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r7) r8 = dup(r7) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r8, 0x111, 0x1, 0x1, 0x4) [ 778.057010] input: syz1 as /devices/virtual/input/input276 01:53:18 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x390) [ 778.156969] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 778.189674] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 778.205542] CPU: 0 PID: 25850 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 778.213435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 778.222789] Call Trace: [ 778.225435] dump_stack+0x188/0x20d [ 778.229107] dump_header+0x159/0xa5e [ 778.232843] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 778.237980] ? ___ratelimit+0x59/0x573 [ 778.241880] oom_kill_process.cold+0x10/0x6dc [ 778.246388] ? task_will_free_mem+0x134/0x6d0 [ 778.250905] out_of_memory+0x349/0x1250 [ 778.254896] ? oom_killer_disable+0x270/0x270 [ 778.259433] mem_cgroup_out_of_memory+0x1c7/0x240 [ 778.264288] ? memcg_event_wake+0x210/0x210 [ 778.268664] ? do_raw_spin_unlock+0x171/0x260 [ 778.273184] try_charge+0xe22/0x1300 [ 778.276933] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 778.281814] ? mark_held_locks+0xa6/0xf0 [ 778.285895] ? mem_cgroup_charge_skmem+0x111/0x270 [ 778.290851] mem_cgroup_charge_skmem+0x126/0x270 [ 778.295630] ? mem_cgroup_sk_free+0x80/0x80 [ 778.299977] ? iov_iter_advance+0x219/0xe10 [ 778.304329] __sk_mem_raise_allocated+0x543/0x1360 [ 778.309277] __sk_mem_schedule+0x65/0xd0 [ 778.313361] tcp_sendmsg_locked+0x1898/0x2ff0 [ 778.317888] ? tcp_sendpage+0x60/0x60 [ 778.321700] ? mark_held_locks+0xa6/0xf0 [ 778.325775] ? __local_bh_enable_ip+0x159/0x270 [ 778.330458] tcp_sendmsg+0x2b/0x40 [ 778.334008] inet_sendmsg+0x12e/0x590 [ 778.337817] ? ipip_gro_receive+0x100/0x100 [ 778.342145] sock_sendmsg+0xcf/0x120 [ 778.345879] ___sys_sendmsg+0x3e2/0x920 [ 778.349863] ? copy_msghdr_from_user+0x410/0x410 01:53:18 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x3a8) [ 778.354642] ? mark_held_locks+0xf0/0xf0 [ 778.358718] ? lock_downgrade+0x740/0x740 [ 778.362887] ? check_preemption_disabled+0x41/0x280 [ 778.362912] ? find_held_lock+0x2d/0x110 [ 778.362929] ? __might_fault+0x11f/0x1d0 [ 778.362948] ? lock_downgrade+0x740/0x740 [ 778.380244] __sys_sendmmsg+0x195/0x470 [ 778.384261] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 778.388631] ? lock_downgrade+0x740/0x740 [ 778.392842] ? __might_fault+0x192/0x1d0 [ 778.396914] ? _copy_to_user+0xb8/0x100 [ 778.400898] ? put_timespec64+0xcb/0x120 [ 778.404978] ? nsecs_to_jiffies+0x30/0x30 [ 778.409164] ? __x64_sys_clock_gettime+0x165/0x240 [ 778.414107] ? __ia32_sys_clock_settime+0x260/0x260 [ 778.419170] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 778.423939] __x64_sys_sendmmsg+0x99/0x100 [ 778.428180] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 778.432786] do_syscall_64+0xf9/0x620 [ 778.436634] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 778.441889] RIP: 0033:0x45c479 [ 778.445122] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 778.464123] RSP: 002b:00007f8612e81c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 778.471842] RAX: ffffffffffffffda RBX: 00007f8612e826d4 RCX: 000000000045c479 [ 778.479133] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 778.486426] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 778.493705] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 778.500995] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 778.505226] input: syz1 as /devices/virtual/input/input278 [ 778.592830] Task in /syz1 killed as a result of limit of /syz1 [ 778.605585] memory: usage 307200kB, limit 307200kB, failcnt 4167 [ 778.607669] input: syz1 as /devices/virtual/input/input279 [ 778.628120] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 778.646370] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 778.652688] Memory cgroup stats for /syz1: cache:0KB rss:156KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 778.672897] Memory cgroup out of memory: Kill process 25844 (syz-executor.1) score 1103 or sacrifice child [ 778.684395] Killed process 25844 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 778.697574] oom_reaper: reaped process 25844 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:53:19 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x3}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:19 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xe9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xf00000000000000) 01:53:19 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x3c0) 01:53:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x4002}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:19 executing program 0: r0 = pkey_alloc(0x0, 0x7) pkey_free(r0) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, r0) pkey_free(r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x4, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0x0, 0x3, {0x7, 0x1f, 0x4, 0x1040808, 0xae, 0xffff, 0x5ad9, 0x4}}, 0x50) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x2, 0x0, 0x682, 0x0, 0x43dd]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x20000, 0x0) ioctl$VIDIOC_G_PARM(r4, 0xc0cc5615, &(0x7f0000000380)={0x1, @output={0x0, 0x1, {0x80000001, 0x10000}}}) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x4e20, 0xffffff81, @dev={0xfe, 0x80, [], 0x3c}, 0x7}, {0xa, 0x4e22, 0xfffffffa, @empty, 0xfff}, 0x7, [0x7ff, 0x7, 0x101, 0x401, 0x7, 0x4, 0x0, 0x2]}, 0x5c) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 779.117621] input: syz1 as /devices/virtual/input/input280 01:53:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x6000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) [ 779.211333] input: syz1 as /devices/virtual/input/input281 01:53:19 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x3d8) [ 779.403451] input: syz1 as /devices/virtual/input/input282 01:53:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1100000000000000) [ 779.467576] input: syz1 as /devices/virtual/input/input283 01:53:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x3f0) 01:53:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1200000000000000) [ 779.744763] input: syz1 as /devices/virtual/input/input284 01:53:20 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x4}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:20 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xea}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x10201, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x408) 01:53:20 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x8b00}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1300000000000000) [ 780.207360] input: syz1 as /devices/virtual/input/input286 [ 780.289605] input: syz1 as /devices/virtual/input/input287 01:53:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1400000000000000) 01:53:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x420) 01:53:20 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x9405}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:20 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xeb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000140)="0f20e035000001000f22e066b80a008ee8c744240000000000c74424023cd50000c7442406000000000f011424c4e25147734766660f75f6b96a0900000f32360f092e600f794005c4e36d0f7f520e"}], 0x1, 0xed96f1761b3e1dcf, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 780.542962] input: syz1 as /devices/virtual/input/input288 [ 780.614836] input: syz1 as /devices/virtual/input/input289 [ 780.636159] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=1, oom_score_adj=1000 [ 780.661326] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 780.671330] CPU: 1 PID: 26281 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 780.679240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 780.688594] Call Trace: [ 780.691196] dump_stack+0x188/0x20d [ 780.694836] dump_header+0x159/0xa5e [ 780.698565] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 780.703671] ? ___ratelimit+0x59/0x573 [ 780.707571] oom_kill_process.cold+0x10/0x6dc [ 780.712095] ? task_will_free_mem+0x134/0x6d0 [ 780.716608] out_of_memory+0x349/0x1250 [ 780.720621] ? oom_killer_disable+0x270/0x270 [ 780.725135] mem_cgroup_out_of_memory+0x1c7/0x240 [ 780.730029] ? memcg_event_wake+0x210/0x210 [ 780.734362] ? do_raw_spin_unlock+0x171/0x260 [ 780.738860] try_charge+0xe22/0x1300 [ 780.742610] ? __kmalloc_node_track_caller+0x38/0x70 [ 780.747731] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 780.752591] ? rcu_read_lock_sched_held+0x10a/0x130 [ 780.757610] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 780.762894] ? mark_held_locks+0xa6/0xf0 [ 780.766956] ? mem_cgroup_charge_skmem+0x111/0x270 [ 780.771903] mem_cgroup_charge_skmem+0x126/0x270 [ 780.776665] ? mem_cgroup_sk_free+0x80/0x80 [ 780.781013] ? __alloc_skb+0x3ad/0x5b0 [ 780.784924] __sk_mem_raise_allocated+0x543/0x1360 [ 780.789864] __sk_mem_schedule+0x65/0xd0 [ 780.793930] tcp_sendmsg_locked+0x1898/0x2ff0 [ 780.798486] ? tcp_sendpage+0x60/0x60 [ 780.802316] ? mark_held_locks+0xa6/0xf0 [ 780.806392] ? __local_bh_enable_ip+0x159/0x270 [ 780.811079] tcp_sendmsg+0x2b/0x40 [ 780.814631] inet_sendmsg+0x12e/0x590 [ 780.818443] ? ipip_gro_receive+0x100/0x100 [ 780.822772] sock_sendmsg+0xcf/0x120 [ 780.826506] ___sys_sendmsg+0x3e2/0x920 [ 780.830493] ? copy_msghdr_from_user+0x410/0x410 [ 780.835269] ? mark_held_locks+0xf0/0xf0 [ 780.839348] ? lock_downgrade+0x740/0x740 [ 780.843519] ? check_preemption_disabled+0x41/0x280 [ 780.848548] ? find_held_lock+0x2d/0x110 [ 780.852664] ? __might_fault+0x11f/0x1d0 [ 780.856758] ? lock_downgrade+0x740/0x740 [ 780.860935] __sys_sendmmsg+0x195/0x470 01:53:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000) [ 780.864937] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 780.869300] ? lock_downgrade+0x740/0x740 [ 780.873468] ? __might_fault+0x192/0x1d0 [ 780.877533] ? _copy_to_user+0xb8/0x100 [ 780.881519] ? put_timespec64+0xcb/0x120 [ 780.885590] ? nsecs_to_jiffies+0x30/0x30 [ 780.889764] ? __x64_sys_clock_gettime+0x165/0x240 [ 780.894710] ? __ia32_sys_clock_settime+0x260/0x260 [ 780.899747] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 780.904511] __x64_sys_sendmmsg+0x99/0x100 [ 780.908745] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 780.913369] do_syscall_64+0xf9/0x620 [ 780.917173] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 780.922364] RIP: 0033:0x45c479 [ 780.925562] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 780.944463] RSP: 002b:00007f8612e81c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 780.952172] RAX: ffffffffffffffda RBX: 00007f8612e826d4 RCX: 000000000045c479 [ 780.959436] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 780.966713] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 780.973998] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 780.981275] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 781.002945] Task in /syz1 killed as a result of limit of /syz1 [ 781.009624] memory: usage 307200kB, limit 307200kB, failcnt 4177 [ 781.049672] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 781.075216] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 781.091648] Memory cgroup stats for /syz1: cache:0KB rss:2296KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2208KB inactive_file:0KB active_file:0KB unevictable:0KB [ 781.113475] Memory cgroup out of memory: Kill process 26269 (syz-executor.1) score 1110 or sacrifice child [ 781.154413] Killed process 26269 (syz-executor.1) total-vm:74832kB, anon-rss:2148kB, file-rss:34816kB, shmem-rss:0kB [ 781.170999] oom_reaper: reaped process 26269 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:53:21 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x5}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:21 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x438) 01:53:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1600000000000000) 01:53:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x46aa41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5a316e3ce26d1777, &(0x7f0000000040)=0x5, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) accept$alg(r4, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_ASSIGN_DEV_IRQ(r6, 0x4040ae70, &(0x7f0000000180)={0x8, 0x8, 0xfffff800, 0x4}) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x800, 0x0) getpeername$l2tp6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}, &(0x7f0000000140)=0x20) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:21 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xcb01}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:21 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xec}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 781.538759] input: syz1 as /devices/virtual/input/input290 [ 781.540933] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 781.609339] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 781.637523] CPU: 0 PID: 26408 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 781.645433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 781.654798] Call Trace: [ 781.657402] dump_stack+0x188/0x20d [ 781.661046] dump_header+0x159/0xa5e [ 781.664788] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 781.669911] ? ___ratelimit+0x59/0x573 [ 781.673806] oom_kill_process.cold+0x10/0x6dc [ 781.678313] ? task_will_free_mem+0x134/0x6d0 [ 781.682826] out_of_memory+0x349/0x1250 [ 781.686821] ? oom_killer_disable+0x270/0x270 [ 781.691340] mem_cgroup_out_of_memory+0x1c7/0x240 [ 781.696197] ? memcg_event_wake+0x210/0x210 [ 781.700544] ? do_raw_spin_unlock+0x171/0x260 [ 781.705063] try_charge+0xe22/0x1300 [ 781.708820] ? __kmalloc_node_track_caller+0x38/0x70 [ 781.713933] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 781.718883] ? mark_held_locks+0xa6/0xf0 [ 781.722980] ? mem_cgroup_charge_skmem+0x111/0x270 [ 781.727952] ? mark_held_locks+0xa6/0xf0 [ 781.732034] ? mem_cgroup_charge_skmem+0x111/0x270 [ 781.732908] input: syz1 as /devices/virtual/input/input291 [ 781.736982] mem_cgroup_charge_skmem+0x126/0x270 [ 781.736997] ? mem_cgroup_sk_free+0x80/0x80 [ 781.737016] ? __sk_mem_raise_allocated+0x617/0x1360 01:53:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1700000000000000) 01:53:22 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xed}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 781.737038] __sk_mem_raise_allocated+0x543/0x1360 [ 781.737056] __sk_mem_schedule+0x65/0xd0 [ 781.765876] tcp_sendmsg_locked+0x1898/0x2ff0 [ 781.770397] ? tcp_sendpage+0x60/0x60 [ 781.774254] ? mark_held_locks+0xa6/0xf0 [ 781.778367] ? __local_bh_enable_ip+0x159/0x270 [ 781.783041] tcp_sendmsg+0x2b/0x40 [ 781.786583] inet_sendmsg+0x12e/0x590 [ 781.790410] ? ipip_gro_receive+0x100/0x100 [ 781.794729] sock_sendmsg+0xcf/0x120 [ 781.798447] ___sys_sendmsg+0x3e2/0x920 [ 781.802420] ? copy_msghdr_from_user+0x410/0x410 [ 781.807182] ? mark_held_locks+0xf0/0xf0 [ 781.811238] ? lock_downgrade+0x740/0x740 [ 781.815389] ? check_preemption_disabled+0x41/0x280 [ 781.820415] ? find_held_lock+0x2d/0x110 [ 781.824498] ? __might_fault+0x11f/0x1d0 [ 781.828565] ? lock_downgrade+0x740/0x740 [ 781.832722] __sys_sendmmsg+0x195/0x470 [ 781.836724] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 781.841043] ? lock_downgrade+0x740/0x740 [ 781.845202] ? __might_fault+0x192/0x1d0 [ 781.849260] ? _copy_to_user+0xb8/0x100 [ 781.853314] ? put_timespec64+0xcb/0x120 [ 781.857414] ? nsecs_to_jiffies+0x30/0x30 [ 781.861583] ? __x64_sys_clock_gettime+0x165/0x240 [ 781.866523] ? __ia32_sys_clock_settime+0x260/0x260 [ 781.871544] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.876340] __x64_sys_sendmmsg+0x99/0x100 [ 781.880593] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 781.885185] do_syscall_64+0xf9/0x620 [ 781.888997] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 781.894204] RIP: 0033:0x45c479 [ 781.897403] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 781.916302] RSP: 002b:00007f8612ea2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 781.924055] RAX: ffffffffffffffda RBX: 00007f8612ea36d4 RCX: 000000000045c479 [ 781.931326] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 781.938594] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 781.945861] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 781.953126] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:53:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x30480, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = dup(r0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0xfffffffffffffffe) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0xfffffffffffffffc]}) ioctl$KVM_RUN(r9, 0xae80, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) [ 781.980676] Task in /syz1 killed as a result of limit of /syz1 [ 781.997624] memory: usage 307176kB, limit 307200kB, failcnt 4197 [ 782.008883] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:53:22 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x450) [ 782.036871] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 782.053671] Memory cgroup stats for /syz1: cache:0KB rss:2172KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2200KB inactive_file:0KB active_file:0KB unevictable:0KB 01:53:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1800000000000000) [ 782.150284] input: syz1 as /devices/virtual/input/input292 [ 782.178695] Memory cgroup out of memory: Kill process 26402 (syz-executor.1) score 1110 or sacrifice child [ 782.227088] Killed process 26402 (syz-executor.1) total-vm:74700kB, anon-rss:2148kB, file-rss:34816kB, shmem-rss:0kB [ 782.256950] input: syz1 as /devices/virtual/input/input293 [ 782.295239] oom_reaper: reaped process 26402 (syz-executor.1), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB 01:53:22 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xd900}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 782.547102] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 782.558813] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 782.564323] CPU: 0 PID: 26652 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 782.572216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 782.581580] Call Trace: [ 782.584182] dump_stack+0x188/0x20d [ 782.587824] dump_header+0x159/0xa5e [ 782.591548] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 782.596662] ? ___ratelimit+0x59/0x573 [ 782.600570] oom_kill_process.cold+0x10/0x6dc [ 782.605084] ? task_will_free_mem+0x134/0x6d0 [ 782.609600] out_of_memory+0x349/0x1250 [ 782.613594] ? oom_killer_disable+0x270/0x270 [ 782.618115] mem_cgroup_out_of_memory+0x1c7/0x240 [ 782.622972] ? memcg_event_wake+0x210/0x210 [ 782.627317] ? do_raw_spin_unlock+0x171/0x260 [ 782.631816] try_charge+0xe22/0x1300 [ 782.635538] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 782.640381] ? __kmalloc_node_track_caller+0x38/0x70 [ 782.645491] ? mark_held_locks+0xa6/0xf0 [ 782.649552] ? mem_cgroup_charge_skmem+0x111/0x270 [ 782.654484] mem_cgroup_charge_skmem+0x126/0x270 [ 782.659241] ? mem_cgroup_sk_free+0x80/0x80 [ 782.663563] ? __kmalloc_node_track_caller+0x4c/0x70 [ 782.668670] ? __kmalloc_reserve.isra.0+0x7b/0xe0 [ 782.673518] __sk_mem_raise_allocated+0x543/0x1360 [ 782.678454] __sk_mem_schedule+0x65/0xd0 [ 782.682516] sk_stream_alloc_skb+0x557/0x850 [ 782.686928] tcp_sendmsg_locked+0xc44/0x2ff0 [ 782.691354] ? tcp_sendpage+0x60/0x60 [ 782.695164] ? mark_held_locks+0xa6/0xf0 [ 782.699237] ? __local_bh_enable_ip+0x159/0x270 [ 782.703926] tcp_sendmsg+0x2b/0x40 [ 782.707473] inet_sendmsg+0x12e/0x590 [ 782.711273] ? ipip_gro_receive+0x100/0x100 [ 782.715594] sock_sendmsg+0xcf/0x120 [ 782.719303] ___sys_sendmsg+0x3e2/0x920 [ 782.723292] ? copy_msghdr_from_user+0x410/0x410 [ 782.728065] ? mark_held_locks+0xf0/0xf0 [ 782.732225] ? lock_downgrade+0x740/0x740 [ 782.736382] ? check_preemption_disabled+0x41/0x280 [ 782.741424] ? find_held_lock+0x2d/0x110 [ 782.745492] ? __might_fault+0x11f/0x1d0 [ 782.749563] ? lock_downgrade+0x740/0x740 [ 782.753728] __sys_sendmmsg+0x195/0x470 [ 782.757718] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 782.762049] ? lock_downgrade+0x740/0x740 [ 782.766243] ? __might_fault+0x192/0x1d0 [ 782.770311] ? _copy_to_user+0xb8/0x100 [ 782.774292] ? put_timespec64+0xcb/0x120 [ 782.778357] ? nsecs_to_jiffies+0x30/0x30 [ 782.782517] ? __x64_sys_clock_gettime+0x165/0x240 [ 782.787449] ? __ia32_sys_clock_settime+0x260/0x260 [ 782.792469] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.797268] __x64_sys_sendmmsg+0x99/0x100 [ 782.801554] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 782.806156] do_syscall_64+0xf9/0x620 [ 782.809980] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 782.815170] RIP: 0033:0x45c479 [ 782.818393] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 782.837291] RSP: 002b:00007f8612e81c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 782.844997] RAX: ffffffffffffffda RBX: 00007f8612e826d4 RCX: 000000000045c479 [ 782.852273] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 782.859547] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 782.866819] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 782.874116] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 782.892830] Task in /syz1 killed as a result of limit of /syz1 [ 782.899354] memory: usage 307200kB, limit 307200kB, failcnt 4220 [ 782.913284] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 782.920677] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 782.927706] Memory cgroup stats for /syz1: cache:0KB rss:44KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 782.948096] Memory cgroup out of memory: Kill process 26649 (syz-executor.1) score 1103 or sacrifice child [ 782.958454] Killed process 26649 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 782.970165] oom_reaper: reaped process 26649 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:53:23 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x6}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:23 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x468) 01:53:23 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xee}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1900000000000000) 01:53:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r7) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="2800000011000d0400"/20, @ANYRES32=r6, @ANYRESHEX=r7], 0x3}}, 0x0) setsockopt$inet6_IPV6_PKTINFO(r3, 0x29, 0x32, &(0x7f0000000100)={@dev={0xfe, 0x80, [], 0x2f}, r6}, 0x14) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r9, 0xc01864ba, &(0x7f0000000280)={0x32, 0x6, 0x9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe41b}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 783.297283] input: syz1 as /devices/virtual/input/input294 [ 783.321720] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 783.380156] input: syz1 as /devices/virtual/input/input295 [ 783.393663] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 783.408183] CPU: 0 PID: 26670 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 783.416106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 783.425633] Call Trace: [ 783.428262] dump_stack+0x188/0x20d [ 783.432040] dump_header+0x159/0xa5e [ 783.435796] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 783.440924] ? ___ratelimit+0x59/0x573 [ 783.445020] oom_kill_process.cold+0x10/0x6dc [ 783.449555] ? task_will_free_mem+0x134/0x6d0 [ 783.454092] out_of_memory+0x349/0x1250 [ 783.458096] ? oom_killer_disable+0x270/0x270 [ 783.462623] mem_cgroup_out_of_memory+0x1c7/0x240 [ 783.467504] ? memcg_event_wake+0x210/0x210 [ 783.471855] ? do_raw_spin_unlock+0x171/0x260 [ 783.476376] try_charge+0xe22/0x1300 [ 783.480151] ? __kmalloc_node_track_caller+0x38/0x70 [ 783.485273] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 783.490140] ? mark_held_locks+0xa6/0xf0 [ 783.494233] ? mem_cgroup_charge_skmem+0x111/0x270 [ 783.499191] ? mark_held_locks+0xa6/0xf0 [ 783.503272] ? mem_cgroup_charge_skmem+0x111/0x270 [ 783.508214] mem_cgroup_charge_skmem+0x126/0x270 [ 783.512976] ? mem_cgroup_sk_free+0x80/0x80 [ 783.517312] ? __sk_mem_raise_allocated+0x617/0x1360 [ 783.522465] __sk_mem_raise_allocated+0x543/0x1360 [ 783.527463] __sk_mem_schedule+0x65/0xd0 [ 783.531555] tcp_sendmsg_locked+0x1898/0x2ff0 [ 783.536079] ? tcp_sendpage+0x60/0x60 [ 783.539896] ? mark_held_locks+0xa6/0xf0 [ 783.543969] ? __local_bh_enable_ip+0x159/0x270 [ 783.548658] tcp_sendmsg+0x2b/0x40 [ 783.552214] inet_sendmsg+0x12e/0x590 [ 783.556030] ? ipip_gro_receive+0x100/0x100 [ 783.560363] sock_sendmsg+0xcf/0x120 [ 783.564087] ___sys_sendmsg+0x3e2/0x920 [ 783.568075] ? copy_msghdr_from_user+0x410/0x410 [ 783.572849] ? mark_held_locks+0xf0/0xf0 [ 783.576924] ? lock_downgrade+0x740/0x740 [ 783.581087] ? check_preemption_disabled+0x41/0x280 [ 783.586162] ? find_held_lock+0x2d/0x110 [ 783.590319] ? __might_fault+0x11f/0x1d0 [ 783.594396] ? lock_downgrade+0x740/0x740 [ 783.598624] __sys_sendmmsg+0x195/0x470 [ 783.602659] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 783.606992] ? lock_downgrade+0x740/0x740 [ 783.611161] ? __might_fault+0x192/0x1d0 [ 783.615236] ? _copy_to_user+0xb8/0x100 [ 783.619226] ? put_timespec64+0xcb/0x120 [ 783.623296] ? nsecs_to_jiffies+0x30/0x30 [ 783.627499] ? __x64_sys_clock_gettime+0x165/0x240 [ 783.632436] ? __ia32_sys_clock_settime+0x260/0x260 [ 783.637508] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 783.642298] __x64_sys_sendmmsg+0x99/0x100 [ 783.646563] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 783.651157] do_syscall_64+0xf9/0x620 [ 783.655012] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 783.660375] RIP: 0033:0x45c479 01:53:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1a00000000000000) [ 783.663581] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 783.682494] RSP: 002b:00007f8612ea2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 783.690214] RAX: ffffffffffffffda RBX: 00007f8612ea36d4 RCX: 000000000045c479 [ 783.697506] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 783.704784] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 783.712169] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 783.719560] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:53:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000bf7000)={0x10201, 0x0, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 01:53:24 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x480) 01:53:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1b00000000000000) [ 783.864785] Task in /syz1 killed as a result of limit of /syz1 [ 783.894378] memory: usage 300360kB, limit 307200kB, failcnt 4248 [ 783.916909] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 783.957261] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 783.963768] input: syz1 as /devices/virtual/input/input296 [ 783.984012] Memory cgroup stats for /syz1: cache:0KB rss:44KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:164KB inactive_file:0KB active_file:0KB unevictable:0KB [ 784.065387] Memory cgroup out of memory: Kill process 26661 (syz-executor.1) score 1103 or sacrifice child [ 784.086971] input: syz1 as /devices/virtual/input/input297 [ 784.089156] Killed process 26661 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB 01:53:24 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x498) [ 784.139374] oom_reaper: reaped process 26661 (syz-executor.1), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB 01:53:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1c00000000000000) [ 784.347776] input: syz1 as /devices/virtual/input/input298 [ 784.438406] input: syz1 as /devices/virtual/input/input299 01:53:25 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x7}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xb827c6c43f366536}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r2, 0xf05, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8001}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1f28}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7ff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7fffffff}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}]}]}, 0x74}}, 0x4008000) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:53:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe510}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:25 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xef}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1d00000000000000) 01:53:25 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x4b0) [ 784.941940] input: syz1 as /devices/virtual/input/input300 [ 785.037931] input: syz1 as /devices/virtual/input/input301 01:53:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x1e00000000000000) 01:53:25 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x4c8) 01:53:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000001000/0x1000)=nil) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 785.302321] input: syz1 as /devices/virtual/input/input302 01:53:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x2000000000000000) 01:53:25 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x4e0) [ 785.539915] input: syz1 as /devices/virtual/input/input304 01:53:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x4000000000000000) [ 785.608180] input: syz1 as /devices/virtual/input/input305 01:53:26 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x8}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:26 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:26 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x4f8) 01:53:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x8000000000000000) 01:53:26 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe803}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 786.555251] input: syz1 as /devices/virtual/input/input306 [ 786.605414] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 786.675960] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 786.704173] CPU: 1 PID: 27211 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 786.712208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 786.721591] Call Trace: [ 786.724213] dump_stack+0x188/0x20d [ 786.727883] dump_header+0x159/0xa5e [ 786.731634] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 786.736759] ? ___ratelimit+0x59/0x573 [ 786.740683] oom_kill_process.cold+0x10/0x6dc [ 786.745491] ? task_will_free_mem+0x134/0x6d0 [ 786.750135] out_of_memory+0x349/0x1250 [ 786.754139] ? oom_killer_disable+0x270/0x270 [ 786.758701] mem_cgroup_out_of_memory+0x1c7/0x240 [ 786.763583] ? memcg_event_wake+0x210/0x210 [ 786.767960] ? do_raw_spin_unlock+0x171/0x260 [ 786.772529] try_charge+0xe22/0x1300 [ 786.776282] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 786.781211] ? mark_held_locks+0xa6/0xf0 [ 786.785299] ? mem_cgroup_charge_skmem+0x111/0x270 [ 786.790268] mem_cgroup_charge_skmem+0x126/0x270 [ 786.795067] ? mem_cgroup_sk_free+0x80/0x80 [ 786.799431] ? lock_downgrade+0x740/0x740 [ 786.803602] ? iov_iter_advance+0x219/0xe10 [ 786.807957] __sk_mem_raise_allocated+0x543/0x1360 [ 786.812924] __sk_mem_schedule+0x65/0xd0 [ 786.817012] tcp_sendmsg_locked+0x1898/0x2ff0 [ 786.821555] ? tcp_sendpage+0x60/0x60 01:53:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe0ffffffffffffff) [ 786.825380] ? mark_held_locks+0xa6/0xf0 [ 786.829556] ? __local_bh_enable_ip+0x159/0x270 [ 786.834263] tcp_sendmsg+0x2b/0x40 [ 786.837963] inet_sendmsg+0x12e/0x590 [ 786.841788] ? ipip_gro_receive+0x100/0x100 [ 786.846128] sock_sendmsg+0xcf/0x120 [ 786.849867] ___sys_sendmsg+0x3e2/0x920 [ 786.853968] ? copy_msghdr_from_user+0x410/0x410 [ 786.858765] ? mark_held_locks+0xf0/0xf0 [ 786.863019] ? lock_downgrade+0x740/0x740 [ 786.867332] ? check_preemption_disabled+0x41/0x280 [ 786.872382] ? find_held_lock+0x2d/0x110 [ 786.876473] ? __might_fault+0x11f/0x1d0 [ 786.880593] ? lock_downgrade+0x740/0x740 [ 786.884887] __sys_sendmmsg+0x195/0x470 [ 786.888901] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 786.893245] ? lock_downgrade+0x740/0x740 [ 786.897426] ? __might_fault+0x192/0x1d0 [ 786.901593] ? _copy_to_user+0xb8/0x100 [ 786.905596] ? put_timespec64+0xcb/0x120 [ 786.909699] ? nsecs_to_jiffies+0x30/0x30 [ 786.914012] ? __x64_sys_clock_gettime+0x165/0x240 [ 786.918967] ? __ia32_sys_clock_settime+0x260/0x260 01:53:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000) [ 786.924003] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 786.928798] __x64_sys_sendmmsg+0x99/0x100 [ 786.933191] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 786.937805] do_syscall_64+0xf9/0x620 [ 786.941631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 786.946976] RIP: 0033:0x45c479 [ 786.950191] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 786.969404] RSP: 002b:00007f8612e81c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 786.977402] RAX: ffffffffffffffda RBX: 00007f8612e826d4 RCX: 000000000045c479 [ 786.984715] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 786.992002] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 786.999288] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 787.006678] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 787.015029] Task in /syz1 killed as a result of limit of /syz1 [ 787.021216] memory: usage 307196kB, limit 307200kB, failcnt 4265 01:53:27 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x510) [ 787.027741] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 787.035405] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 787.042013] Memory cgroup stats for /syz1: cache:0KB rss:2192KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2208KB inactive_file:0KB active_file:0KB unevictable:0KB [ 787.062426] Memory cgroup out of memory: Kill process 27202 (syz-executor.1) score 1110 or sacrifice child [ 787.073632] Killed process 27202 (syz-executor.1) total-vm:74832kB, anon-rss:2148kB, file-rss:34816kB, shmem-rss:0kB [ 787.087640] oom_reaper: reaped process 27202 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:53:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff00000000) 01:53:27 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xf401}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 787.195522] input: syz1 as /devices/virtual/input/input308 01:53:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x6a0000, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000380)={{0x7, 0x0, 0xc2, 0x6, 'syz1\x00', 0x3}, 0x1, 0x40, 0x4, r7, 0x7, 0x1, 'syz0\x00', &(0x7f0000000100)=['/dev/kvm\x00', '/dev/kvm\x00', '/dev/kvm\x00', '\x00', '&\x00', ']\x00', '/dev/kvm\x00'], 0x29, [], [0x3f, 0x97, 0x0, 0x7]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) [ 787.287375] input: syz1 as /devices/virtual/input/input309 [ 787.441711] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 787.493733] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 787.512832] CPU: 0 PID: 27352 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 787.520743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 787.530112] Call Trace: [ 787.532732] dump_stack+0x188/0x20d [ 787.536388] dump_header+0x159/0xa5e [ 787.540144] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 787.545276] ? ___ratelimit+0x59/0x573 [ 787.549184] oom_kill_process.cold+0x10/0x6dc [ 787.553790] ? task_will_free_mem+0x134/0x6d0 [ 787.558323] out_of_memory+0x349/0x1250 [ 787.562323] ? oom_killer_disable+0x270/0x270 [ 787.566861] mem_cgroup_out_of_memory+0x1c7/0x240 [ 787.571726] ? memcg_event_wake+0x210/0x210 [ 787.576077] ? do_raw_spin_unlock+0x171/0x260 [ 787.580599] try_charge+0xe22/0x1300 [ 787.584348] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 787.589393] ? mark_held_locks+0xa6/0xf0 [ 787.593487] ? mem_cgroup_charge_skmem+0x111/0x270 [ 787.598436] mem_cgroup_charge_skmem+0x126/0x270 [ 787.603206] ? mem_cgroup_sk_free+0x80/0x80 [ 787.607549] ? iov_iter_advance+0x219/0xe10 [ 787.611890] __sk_mem_raise_allocated+0x543/0x1360 [ 787.616842] __sk_mem_schedule+0x65/0xd0 [ 787.621045] tcp_sendmsg_locked+0x1898/0x2ff0 [ 787.625573] ? tcp_sendpage+0x60/0x60 [ 787.629392] ? mark_held_locks+0xa6/0xf0 [ 787.633466] ? __local_bh_enable_ip+0x159/0x270 [ 787.638184] tcp_sendmsg+0x2b/0x40 [ 787.641745] inet_sendmsg+0x12e/0x590 [ 787.645563] ? ipip_gro_receive+0x100/0x100 [ 787.649908] sock_sendmsg+0xcf/0x120 [ 787.653655] ___sys_sendmsg+0x3e2/0x920 [ 787.657647] ? copy_msghdr_from_user+0x410/0x410 [ 787.662426] ? mark_held_locks+0xf0/0xf0 [ 787.666512] ? lock_downgrade+0x740/0x740 [ 787.670682] ? check_preemption_disabled+0x41/0x280 [ 787.675729] ? find_held_lock+0x2d/0x110 [ 787.679809] ? __might_fault+0x11f/0x1d0 [ 787.683936] ? lock_downgrade+0x740/0x740 [ 787.688336] __sys_sendmmsg+0x195/0x470 [ 787.692308] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 787.696634] ? lock_downgrade+0x740/0x740 [ 787.700814] ? __might_fault+0x192/0x1d0 [ 787.704884] ? _copy_to_user+0xb8/0x100 [ 787.708854] ? put_timespec64+0xcb/0x120 [ 787.712995] ? nsecs_to_jiffies+0x30/0x30 [ 787.717187] ? __x64_sys_clock_gettime+0x165/0x240 [ 787.722146] ? __ia32_sys_clock_settime+0x260/0x260 [ 787.727326] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 787.732103] __x64_sys_sendmmsg+0x99/0x100 [ 787.736348] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 787.740950] do_syscall_64+0xf9/0x620 [ 787.744788] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 787.750090] RIP: 0033:0x45c479 [ 787.753283] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 787.772265] RSP: 002b:00007f8612e81c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 787.780004] RAX: ffffffffffffffda RBX: 00007f8612e826d4 RCX: 000000000045c479 [ 787.787647] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 787.794937] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 787.802419] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 787.809808] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 787.820659] Task in /syz1 killed as a result of limit of /syz1 [ 787.827032] memory: usage 307148kB, limit 307200kB, failcnt 4309 [ 787.833304] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 787.854564] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 787.860847] Memory cgroup stats for /syz1: cache:0KB rss:72KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 787.882595] Memory cgroup out of memory: Kill process 27345 (syz-executor.1) score 1103 or sacrifice child [ 787.893425] Killed process 27345 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 787.905429] oom_reaper: reaped process 27345 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:53:29 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x9}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:29 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x528) 01:53:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xffffffff00000000) 01:53:29 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:29 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x20480}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_ASSIGN_SET_MSIX_NR(r7, 0x4008ae73, &(0x7f0000000040)={0x2, 0x7}) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f0000000080)='/dev/kvm\x00') ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 788.658952] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 788.686326] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 788.715261] input: syz1 as /devices/virtual/input/input310 [ 788.726086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 788.740020] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 788.752174] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 788.772467] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 788.781756] device bridge_slave_1 left promiscuous mode [ 788.788737] CPU: 1 PID: 27478 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 788.796687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 788.806043] Call Trace: [ 788.808639] dump_stack+0x188/0x20d [ 788.812277] dump_header+0x159/0xa5e [ 788.815999] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 788.821130] ? ___ratelimit+0x59/0x573 [ 788.825033] oom_kill_process.cold+0x10/0x6dc [ 788.829544] ? task_will_free_mem+0x134/0x6d0 [ 788.834044] out_of_memory+0x349/0x1250 [ 788.838025] ? oom_killer_disable+0x270/0x270 [ 788.842538] mem_cgroup_out_of_memory+0x1c7/0x240 [ 788.847385] ? memcg_event_wake+0x210/0x210 [ 788.851739] ? do_raw_spin_unlock+0x171/0x260 [ 788.856242] try_charge+0xe22/0x1300 [ 788.859968] ? __kmalloc_node_track_caller+0x38/0x70 [ 788.865072] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 788.869924] ? mark_held_locks+0xa6/0xf0 [ 788.873985] ? mem_cgroup_charge_skmem+0x111/0x270 [ 788.878925] ? mark_held_locks+0xa6/0xf0 [ 788.882986] ? mem_cgroup_charge_skmem+0x111/0x270 [ 788.887947] mem_cgroup_charge_skmem+0x126/0x270 [ 788.892709] ? mem_cgroup_sk_free+0x80/0x80 [ 788.897039] ? __sk_mem_raise_allocated+0x617/0x1360 [ 788.902156] __sk_mem_raise_allocated+0x543/0x1360 [ 788.907098] __sk_mem_schedule+0x65/0xd0 [ 788.911165] tcp_sendmsg_locked+0x1898/0x2ff0 [ 788.915679] ? tcp_sendpage+0x60/0x60 [ 788.919482] ? mark_held_locks+0xa6/0xf0 [ 788.923546] ? __local_bh_enable_ip+0x159/0x270 [ 788.928229] tcp_sendmsg+0x2b/0x40 [ 788.931771] inet_sendmsg+0x12e/0x590 [ 788.935575] ? ipip_gro_receive+0x100/0x100 [ 788.939915] sock_sendmsg+0xcf/0x120 [ 788.943627] ___sys_sendmsg+0x3e2/0x920 [ 788.947606] ? copy_msghdr_from_user+0x410/0x410 [ 788.952379] ? mark_held_locks+0xf0/0xf0 [ 788.956445] ? lock_downgrade+0x740/0x740 [ 788.960600] ? check_preemption_disabled+0x41/0x280 [ 788.965658] ? find_held_lock+0x2d/0x110 [ 788.969773] ? __might_fault+0x11f/0x1d0 [ 788.973840] ? lock_downgrade+0x740/0x740 [ 788.978007] __sys_sendmmsg+0x195/0x470 [ 788.981986] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 788.986336] ? lock_downgrade+0x740/0x740 [ 788.990516] ? __might_fault+0x192/0x1d0 [ 788.994589] ? _copy_to_user+0xb8/0x100 [ 788.998585] ? put_timespec64+0xcb/0x120 [ 789.002661] ? nsecs_to_jiffies+0x30/0x30 [ 789.006824] ? __x64_sys_clock_gettime+0x165/0x240 [ 789.011762] ? __ia32_sys_clock_settime+0x260/0x260 [ 789.016787] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.021552] __x64_sys_sendmmsg+0x99/0x100 [ 789.025802] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 789.030413] do_syscall_64+0xf9/0x620 [ 789.034220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 789.039424] RIP: 0033:0x45c479 [ 789.042614] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 789.061529] RSP: 002b:00007f8612e81c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 789.069237] RAX: ffffffffffffffda RBX: 00007f8612e826d4 RCX: 000000000045c479 [ 789.076506] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 789.083768] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 789.091033] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 789.098299] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc 01:53:29 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x540) [ 789.129494] bridge0: port 2(bridge_slave_1) entered disabled state 01:53:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0xffffffffffffffe0) [ 789.196731] device bridge_slave_0 left promiscuous mode [ 789.203585] bridge0: port 1(bridge_slave_0) entered disabled state [ 789.224144] Task in /syz1 killed as a result of limit of /syz1 [ 789.238923] memory: usage 307180kB, limit 307200kB, failcnt 4325 [ 789.249630] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 789.263161] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 789.273352] Memory cgroup stats for /syz1: cache:0KB rss:204KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 789.285838] input: syz1 as /devices/virtual/input/input312 [ 789.299675] device veth1_macvtap left promiscuous mode [ 789.302038] Memory cgroup out of memory: Kill process 27464 (syz-executor.1) score 1103 or sacrifice child [ 789.309944] device veth0_macvtap left promiscuous mode [ 789.337749] device veth1_vlan left promiscuous mode [ 789.343327] Killed process 27464 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 789.350179] device veth0_vlan left promiscuous mode [ 789.367541] oom_reaper: reaped process 27464 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:53:29 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x558) 01:53:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000180)={&(0x7f0000000080)="18b363cb7372671e6cdc0ef4e582cbab78eed6e06b0cef2cf522887801a04e5fcc03ad811c6348b7bf074a69d0e3e167955b11cb4fdf9212294254e96e126332d57b21252da957d012983c5dff768742d81e564cc9ebe71b4d9714960b013aa786858b692e9b3da4615144043362c54f19da2cb4d1e97ee1f5e2dfb39f564b7935fa7d1b00ea4d3ea281038ca2a5781d3d0c7307998b1069ccc7910a1c6d475d6b8533b6a6234b1ed308d0fc984fe2654cf4503ae6ccfc16b5070a32ca7fef9954e2b74cf9156ba16e3585a0b85b0ebde075b679c9515cf5642b783af826e4d2ed682626b2ecfb9acfee9e5330653eed", 0xf0, 0x2}) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r3, 0xc01064ac, &(0x7f0000000240)={r4, 0x1f, &(0x7f00000001c0)=""/31}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 789.568024] input: syz1 as /devices/virtual/input/input314 [ 789.579131] Unknown ioctl -1072667476 [ 789.623535] Unknown ioctl -1072667476 01:53:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$EVIOCSABS2F(r2, 0x401845ef, &(0x7f0000000040)={0xd, 0x0, 0xfffff6d0, 0x2, 0x59b3, 0x8001}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x10, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) fadvise64(0xffffffffffffffff, 0x10c1, 0x2, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 789.657620] input: syz1 as /devices/virtual/input/input315 01:53:30 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x570) [ 789.833651] input: syz1 as /devices/virtual/input/input316 [ 789.887982] input: syz1 as /devices/virtual/input/input317 [ 795.326858] device hsr_slave_1 left promiscuous mode [ 795.367440] device hsr_slave_0 left promiscuous mode [ 795.426290] team0 (unregistering): Port device team_slave_1 removed [ 795.437050] team0 (unregistering): Port device team_slave_0 removed [ 795.446451] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 795.482179] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 795.560294] bond0 (unregistering): Released all slaves 01:53:36 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0xa}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:36 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x588) 01:53:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x40000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$void(r4, 0x5450) ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x1) 01:53:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf2}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 795.814687] input: syz1 as /devices/virtual/input/input318 [ 795.898824] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 795.951296] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 795.976604] CPU: 0 PID: 27654 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 795.984498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.993868] Call Trace: [ 795.996465] dump_stack+0x188/0x20d [ 796.000107] dump_header+0x159/0xa5e [ 796.003829] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 796.008936] ? ___ratelimit+0x59/0x573 [ 796.012839] oom_kill_process.cold+0x10/0x6dc [ 796.017347] ? task_will_free_mem+0x134/0x6d0 [ 796.021860] out_of_memory+0x349/0x1250 [ 796.025845] ? oom_killer_disable+0x270/0x270 [ 796.030357] mem_cgroup_out_of_memory+0x1c7/0x240 [ 796.035212] ? memcg_event_wake+0x210/0x210 [ 796.039546] ? do_raw_spin_unlock+0x171/0x260 [ 796.044045] try_charge+0xe22/0x1300 [ 796.047764] ? __kmalloc_node_track_caller+0x38/0x70 [ 796.052894] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 796.057745] ? rcu_read_lock_sched_held+0x10a/0x130 [ 796.062780] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 796.068075] ? mark_held_locks+0xa6/0xf0 [ 796.072146] ? mem_cgroup_charge_skmem+0x111/0x270 [ 796.077090] mem_cgroup_charge_skmem+0x126/0x270 [ 796.081850] ? mem_cgroup_sk_free+0x80/0x80 [ 796.086186] ? __alloc_skb+0x3ad/0x5b0 [ 796.090108] __sk_mem_raise_allocated+0x543/0x1360 [ 796.095094] __sk_mem_schedule+0x65/0xd0 [ 796.099170] tcp_sendmsg_locked+0x1898/0x2ff0 [ 796.103731] ? tcp_sendpage+0x60/0x60 [ 796.107556] ? mark_held_locks+0xa6/0xf0 [ 796.111622] ? __local_bh_enable_ip+0x159/0x270 [ 796.116298] tcp_sendmsg+0x2b/0x40 [ 796.119854] inet_sendmsg+0x12e/0x590 [ 796.123653] ? ipip_gro_receive+0x100/0x100 [ 796.127984] sock_sendmsg+0xcf/0x120 [ 796.131707] ___sys_sendmsg+0x3e2/0x920 [ 796.135706] ? copy_msghdr_from_user+0x410/0x410 [ 796.140504] ? mark_held_locks+0xf0/0xf0 [ 796.144572] ? lock_downgrade+0x740/0x740 [ 796.148730] ? check_preemption_disabled+0x41/0x280 [ 796.153761] ? find_held_lock+0x2d/0x110 [ 796.157836] ? __might_fault+0x11f/0x1d0 [ 796.161916] ? lock_downgrade+0x740/0x740 [ 796.166075] __sys_sendmmsg+0x195/0x470 [ 796.170065] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 796.174387] ? lock_downgrade+0x740/0x740 [ 796.178556] ? __might_fault+0x192/0x1d0 [ 796.182622] ? _copy_to_user+0xb8/0x100 [ 796.186608] ? put_timespec64+0xcb/0x120 [ 796.190678] ? nsecs_to_jiffies+0x30/0x30 [ 796.194844] ? __x64_sys_clock_gettime+0x165/0x240 [ 796.199796] ? __ia32_sys_clock_settime+0x260/0x260 [ 796.204814] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.209590] __x64_sys_sendmmsg+0x99/0x100 [ 796.213825] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 796.218413] do_syscall_64+0xf9/0x620 [ 796.222237] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 796.227440] RIP: 0033:0x45c479 [ 796.230642] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 796.249551] RSP: 002b:00007f8612ea2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 796.257266] RAX: ffffffffffffffda RBX: 00007f8612ea36d4 RCX: 000000000045c479 [ 796.264556] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 01:53:36 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x5a0) 01:53:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x100000000000001) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$SIOCGSTAMP(r3, 0x8906, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) rt_sigprocmask(0x2, &(0x7f00000000c0)={[0x6]}, &(0x7f0000000100), 0x8) ioctl$RTC_ALM_READ(r4, 0x80247008, &(0x7f0000000140)) arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000080)) [ 796.271832] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 796.279163] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 796.286468] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:53:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000380)={[0x101, 0x10001, 0x1, 0x1000, 0x10000, 0xbb, 0x9, 0x7fffffff, 0x6, 0x100, 0x18, 0x400, 0x3, 0x1, 0x5ff, 0x8f, 0x0, 0x1, 0x3f, 0x4, 0xfffffffc, 0x2cec, 0x7ff, 0x1000, 0x54, 0x1, 0xffffffff, 0x8, 0x8001, 0x9, 0x40000000, 0x2, 0x9a07, 0x8720000, 0x9, 0x9f0, 0x9, 0x3, 0x1, 0x3, 0x3b9, 0x7ff, 0x80000000, 0x1f, 0x3, 0x3, 0x4, 0x5, 0x4, 0x3, 0x10000, 0x8, 0x5, 0x9, 0x6, 0x7fff, 0x8, 0x9, 0x80, 0x0, 0x0, 0xff, 0x8, 0x0, 0xffff, 0x9, 0x0, 0xd7, 0x3, 0x5, 0xffff, 0x0, 0x7fff, 0x9, 0x8, 0x7, 0x4, 0x1, 0xfffffbff, 0x5, 0x0, 0x0, 0xbe1, 0x5, 0x5, 0x7, 0x10000, 0x80000000, 0x6, 0x4, 0x2, 0x7, 0x3, 0xe757, 0x1, 0x6, 0x4, 0x6, 0x1, 0x3, 0xffffff1b, 0xfffffff7, 0x5, 0x1, 0x5, 0xf6, 0x2, 0x8, 0x8, 0x80000000, 0x8, 0x7, 0x7f, 0x8, 0xfff, 0x0, 0x101, 0x6, 0x3, 0x8000, 0xaaf, 0x9, 0x503, 0x9, 0x3, 0x3, 0x8, 0x2c69c8b6, 0xe1f3, 0x1f00, 0x400, 0x0, 0x7ff, 0x3, 0x2, 0x4, 0x56, 0x101, 0x6, 0x2, 0x1ff, 0x6, 0x3ff, 0x6, 0xfffffffd, 0x2d6, 0x9, 0xffffff55, 0x80000001, 0x3, 0x6, 0x3ff, 0x7ff, 0x8, 0x10001, 0x4, 0x10001, 0x3ff, 0x80000001, 0x730, 0x1, 0x9, 0x8, 0x8, 0x8f5, 0x7, 0x490, 0x1ff, 0xffffff83, 0x5, 0x64f78c40, 0x4, 0x5, 0xad9f, 0x3, 0x7, 0x6e3, 0xfffffffa, 0x1000, 0x5b70, 0x9, 0x20, 0x8, 0x80000000, 0x9, 0xffff1ceb, 0x5, 0x7fff, 0x0, 0x6, 0xf4, 0x7, 0x7ff, 0x1, 0x4, 0x6, 0x1ff, 0x10000, 0x6, 0x200, 0x81, 0x10001, 0x0, 0x6, 0x80000000, 0x800, 0x800, 0x8, 0x20, 0x101, 0xf7e3, 0x2, 0x8, 0x8, 0x6ba, 0x8000, 0x0, 0x3, 0x4, 0x9, 0x6c, 0x1ff, 0x10000, 0x8, 0x1, 0x1b, 0x3, 0xfffffeff, 0x1, 0x3, 0x81, 0x2, 0x3, 0x4, 0xfffffff8, 0x306, 0xfffffc00, 0x7bf7, 0xff, 0x0, 0xa, 0x7c, 0xdc58, 0x401, 0xa53, 0x400, 0x6, 0x8, 0x1000, 0x1f, 0x2, 0x800, 0xfffffffb, 0x7, 0x20002000, 0x8, 0x7, 0x7f, 0x3, 0x1000, 0xffff, 0x4, 0x80, 0xca, 0x9, 0x2, 0x9, 0x1, 0x100, 0x7, 0x0, 0x8001, 0x7d, 0x400, 0xd8, 0xffff, 0xfff, 0xb58f, 0x5, 0x7, 0x5, 0x8001, 0x2, 0x101, 0x0, 0x2, 0x7ff, 0x93a, 0x1, 0x3, 0x4, 0x7, 0xecdc, 0x0, 0x1ff, 0x4eb4, 0x7f, 0xcc, 0x81, 0x1000, 0x284, 0xca3, 0x3, 0x4, 0x8, 0x1, 0x40, 0x0, 0x2, 0x7, 0x3, 0x1, 0xfffffff7, 0x7, 0x494, 0x2, 0xffffffff, 0xff, 0x8, 0x8, 0x1ff, 0x8, 0xaee, 0x401, 0x9, 0xffffffff, 0x7ff, 0x3c, 0x5, 0x9, 0x81, 0x7fffffff, 0x2, 0x7ff, 0x2, 0x3, 0xcc3, 0xfd2, 0x6, 0x49, 0x9, 0x4c4c, 0x9, 0xffff0650, 0xfffffff9, 0xfde, 0x12000, 0x1f, 0x0, 0x0, 0x8001, 0x8, 0x7, 0x7, 0x5, 0x8, 0xffffffff, 0x80000001, 0x3, 0x5432, 0x7f, 0x1, 0x4, 0x10001, 0xeec, 0x80000001, 0xfbf, 0x3, 0x34f7, 0x5, 0x2, 0x9, 0x9, 0x0, 0x7fffffff, 0x200, 0xdb66, 0x8001, 0xe4, 0x400, 0x7, 0x0, 0x4, 0x1, 0x0, 0x4, 0x1f, 0x100, 0x6, 0x6, 0x1, 0x200, 0x5, 0x81, 0x7, 0x0, 0x8, 0x84c6, 0x14000000, 0xe8aa, 0x80, 0x0, 0x5, 0xd06b, 0x400, 0x2, 0x1d, 0x20, 0x7a, 0xfff, 0x7, 0x20, 0x958, 0x7, 0x4, 0xde, 0x7, 0x1, 0x2, 0x1f, 0x8, 0x2, 0x7, 0x2, 0xd85, 0x1, 0x800, 0x1, 0x0, 0x5f, 0x0, 0x3, 0x2, 0x101, 0x5, 0xfffffffb, 0x0, 0x6, 0x1, 0xfffffffa, 0x1, 0x8, 0xefe, 0x4, 0xfffff801, 0x5, 0x4d59, 0x7, 0xe72, 0xfffffffd, 0x9, 0x7, 0x80000001, 0x81, 0x10001, 0x2, 0xb1, 0x9, 0x8, 0x5, 0x4, 0x43, 0x9, 0x716, 0xfffffffa, 0xfffffffc, 0xfffff001, 0xfffffffc, 0x80, 0x100, 0x8000, 0x81, 0x3, 0x8, 0x9, 0x5, 0x45a1, 0xffffff81, 0x3, 0xa85, 0x6, 0x4, 0x7ff, 0x8001, 0x0, 0x3, 0x6, 0x10000, 0x3, 0x2f0e, 0x1b622321, 0x8, 0xffffffff, 0x9, 0x5, 0xb8a, 0x45ff, 0x1ff, 0x40, 0x2, 0x6, 0x1f, 0x5, 0x4, 0x7, 0xfe000000, 0x1, 0x5, 0xfe1, 0x1, 0x7, 0x0, 0x4, 0x0, 0x9, 0x0, 0x1, 0x8, 0x401, 0xca48, 0xfa, 0x6, 0x7fffffff, 0x800, 0x159, 0x6, 0x0, 0x9, 0x0, 0x5, 0x56, 0xff, 0x9, 0x8, 0xffffffff, 0x1f, 0x4, 0x7, 0x10001, 0x3, 0x7fff, 0xfffffff7, 0x7fffffff, 0x9, 0x8, 0x1f, 0x1c00000, 0x5, 0xac30, 0x2, 0x80000000, 0x7, 0xf7, 0x4, 0xfffffff7, 0x401, 0x6, 0x9, 0x4, 0xffffffc1, 0xffff, 0xfff, 0xa3, 0x3, 0x4997, 0x8, 0x8, 0x40, 0x9, 0x3, 0x2, 0xfd, 0x2, 0xfffffffd, 0xfff, 0x9, 0x6, 0xfffffbff, 0x4e96, 0x9, 0x0, 0x6b, 0x5, 0x100, 0x80000001, 0x10000, 0x6, 0x7f, 0x1f, 0x1, 0x9, 0x56b, 0xc849, 0x7fffffff, 0x2415, 0x9, 0x7, 0x723, 0x0, 0x472, 0xff, 0x7f, 0x0, 0x2, 0x476c7deb, 0x8, 0x2, 0x9, 0x10001, 0x7, 0x3, 0x4, 0x4, 0x6, 0xffff, 0x761992da, 0x3, 0x81, 0x6, 0x870, 0x8, 0x1000, 0x5, 0x8, 0x4, 0x5df6, 0x4, 0x7f, 0x6, 0x0, 0x400, 0x2, 0x6, 0xf0, 0xc4e5, 0x100, 0xb3b, 0x8001, 0x400, 0xfffffffb, 0x7e3e, 0xa91, 0xd63, 0xb99c, 0x9, 0x8, 0x7ff, 0x200, 0xffff, 0x6, 0x4, 0x9, 0x1, 0x7, 0xfffffffb, 0x7, 0x0, 0x7, 0x89, 0x100, 0x6, 0xfffffff9, 0x3, 0x1, 0x8, 0x2, 0x0, 0x5, 0x7, 0x199e, 0x9, 0x8000, 0x101, 0x2, 0x6, 0x6, 0x7, 0x100, 0x50, 0x7, 0x5, 0x0, 0x7fffffff, 0x9, 0x3f, 0xad6, 0x1b7, 0x3, 0x1f, 0x180000, 0x100, 0x5, 0x2, 0xff00000, 0x3, 0x8001, 0x8, 0x5, 0xff, 0x800, 0xcb, 0x4, 0x9, 0x5f53, 0x800, 0x44, 0x6, 0xffff, 0x0, 0x0, 0x9, 0x12900, 0x7fffffff, 0x3a6, 0x3, 0x2, 0x10000, 0x0, 0x10001, 0x9, 0x100, 0x80000001, 0xac, 0x20, 0x14de20bf, 0x3, 0x6, 0x3, 0x4, 0x80000000, 0x1, 0x3, 0x2ac, 0x7, 0xfff, 0x217c000, 0x581a4638, 0x6, 0x0, 0x5, 0x7, 0x81, 0x81, 0xc5a, 0xded6, 0x0, 0x80000000, 0x3, 0x5, 0x9, 0x0, 0xfffffff9, 0x80000000, 0x178a451e, 0x9, 0x3, 0x3481, 0x774, 0xffffff81, 0xc75, 0x3, 0xfffff800, 0xf693, 0x5c8f5d2b, 0x3, 0x3, 0x1, 0x48, 0x5, 0x3ff, 0x1f, 0x1, 0x3, 0x0, 0xfff, 0x3f7, 0x9, 0x8, 0x1, 0xe0de, 0x74, 0x200, 0x10, 0x0, 0x9, 0x1, 0xfff, 0x2, 0x20, 0x0, 0x3, 0x297, 0x8, 0x9, 0x7c, 0x4, 0x6, 0x6, 0x10000, 0xce9e, 0x1, 0xffffff63, 0x200, 0x40, 0x101, 0x5, 0x1000, 0x7f, 0x6, 0x80000000, 0x7f, 0x7fff, 0x8, 0x0, 0xef3c, 0x400000, 0x80000000, 0x7, 0x400, 0x2, 0x8, 0x1f, 0x5a, 0x8, 0x753, 0x4ec505e9, 0x9, 0x0, 0x9, 0x81, 0x8, 0x3, 0x8, 0x5, 0x7, 0x8, 0xffffff80, 0x1f, 0xfff, 0x2, 0x8000, 0x7, 0x8, 0x3ff, 0x8, 0x34, 0x9, 0x3, 0xdb8, 0x2, 0x813, 0x8, 0x2, 0x4, 0x0, 0x489da77, 0x3, 0x800, 0x10000, 0x5, 0xee7, 0x2f0f, 0x33c1, 0x81, 0x7, 0x3, 0x10000, 0xb34, 0x0, 0xb24, 0xfffff36d, 0x7, 0x0, 0x81, 0x8001, 0x12d, 0xa913, 0x145, 0x4, 0x9cd6, 0x5c, 0x0, 0x7fff, 0x1, 0x2, 0xd00, 0x1, 0xfffff001, 0x6, 0x100, 0x9, 0x8e60, 0x3f, 0x9ba, 0xfffffffc, 0x10001, 0x20, 0x9, 0x88c, 0x2, 0x800, 0x80000001, 0x3, 0x8000000, 0x69, 0x401, 0x1, 0x2, 0x3, 0x40, 0x9, 0x7, 0x4, 0x5, 0x9, 0x7, 0x3, 0x1, 0x80000000, 0x32, 0x80000000, 0x3, 0x1, 0x7, 0x5, 0x8, 0x1, 0x0, 0x4, 0x8000, 0x1, 0x7, 0xd97f, 0xbfab, 0x4, 0x2, 0x1f, 0x8001, 0xfffffffd, 0x0, 0x5, 0x7fffffff, 0xd32, 0x5, 0x7, 0x400, 0x5, 0x5, 0x0, 0x167d258e, 0x9, 0x3, 0x6, 0x8, 0x3f, 0x101, 0xa6, 0xfffffffb, 0x1f, 0x4, 0x0, 0x6, 0x4, 0x1000, 0x78, 0x8, 0x9, 0xfffffe00, 0x9, 0x679, 0x6, 0xfffffffd, 0x8, 0x0, 0x200, 0xffffffff, 0xfffffff8, 0x4, 0x5, 0x8, 0x1, 0x7ff, 0x6, 0x1f, 0x3, 0x1, 0x81, 0x100, 0x80, 0x8b, 0xaa, 0x9, 0x4, 0x7, 0x6, 0x7fffffff, 0xff, 0x80, 0xf089, 0x1fc0000, 0x9, 0x2, 0x7, 0x5c, 0x4, 0x3f, 0x80000001, 0x0, 0x7f, 0x8, 0x200, 0x8a, 0x7f, 0x1000, 0x0, 0x3, 0x80000001, 0x0, 0x5, 0x2, 0x8, 0x7, 0xaa9, 0x8]}) [ 796.364642] Task in /syz1 killed as a result of limit of /syz1 [ 796.370674] memory: usage 307176kB, limit 307200kB, failcnt 4337 [ 796.417961] input: syz1 as /devices/virtual/input/input320 [ 796.498596] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 796.516646] input: syz1 as /devices/virtual/input/input321 01:53:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:53:37 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x5b8) [ 796.597587] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 796.723074] input: syz1 as /devices/virtual/input/input322 [ 796.817007] input: syz1 as /devices/virtual/input/input323 [ 797.024579] Memory cgroup stats for /syz1: cache:0KB rss:204KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 797.084300] Memory cgroup out of memory: Kill process 27644 (syz-executor.1) score 1103 or sacrifice child [ 797.114236] Killed process 27644 (syz-executor.1) total-vm:74832kB, anon-rss:156kB, file-rss:35836kB, shmem-rss:0kB [ 797.167248] oom_reaper: reaped process 27644 (syz-executor.1), now anon-rss:0kB, file-rss:34884kB, shmem-rss:0kB 01:53:37 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x10}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:37 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x5d0) 01:53:37 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000040)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4d3, 0x0, 0x0, 0x0, 0x4, 0x20000000000, 0x0, 0x0, 0x0, 0x401], 0x3000, 0x8}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[]) bind$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0x1, @multicast2}}, 0x1e) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in={0x2, 0x4e24, @local}], 0x10) connect$inet6(r4, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x76, &(0x7f0000000000)={r5, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r7) setsockopt$inet_mreqsrc(r7, 0x0, 0x26, &(0x7f0000000180)={@dev={0xac, 0x14, 0x14, 0x2a}, @remote, @rand_addr=0x3e4}, 0xc) r8 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) madvise(&(0x7f0000004000/0x2000)=nil, 0x2000, 0x64) r9 = gettid() tkill(r9, 0x1000000000016) ioctl$DRM_IOCTL_GET_CLIENT(r8, 0xc0286405, &(0x7f0000000100)={0x9, 0x1, {r9}, {0xffffffffffffffff}, 0x7, 0x60}) ioprio_set$pid(0x2, r10, 0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000040)={r5, @in={{0x2, 0x4e20, @remote}}, 0x9, 0x80}, 0x90) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x142800}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 797.541833] syz-executor.1 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 797.584570] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 797.590005] CPU: 0 PID: 19378 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 797.597886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 797.607241] Call Trace: [ 797.609855] dump_stack+0x188/0x20d [ 797.613494] dump_header+0x159/0xa5e [ 797.617227] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 797.622331] ? ___ratelimit+0x59/0x573 [ 797.626234] oom_kill_process.cold+0x10/0x6dc [ 797.630769] ? task_will_free_mem+0x134/0x6d0 [ 797.635271] out_of_memory+0x349/0x1250 [ 797.639255] ? oom_killer_disable+0x270/0x270 [ 797.643781] mem_cgroup_out_of_memory+0x1c7/0x240 [ 797.648638] ? memcg_event_wake+0x210/0x210 [ 797.652972] ? do_raw_spin_unlock+0x171/0x260 [ 797.657486] try_charge+0xe22/0x1300 [ 797.661210] ? find_held_lock+0x2d/0x110 [ 797.665272] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 797.670133] ? lock_downgrade+0x740/0x740 [ 797.674297] ? check_preemption_disabled+0x41/0x280 [ 797.679327] memcg_kmem_charge_memcg+0x7b/0x150 [ 797.684051] ? memcg_kmem_put_cache+0xb0/0xb0 [ 797.688561] ? should_fail+0x142/0x7bc [ 797.692453] ? __isolate_free_page+0x4c0/0x4c0 [ 797.697067] memcg_kmem_charge+0x132/0x360 [ 797.701410] __alloc_pages_nodemask+0x396/0x6a0 [ 797.706135] ? __alloc_pages_slowpath+0x26a0/0x26a0 [ 797.711179] ? _raw_spin_unlock_irq+0x24/0x80 [ 797.715685] copy_process.part.0+0x3d6/0x7a60 [ 797.720189] ? mark_held_locks+0xf0/0xf0 [ 797.724274] ? mark_held_locks+0xf0/0xf0 [ 797.728355] ? __cleanup_sighand+0x60/0x60 [ 797.732604] ? lock_downgrade+0x740/0x740 [ 797.736780] ? __might_fault+0x192/0x1d0 [ 797.740853] _do_fork+0x22f/0xf40 [ 797.744322] ? fork_idle+0x1e0/0x1e0 [ 797.748056] ? __x64_sys_clock_gettime+0x165/0x240 [ 797.753113] ? __ia32_sys_clock_settime+0x260/0x260 [ 797.758141] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 797.762907] ? trace_hardirqs_off_caller+0x55/0x210 [ 797.767943] ? do_syscall_64+0x21/0x620 [ 797.771932] do_syscall_64+0xf9/0x620 [ 797.775750] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 797.780979] RIP: 0033:0x45aa4a [ 797.784177] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 797.803082] RSP: 002b:00007fff4a5f9370 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 797.810907] RAX: ffffffffffffffda RBX: 00007fff4a5f9370 RCX: 000000000045aa4a [ 797.818224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 797.825506] RBP: 00007fff4a5f93b0 R08: 0000000000000001 R09: 0000000002082940 [ 797.832783] R10: 0000000002082c10 R11: 0000000000000246 R12: 0000000000000001 [ 797.840064] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff4a5f9400 [ 797.863690] input: syz1 as /devices/virtual/input/input324 01:53:38 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:38 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x5e8) 01:53:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000100)="0f019d95a0660fc732660fd4ecf3260f911cf20fb04ce9f30f09baf80c66b87883b08466efbafc0c66b801c0000066ef660f38f61866b8010000000f01d966b9800000c00f326635010000000f30", 0x4e}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x62ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffffffffffe]}) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x800, 0x0) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f00000000c0)='team_slave_1\x00') ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 798.111561] Task in /syz1 killed as a result of limit of /syz1 [ 798.121206] memory: usage 307316kB, limit 307200kB, failcnt 4398 [ 798.133833] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 798.149367] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 798.156103] input: syz1 as /devices/virtual/input/input326 [ 798.160093] Memory cgroup stats for /syz1: cache:0KB rss:72KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:52KB inactive_file:0KB active_file:0KB unevictable:0KB [ 798.208888] Memory cgroup out of memory: Kill process 19378 (syz-executor.1) score 117 or sacrifice child [ 798.231569] Killed process 19378 (syz-executor.1) total-vm:74568kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB [ 798.247450] input: syz1 as /devices/virtual/input/input327 [ 798.261040] oom_reaper: reaped process 19378 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 01:53:38 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x600) 01:53:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000040)="66baf80cb8ab873583ef66bafc0cec2e0fc7ab5a00000066b8a5008ec866ba200066edc744240058820000c744240200800000c7442406000000000f011c24d84f4eb9800000c00f3235000100000f30c744240007010000c744240200000000ff2c240f06f3400f09", 0x69}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 798.429226] input: syz1 as /devices/virtual/input/input328 [ 798.526937] input: syz1 as /devices/virtual/input/input329 01:53:39 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x618) [ 798.668895] input: syz1 as /devices/virtual/input/input330 01:53:39 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x11}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$EVIOCGREP(r4, 0x80084503, &(0x7f0000000380)=""/152) ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0205647, &(0x7f0000000280)={0x3f0000, 0x7, 0x8000, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x9909d6, 0xd98, [], @value64=0x1ff}}) r5 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000080)='pkcs7_test\x00', 0x0, &(0x7f0000000200)="1f00", 0x2, r5) keyctl$restrict_keyring(0x1d, r5, 0x0, &(0x7f0000000040)='\x00') ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000100)={0x6, 0x0, [{0x80000001, 0x80, 0xffff8001, 0x681}, {0x7, 0x80, 0x1, 0x8000, 0x101}, {0x80000008, 0x6b8, 0xde1, 0x11, 0x6cd}, {0x80000019, 0x7f, 0x717, 0xd1, 0x94}, {0x80000008, 0x4, 0x6, 0x800, 0x7}, {0xc0000001, 0x7, 0x8, 0x401, 0x1000}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:39 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x630) 01:53:39 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf6}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 799.354756] input: syz1 as /devices/virtual/input/input332 [ 799.406879] input: syz1 as /devices/virtual/input/input333 01:53:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SG_GET_KEEP_ORPHAN(r4, 0x2288, &(0x7f0000000140)) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x100, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r6, 0x4040ae75, &(0x7f0000000100)={0x1, 0x80000001, 0xfffffffa, 0x2}) r7 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) setsockopt$netlink_NETLINK_PKTINFO(r7, 0x10e, 0x3, &(0x7f0000000040)=0x3, 0x4) 01:53:40 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x648) 01:53:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x200000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:40 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf7}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x81]}) ioctl$KVM_PPC_GET_SMMU_INFO(0xffffffffffffffff, 0x8250aea6, &(0x7f0000000080)=""/42) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000040)=0x7, 0x4) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) r7 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x880, 0x12) sendmsg$kcm(r7, &(0x7f0000001a40)={&(0x7f0000000380)=@l2tp6={0xa, 0x0, 0xffffff41, @mcast1, 0x8000, 0x3}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000200)="7b6bf5992a000a93ceda254506008ec48c95f679bfd3a292be7b5ef930f6d8b4165e0dc3b3", 0x25}, {&(0x7f0000000400)="2d1cad0f915562ce6c122e171fbed2e9e2a09287d730f29d2eca8ac64c099ebfedc7be97896f8a628f2d6ee8ea4cf1e89d1aefb0f9a09389bb90bcb2a46b5453adac1125559e0e06fcd2528682b17b7ed761b6980605ee491d32cdb1c243594fe434a294e5ffeecfa38feea9703b734dcb67e05209e7e9aac29be4411c95535a632ac2d58b221d0585bb1bdc26d7db4d132dd690eab8cce793810a24f247eccbbca0eecd73bc98c5a4e8df97ebf78008be749c4edc3a9461ee25eb8e69a3b334fcde31b8230eaf24f1b2b930ccb684b857e9921a75a2847490e447eccaff710c36801409ae9ae235fc85df4a9d66903919c4ed91bf35869a425f2f7abef81ccbe1e721c832674502fc95b1f86afdfaf50b542cbbf8bd09db0114e33456d463318a8a07ce4f0e90c7f1bd8827d79eae1973cf0d50f06f2d641b0d89bf393918ec15ac07da6bccb9c90c3f41e83bc3e75cf722a8503db37ea46f7b050f4ced63bcf43671bb2e0b58a6d2a4da80e27ad2f25b3712a35db82d245db589ad373d2369ce5d6f42ff59f1ded1fe46a1a0b2d00fa1c7f98df27e6b2497a409ed8d3dfb9468591cfb9ed32f743495cc28fe3a165955db8d727e77b372d853698f61686c427748aad1a55bd743940c4e12fc5cc83cbe880400ac222abf32fb9c52d869e16c34eb75bc18a2c98c701a3862dba91094c66262cea1cbbfe6d7a5cbd4deba2816f5f1c44fecd50609aeda92cf61ec15718c422df396a7c0c4dc9171bd84c3605a858bd15eb8a23d7a1d8aa6f430e31466f061ce47d36e340b32e756b227e2327df4981513507f33baf911874993dbccd76874a637d04380d0271a03f5063d2a1478a4323aa69f82eab69e9224cd1fd7465d86be49eb20a886715d6b268a813abfba19ce9c13e81abd52cb9e73fa2826c183be0e68e393e3ac6e8eb0eb0df5067ebbb3ec4f2c008468f7e92b8b9f09bbd3f51ff223008c1d4ca701468f6c5889fa8ef76f73716c475701c6fddacad4b638a9589ab4b98e069adf794e6ba750b62b66815e9023c928b07a4ed7c329b4b6f4990b7c6075e4895d0d7a3f2ba9c874cc35b52fd58a3a9064cfb63cb7cb5ec3e78b9140a08a8036f42e9a69fc731420124fbdfa500146ccb17796c23d73097cb74418a647003c17ce5f647770f3a2ef4be7056b7de2b6a330911131f418b81b4b42e129d449d719761a288b4641afa7adbf893dd89e16457c65d9136ef200333569a5602af8af7b83ff9ad2e9f8315061d064550d577be89a44f98442c5399bad8fc86abf0c414c35cadb8bd8ad13153c6d8a9979359d5cefecb077ebaef451fea164032a03aaa4f4e3fdf9787902c5af0967da202f5933f0f0818229093e4be431a19bcc2b9e91a40d8b743417ee3d8595199b9a0eaa6cd798261aee1e785f58f2600f500e8feebf54833b650025481f4eb6061a33a458bef2daa33d65bf22caa8c327ad4d3eac69b838469e1f38a13a2f3663e5fc61c4cb017dac65583c51df9a53bea7732b05fead14e99aa65475b0a3bad4bee9cac987e998c7521a0337b6ae49d30d49a29c7bd65ce60fae41cf103c063116aa4fe0c851adf8ed32572033efec7dd3805fdb220ed7969731525bb9c03a0319cd362a980ea68e03cc0d9741c29fac287b8c871b819aacac24f8b68f46a4dcba3e3ffb454751241eb479eb7db014c16abdb56d840aefa67d29d808c9a3d39eaac985955b927622c69750492336c8b0c541d7e0a44e5ca80cab44fe05fe003eaeb4455be370abfe6f5d3db0c144a4827e2df156db66491127e325f61b0bdfaf3b5193f7e6a9800fda6ebbf93d3e40da07a751f100bf39690f95efbab0c11736991a9495ae30b5131072d6704b92caea1c7302fca34450e954b60f67b760f9e3e1719cdc804d84d7134e5d490fbb201a49a27327d70228c3701b8ed06c6bdd1f5e47d9066b311213b26e72285aa27ca7bb96e0440f62baa96c02526970f1ea3d7e194c1053b9d01409a1ad0a9fd166820455e40489fd861682a5bc597f462e1c8ede1fbd182db28fc4644043f8716f78259258b5166ed39766ce5b27aa07edec60800331d35d1d5e997e5d0d716e03fe9759440995f5655f1af7e7b119878bd508412972249dd29f6e4546f28ecd68bf4aef017b25bffb84ac82727a1e4bdd1eb71b89e1438cdd35bf1b3423977f0f09b3e5f587dae3a2f889dd346b02a419610960da41e1814163734ee1d4eb515ce46137ab39a339a5e92affb05b06642d64f8c7e0da94ca5e3e08cc15675a176f49f2705f5b310488ead738977d97c6c23a4eedfb311ab1a566292f3d58782f938b6c9df443bea478b133eb10ac58910562a41d5bab468d0e2001a8533104c4af92b1aa1f4bbe67a26abb5e175eae59a5246bce1e6bed22c4d83085dc7207c9193b65307b9a937413c23e05335180ffa2852275722006c366c1c9bdef8f179784c16cc05c2540aaf4b58fecd916ceac721dcccd84dd183b84692b288f2974b933b35094c845f3be497ec466fcd53832a923fe89eb46c277e41a38266df02a320d47db6c890eeb32335b5f9824fec66b1ebad2387a511a5106698fda2657a2cb55dea2e1407e8f3e2a4d0eb84de6d2ec8f0b99a7938fa94e38144768af719fabe7ac91e91ebc40dddb86222ec231733ac7aa9a85674605b11363589331d4bcd8a0c9e29fdefbf1531bb4fc18e9ed1a90662ca50033a27473b788230a5b5b3f227b22d6a619ffef967663d610100a91fda791034e879f98423fb6b919a7261ace74eec7def6f66d16e535f4bf5649dee5e878823f36e7cca688c631b02e8ef3fda75d1c03b98283c16dd2c31b265f8002d503dbb8d0afdf10bffe573df679e8342e7672b0d20ddb9e51060fe7810f6fa2d5c1927051e072a64e0ee304aaf546a8abcfb5563f01b4960e4ae8944d18f7181e6ec8de9e5c6b0991ccd9bca6956cca6ab61317420f4780b02160778b40de2da05d20cc53641c62dd989354aadbb43babd9fb9a22b94fa5d3e497bae2cdbc7dc99ec71bcb61491e129ba256525ab083437a8f900d422aa8a99c408cff3479d539a929bce1c07d32b68f03ddecd53f7774c864513ad6dc195de288d36662c06d8674e9b681adc94ed47f2fec786b2200479a0263a9b8a3202c17ee50963eecdc09c2dcc21010a7137c0e643117cf79717054157683f48b4457bcb1425c871ff95f4b7a77afff0f92e16f7b174d2b23309486adfa048e17827b7b5c6e9ca5d38d599944911cc030a077828cec5a89d889de3bf20d0ae55586698c1416562bf4e92ece44287646c51b57d808d72365af7bd98b2e2404de0660bf21b8b3d37442dee7368397f55a4bcbe9db49f0a000f912e1f1f2e911462366e1a1ff8f2ae20e5e5fa963e7e0e53033bf0c0a05aa0dffcac4a40b5029b6947c797134c65418c5cf3d16b30ae128933011397667e3a1ffceb4dc8a6a3b71ffa780c54750c3bfc1ce820d6ff7e0e325142ea44a3745060ea819185d0773c18ba4d4f6adf21deca5eaabe21f69a9af69b78385aa202553178ca6eb61bbbe0164c3c778274e1f325fdf9e16554819f76843cd7bc60d9e9ca99a1b36f294779f9585f5b7808b22df28cbc197d434999cd1563834940395b673477c21783a878ad615d56b41e235386ec101607b28f4d68bde4c9b3c43a549289c464ad2fdaaf90732ed1af32f37a468857fb444ffd3e3eec65e165eaf2dbba970545ae656a5d0f89cd1f8c3cbff10a3cfd4746144ca83ed7175c4a6a984708aba2d14ffa2e8957b3e7ea8a0581da1251e388c83a9ad95c02548532eda5cc1e32f85512ef51a29a8445172b002a8c2cfa02cd4a8ddcf58d4dc401319f12b78fa6da87da892b02f89f8f9c55e2d050183d746e0332868bcdf9d40764dff4cce70e9643b722dacd4571354c411aa559e285036d0a7437c3b341b52ca5514245ea9d4a702678f1ef510c525554e2c6f5f09300f05ed734140ed6a0524a3f8f644df7065c3fb7eed3dbdfe6d27852b4281937c0959e3894b2f9d53243a9c59b2aea9de1617d7ff1d801ae29afddd98cac44288e8c1c282fdb98be8a16832415a5bd4fc0c2daf488eeb656a41bb84fb540148020a99ec0317d5716f1f5ee41d54d899810bc6826b29200a56fd89dbfcd57959b888713d76e8aeb1d2178680c4becd1dffa966b18788b4f57f460007014e9ea0cb6609e9245065f491209b625103a1d5b1921fbeb924f2beb57e40a243d439d659170c658877e063480404cb093b05cc487c52315ddffc39590f743da218129dad00184554554004694dcb2cf54c556ddc2cc03ae3b47be3b4e0991b19d3e62d2be217f94873430a3f69708c94327e0722496c0c6035cce5c260b216c0e59c2e8b52852da42e57f441841847aa7e590e39686b14a28ab0f265cb4c88bb8b118e47f56b5ff1f685c4e75d600a7b34745f5ebeda553921923f809f21f4542083269694e16149e460419d9ed5bf19b2c748c52382d4738deeeb46da60401a55c2999be287ef7742b5fe56f23acc8046fd15a0035b6fe870f0e19eed0bb5b76826539cb4ed66846b767a5495a5af35bcf70ef5264d608ff44802c68ae3666261a671aa25f363883d1164347a24ea26b45ef3036e17af4e1ef31fe1f0a55de8aa612405d400fcdff29f2281ac3d4f9963fc4223ff2e0e607efd8456dbfeced4b81bf69ab1d59e0a3b895724c8fa8b4691ce53d6a98aaaaa78fc3c0304c89e9296b6554e027d95751d156a2539aeb1638e558593c6c5b2da78866a480595c29d49a7aa440a10af91debfcc45302160ad1a34e636495dfb7ee6074be93cac8d7ada3ea46e63ab4e977a0ffc44a5431aeb9900f38c5a90604f86a15eafc42401019b4544521e070b20a32a41108077b9f3c9ffa1b0b2ba860cf75d979854cfd397448886fe61c6de6ca2fbd883071f4c10123d235fc96436f46fd0e0bb1019a0033605fa198f1250776565b821256e01bb3afb287d70a75f8da8476862bd5521bfa00e177c74ac8d98fccfc6366870691cb6c860cd6b85878493e81e6882b43e9d3704c7a82de9525ec6728fa4f13e4fd1768dcc88b96f8ec2fcfa3ed6646b3e5f8067276be20e13228bdc454108cfd1d99762fed2a034da7571566e799a7650ca752c0285ab0c1a071b7defb813328b0ef3b683d70544f3640cc273acdf4b3a33934760c84e43a56fc2f146b45ac940c0f8e160eedb6f0c84635fd25df7bb04ff87c88b461188348ea67be2e3c70cce805baa7facbe33aa96d096900d5c093345045747961c12ab7c92bb44f5f95e4b080ba4e744d9b7ffffffe17c78a5fc736c9338d3b8402bad1a54b16e7f91cf3352cb7fca1e9b6386dd6651ac93826689577dd4970a04601fa242a69e5a9c8ad667bcb5af1bd8e494fd88de6eb3411e28d1420a6515bbd20af3fb0d3db40e32e9fb9546f9edf58e7847a7c939198857a0b178e737f27c1df8ccd4612eb8fa4f91f2be736b9682915c3115aabe35e665b87c3abb67d3d29c13cd1594d81bb7e90fb4c6b74f02b4ba6c98049fd3cab6e106432ae95035aca34f2fed64e63ca76a91cc01e71d0952f8ed1e6bfef44b7df85cd6764e2f636b71e52999cd850b0ba91e92550c5b510bc362ad1411c3e87889a9172705ee89bc6dc488559ddbc02fbcb64d79ea8e91f317909184dda581a286d92646b0124af0274e790ffc2622bbc0e70c6d87c42e48a07a33bcb36033a392d0ce980fd1e926a7842908a8612d0a3b5952561f844ac48a6d16ffda3ff22a6f211bf043b4", 0x1000}, {&(0x7f0000001400)="5036f9606176d38e2e3a0f66692f79f2c67ac3dbc84dcdaf361f00905f89ff4505dead5fea5e888912dbada064a89adbaaa1143cc3ec0e1c0e3201d6f0e0420f295901dbe126a650816f459b89d3595a20a6b634fc5bcff68747b88d607deb0718320b9444c40906b37cd1f6710aa53b654b292b3a4ba7e5c9113429520018651a78fab03ffd1a4ed2f3397520d09745e6578007471f825b7394bf5792075d25ca7d2b04c9d71a04989cceabdcf4ceb0d1d14ac949ba", 0xb6}, {&(0x7f00000014c0)="4a94d9b3dcd599875383cb92004be346d208a69eedbafcabb1d9e25a1ddebfbf6ed4f8cdd6b67d2f21ae9e96273f72122c7818bc8f1dd03e54bf98b5bd363e805da99eb6a05d6f07ffd244d0385176772dbfd7888dc8e1b64f1876d8067246fbc273e31faa5b270c1b2c325b591d0102029ecbaffbec86236c2f59f36dc411e190b045ab6908b97ded48b2976076e583cbe8b0f1c9c4d60db137708f2345ce21c479aab045a5644d1bb4f3e80b8eb8f11d8eb27b550b634fbffc44aecc1ca9b72b6409e9ed279e073aad58e4349a39d888859fbfd49175973023b9e62662d3cb0cafa048f36cab13fbeb5923fe099110", 0xf0}, {&(0x7f0000000280)="5a46c1cabdcf1dfece7fb92148c286", 0xf}, {&(0x7f00000015c0)="971ddfbe353105f1249c36f131b2e305d4c2b8f35177160ff9a7babd2038090a5e9f26457f5eee65c6fc52147b304ad899192b443272870fb1e98a393167a179fce25994f19a59e479ed8bfa48372faab8ee018cdd78c572bf2a9cbdded22178b4165bc64c3f9894c75a5368493811674ad65ac8ce8c65ffeceed09a1270b5d5a370af2c149086fda9", 0x89}, {&(0x7f0000001680)="b0348f70f375d07dc887a4c2cf9800730e9cc1d27f140d061299e662b27308312be3d92a376cdf11f77c41b6bac5d8f2adee3b7b9b1141fc", 0x38}, {&(0x7f00000016c0)="36562f8465ccc9b283c9d23f1c777044f351a96bd95e767f01e4bbce990b05df8d76e44210a83974a24e8d52c930e8b4f2f490d9c8c7ac8c454edafdc86461c3d7856d9e1ab9f72986c4fd6909e96f7dacd6eeae6a1b84b2fc6bef3bb3a49175315ecc9bf3324108a04f45f6a74dc77d70c13a91116c0d38a8fd64975648fb4aa214498658e50e5b7029ceb3a45d3b55644e69371fd4fb1404433f4184576f79115505", 0xa3}, {&(0x7f0000001780)="7cbfdc7560c834a8a65d765487c82860160ec8e57af7096765b4a471ff1a48b2ce00d3a6e2c56fc5ca4dbd3b297b0dd666d5ede0fb75a3c198bff63847c6bf4b962989b33564267deaa059a9ad357c144a8d345144870b4353d65eb7bcc777bd5ce92801", 0x64}, {&(0x7f0000001800)="561254684837c034aa7832bb3c47c087ce0ed1bbd8d47453894f3f44d8f16c06099a29245b98a9bcba587e19069ba806bc18f343abe6ad677b420297a99d9af90d122ee0813d980323a2e55124cc371662cea418e5ae763409da594371031f5f6c8ab8d80429d84b937b34754c6341e2", 0x70}], 0xa, &(0x7f0000001940)=[{0x68, 0x0, 0x9, "fa72bb34b555167b03c35c0c0c77c598f38e098ce9d5632d7901845b69d2b701e9c7fc3293fc6d7f73b810c31ddc6d871e7c9ca64892970b2473a69b4459abeea8e210be297cef75658efb384cb05447fdb5ff"}, {0x18, 0x117, 0x3ff, "108edbe28752"}, {0x80, 0x1, 0x5, "0fdea00ffcb165157f67b4fd157fb426b1d80aac0d5698a952c24c8757d9e773328d99b1eb9201dd10fd86ac6f70693ae925310cc4880e73d0a054d84883ef4b22be59e5f87e9ff0fddb9864c9d49f9483b685e5ada082fecfae0884d85b55b6be9da9eb9ab9e0b149840f06"}], 0x100}, 0x60000014) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cachefiles\x00', 0x400, 0x0) ioctl$BLKSECDISCARD(r8, 0x127d, &(0x7f0000000180)=0xed0) ioctl$FS_IOC_SETVERSION(r6, 0x40087602, &(0x7f0000000100)=0x20) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:40 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x28}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 800.617939] input: syz1 as /devices/virtual/input/input334 01:53:41 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x660) [ 800.836690] input: syz1 as /devices/virtual/input/input336 [ 800.917112] input: syz1 as /devices/virtual/input/input337 01:53:41 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x678) [ 801.113715] input: syz1 as /devices/virtual/input/input338 [ 801.232122] input: syz1 as /devices/virtual/input/input339 01:53:41 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf8}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:41 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x690) 01:53:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)=0x0) waitid(0x0, r3, &(0x7f0000000080), 0x8, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000000000003a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$SMC_PNETID_GET(r5, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x40000) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r6) dup(r6) r7 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r7, 0x40485404, &(0x7f0000000040)={{0xffffffffffffffff, 0x1, 0x1, 0x2, 0x40}, 0x2, 0x4}) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000000280)=0x81, 0x4) r8 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000380)='rxrpc_s\x00', 0x0, &(0x7f0000000200)="1f00", 0x4b, r8) keyctl$set_timeout(0xf, r8, 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 801.477852] input: syz1 as /devices/virtual/input/input340 01:53:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x4a8800, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) fcntl$getflags(r4, 0x40a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_HYPERV_EVENTFD(0xffffffffffffffff, 0x4018aebd, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x1}) r5 = gettid() tkill(r5, 0x1000000000016) timer_create(0x3, &(0x7f0000000080)={0x0, 0xf, 0x2, @tid=r5}, &(0x7f00000000c0)=0x0) timer_settime(r6, 0x0, &(0x7f0000000100)={{0x0, 0x989680}}, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000180)=ANY=[@ANYBLOB="0000666efbf6b92c333e73000000009e33bcb4d57cfcbd0e2eb675ccf7bc779839eaeda84613585e5231619d305d9c070567ed67c202b9c931dc66eb4d4f32399e734ebb90a4818828ed7c2055568437b7"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 801.598164] input: syz1 as /devices/virtual/input/input341 01:53:42 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x6a8) [ 801.795645] input: syz1 as /devices/virtual/input/input342 [ 803.556249] IPVS: ftp: loaded support on port[0] = 21 [ 803.642118] chnl_net:caif_netlink_parms(): no params data found [ 803.698102] bridge0: port 1(bridge_slave_0) entered blocking state [ 803.704689] bridge0: port 1(bridge_slave_0) entered disabled state [ 803.711808] device bridge_slave_0 entered promiscuous mode [ 803.719660] bridge0: port 2(bridge_slave_1) entered blocking state [ 803.727390] bridge0: port 2(bridge_slave_1) entered disabled state [ 803.735591] device bridge_slave_1 entered promiscuous mode [ 803.738475] NOHZ: local_softirq_pending 08 [ 803.758564] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 803.768778] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 803.786616] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 803.793999] team0: Port device team_slave_0 added [ 803.799906] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 803.807792] team0: Port device team_slave_1 added [ 803.823148] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 803.829483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 803.855818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 803.868186] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 803.874440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 803.899735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 803.910943] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 803.918602] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 803.977666] device hsr_slave_0 entered promiscuous mode [ 804.015054] device hsr_slave_1 entered promiscuous mode [ 804.065880] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 804.073089] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 804.158640] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.165041] bridge0: port 2(bridge_slave_1) entered forwarding state [ 804.171630] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.178046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 804.227159] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 804.233342] 8021q: adding VLAN 0 to HW filter on device bond0 [ 804.242889] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 804.253050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 804.261225] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.268360] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.277113] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 804.290514] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 804.297008] 8021q: adding VLAN 0 to HW filter on device team0 [ 804.307804] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 804.315634] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.322007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 804.337410] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 804.345369] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.351711] bridge0: port 2(bridge_slave_1) entered forwarding state [ 804.371631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 804.379701] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 804.398017] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 804.406376] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 804.418452] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 804.429724] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 804.436138] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 804.455513] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 804.463578] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 804.471025] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 804.483361] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 804.535402] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 804.546856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 804.598808] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 804.607018] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 804.613766] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 804.623957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 804.631860] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 804.639211] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 804.649948] device veth0_vlan entered promiscuous mode [ 804.661358] device veth1_vlan entered promiscuous mode [ 804.686990] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 804.704732] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 804.711669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 804.723751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 804.734742] device veth0_macvtap entered promiscuous mode [ 804.743489] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 804.755048] device veth1_macvtap entered promiscuous mode [ 804.761523] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 804.776031] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 804.787611] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 804.797740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.807902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.817201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.826987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.836173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.846020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.855200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.865151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.874245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.884555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.893666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.903405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.912552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 804.922311] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 804.932579] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 804.939866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 804.947863] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 804.955700] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 804.962780] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 804.970681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 804.981591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 804.991958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.001235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 805.011497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.020699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 805.030515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.039963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 805.049773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.058921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 805.069576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.078775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 805.088612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.097807] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 805.107548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.120752] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 805.128475] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 805.136840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 805.145395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 805.328974] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 805.354415] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=1, oom_score_adj=1000 [ 805.365990] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 805.371377] CPU: 0 PID: 28696 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 805.379250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 805.388617] Call Trace: [ 805.391192] dump_stack+0x188/0x20d [ 805.394841] dump_header+0x159/0xa5e [ 805.398566] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 805.403665] ? ___ratelimit+0x59/0x573 [ 805.407553] oom_kill_process.cold+0x10/0x6dc [ 805.412048] ? task_will_free_mem+0x134/0x6d0 [ 805.416572] out_of_memory+0x349/0x1250 [ 805.420609] ? oom_killer_disable+0x270/0x270 [ 805.425122] mem_cgroup_out_of_memory+0x1c7/0x240 [ 805.429987] ? memcg_event_wake+0x210/0x210 [ 805.434318] ? do_raw_spin_unlock+0x171/0x260 [ 805.438813] try_charge+0xe22/0x1300 [ 805.442523] ? __kmalloc_node_track_caller+0x38/0x70 [ 805.447612] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 805.452555] ? rcu_read_lock_sched_held+0x10a/0x130 [ 805.457580] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 805.462860] ? mark_held_locks+0xa6/0xf0 [ 805.466916] ? mem_cgroup_charge_skmem+0x111/0x270 [ 805.471849] mem_cgroup_charge_skmem+0x126/0x270 [ 805.476619] ? mem_cgroup_sk_free+0x80/0x80 [ 805.480937] ? __alloc_skb+0x3ad/0x5b0 [ 805.484828] __sk_mem_raise_allocated+0x543/0x1360 [ 805.489759] __sk_mem_schedule+0x65/0xd0 [ 805.493808] tcp_sendmsg_locked+0x1898/0x2ff0 [ 805.498317] ? tcp_sendpage+0x60/0x60 [ 805.502117] ? mark_held_locks+0xa6/0xf0 [ 805.506175] ? __local_bh_enable_ip+0x159/0x270 [ 805.510854] tcp_sendmsg+0x2b/0x40 [ 805.514395] inet_sendmsg+0x12e/0x590 [ 805.518191] ? ipip_gro_receive+0x100/0x100 [ 805.522512] sock_sendmsg+0xcf/0x120 [ 805.526231] ___sys_sendmsg+0x3e2/0x920 [ 805.530211] ? copy_msghdr_from_user+0x410/0x410 [ 805.534965] ? mark_held_locks+0xf0/0xf0 [ 805.539044] ? lock_downgrade+0x740/0x740 [ 805.543190] ? check_preemption_disabled+0x41/0x280 [ 805.548238] ? find_held_lock+0x2d/0x110 [ 805.552291] ? __might_fault+0x11f/0x1d0 [ 805.556354] ? lock_downgrade+0x740/0x740 [ 805.560519] __sys_sendmmsg+0x195/0x470 [ 805.564511] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 805.568856] ? lock_downgrade+0x740/0x740 [ 805.573003] ? __might_fault+0x192/0x1d0 [ 805.577104] ? _copy_to_user+0xb8/0x100 [ 805.581076] ? put_timespec64+0xcb/0x120 [ 805.585132] ? nsecs_to_jiffies+0x30/0x30 [ 805.589294] ? __x64_sys_clock_gettime+0x165/0x240 [ 805.594213] ? __ia32_sys_clock_settime+0x260/0x260 [ 805.599220] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 805.603986] __x64_sys_sendmmsg+0x99/0x100 [ 805.608218] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 805.612807] do_syscall_64+0xf9/0x620 [ 805.616609] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 805.621793] RIP: 0033:0x45c479 [ 805.624980] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 805.643878] RSP: 002b:00007fd108d8dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 805.651573] RAX: ffffffffffffffda RBX: 00007fd108d8e6d4 RCX: 000000000045c479 [ 805.658860] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 805.666144] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 805.673410] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 805.680664] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c [ 805.693767] Task in /syz1 killed as a result of limit of /syz1 [ 805.699976] memory: usage 307196kB, limit 307200kB, failcnt 4418 [ 805.706249] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 805.713003] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 01:53:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x281400}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:46 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x6c0) 01:53:46 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xf9}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f0000000100)={{0x5, 0x80}, 'port0\x00', 0x18, 0x20000, 0x800, 0x800, 0x7, 0x2682, 0x0, 0x0, 0x5, 0x8}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:46 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x2c}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 805.719582] Memory cgroup stats for /syz1: cache:0KB rss:2248KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 805.741907] Memory cgroup out of memory: Kill process 28695 (syz-executor.1) score 1110 or sacrifice child [ 805.751817] Killed process 28695 (syz-executor.1) total-vm:74704kB, anon-rss:2136kB, file-rss:34816kB, shmem-rss:0kB [ 805.763947] oom_reaper: reaped process 28695 (syz-executor.1), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 805.838162] input: syz1 as /devices/virtual/input/input344 [ 805.957050] input: syz1 as /devices/virtual/input/input345 01:53:46 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x6d8) 01:53:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0xadb3, 0x4040) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ocfs2_control\x00', 0x84500, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000011000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f0000000400)="b800008ed8ba610066ed66b8561600000f23c00f21f86635010001000f23f8baf80c66b8b0495c8a66efbafc0cb8490a8ed00f01cfbaf80c66b894a62b8166efbafc0c66ed0f01d10f01c8baf80c66b8b49bcc8266efbafc0c66b80500000066ef66b9980100000f32", 0x69}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 806.107634] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 806.153415] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 806.154863] input: syz1 as /devices/virtual/input/input346 [ 806.171383] CPU: 1 PID: 28817 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 806.179311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 806.188682] Call Trace: [ 806.191295] dump_stack+0x188/0x20d [ 806.194942] dump_header+0x159/0xa5e [ 806.198666] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 806.203786] ? ___ratelimit+0x59/0x573 [ 806.207854] oom_kill_process.cold+0x10/0x6dc [ 806.212368] ? task_will_free_mem+0x134/0x6d0 [ 806.216882] out_of_memory+0x349/0x1250 [ 806.220872] ? oom_killer_disable+0x270/0x270 [ 806.225397] mem_cgroup_out_of_memory+0x1c7/0x240 [ 806.230256] ? memcg_event_wake+0x210/0x210 [ 806.234606] ? do_raw_spin_unlock+0x171/0x260 [ 806.239103] try_charge+0xe22/0x1300 [ 806.242895] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 806.247750] ? mark_held_locks+0xa6/0xf0 [ 806.251831] ? mem_cgroup_charge_skmem+0x111/0x270 [ 806.256775] mem_cgroup_charge_skmem+0x126/0x270 [ 806.261547] ? mem_cgroup_sk_free+0x80/0x80 [ 806.265969] ? lock_downgrade+0x740/0x740 [ 806.270134] ? iov_iter_advance+0x219/0xe10 [ 806.274474] __sk_mem_raise_allocated+0x543/0x1360 [ 806.279423] __sk_mem_schedule+0x65/0xd0 [ 806.283494] tcp_sendmsg_locked+0x1898/0x2ff0 [ 806.288025] ? tcp_sendpage+0x60/0x60 [ 806.291839] ? mark_held_locks+0xa6/0xf0 [ 806.295916] ? __local_bh_enable_ip+0x159/0x270 [ 806.300621] tcp_sendmsg+0x2b/0x40 [ 806.304172] inet_sendmsg+0x12e/0x590 [ 806.307984] ? ipip_gro_receive+0x100/0x100 [ 806.312318] sock_sendmsg+0xcf/0x120 [ 806.316054] ___sys_sendmsg+0x3e2/0x920 [ 806.320052] ? copy_msghdr_from_user+0x410/0x410 [ 806.324825] ? mark_held_locks+0xf0/0xf0 [ 806.328897] ? lock_downgrade+0x740/0x740 [ 806.333056] ? check_preemption_disabled+0x41/0x280 [ 806.338107] ? find_held_lock+0x2d/0x110 [ 806.342177] ? __might_fault+0x11f/0x1d0 [ 806.346258] ? lock_downgrade+0x740/0x740 [ 806.350429] __sys_sendmmsg+0x195/0x470 [ 806.354417] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 806.358752] ? lock_downgrade+0x740/0x740 [ 806.362937] ? __might_fault+0x192/0x1d0 [ 806.367002] ? _copy_to_user+0xb8/0x100 [ 806.371011] ? put_timespec64+0xcb/0x120 [ 806.375090] ? nsecs_to_jiffies+0x30/0x30 [ 806.379245] ? __x64_sys_clock_gettime+0x165/0x240 [ 806.384199] ? __ia32_sys_clock_settime+0x260/0x260 [ 806.389235] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 806.394005] __x64_sys_sendmmsg+0x99/0x100 [ 806.398249] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 806.402864] do_syscall_64+0xf9/0x620 [ 806.406678] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 806.411872] RIP: 0033:0x45c479 [ 806.415071] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 806.433983] RSP: 002b:00007fd108d6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 806.441688] RAX: ffffffffffffffda RBX: 00007fd108d6d6d4 RCX: 000000000045c479 [ 806.448943] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 806.456212] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 806.463523] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 806.470787] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 806.520572] input: syz1 as /devices/virtual/input/input347 [ 806.532677] Task in /syz1 killed as a result of limit of /syz1 [ 806.557378] memory: usage 307188kB, limit 307200kB, failcnt 4476 01:53:47 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfa}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 806.570726] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 806.577691] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 806.592987] Memory cgroup stats for /syz1: cache:0KB rss:52KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:176KB inactive_file:0KB active_file:0KB unevictable:0KB [ 806.678306] Memory cgroup out of memory: Kill process 28726 (syz-executor.1) score 1103 or sacrifice child 01:53:47 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x6f0) [ 806.723386] Killed process 28726 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB 01:53:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = gettid() tkill(r7, 0x1000000000016) ioctl$DRM_IOCTL_GET_CLIENT(r6, 0xc0286405, &(0x7f0000000080)={0x6, 0x400, {r7}, {0xffffffffffffffff}, 0xff, 0x5}) r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f0000000140)=0xc) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000380)={{{@in=@empty, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@loopback}}, &(0x7f0000000180)=0xe8) fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r15 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r16 = dup(r15) ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200) statx(r16, &(0x7f0000000280)='./file0\x00', 0x2000, 0x10, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) r18 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r18, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r19) r20 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r20, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r21) getgroups(0x9, &(0x7f0000000580)=[r19, 0xee00, 0xee01, 0xee00, 0xffffffffffffffff, 0xee01, r21, 0xffffffffffffffff, 0xee00]) r23 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r23, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r24) r25 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x91, 0x200007, 0x1, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r25, &(0x7f0000000000), &(0x7f00000000c0)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r25, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) r26 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r27 = dup(r26) ioctl$PERF_EVENT_IOC_ENABLE(r27, 0x8912, 0x400200) r28 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r29 = dup(r28) ioctl$PERF_EVENT_IOC_ENABLE(r29, 0x8912, 0x400200) fsetxattr$system_posix_acl(r3, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f00000007c0)=ANY=[@ANYBLOB="02766fede0e751218dc999fc7c6d5891ef4ccc", @ANYRES32=r8, @ANYBLOB="02000000", @ANYRES32=r11, @ANYBLOB="02000100", @ANYRES32=r12, @ANYBLOB="040023460000000008000700", @ANYRES32=0xee00, @ANYBLOB="08000600", @ANYRES32=r14, @ANYRESHEX=r13, @ANYPTR64=&(0x7f00000006c0)=ANY=[@ANYRESDEC=r15, @ANYRES64, @ANYPTR64, @ANYPTR64=&(0x7f00000005c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT=r25, @ANYPTR, @ANYRES16=r27], @ANYRESOCT, @ANYRESOCT=r29, @ANYRES16=r17], @ANYBLOB="08000600", @ANYRES32=r22, @ANYBLOB="08000600", @ANYRES32=r24, @ANYBLOB="10000000000000002000000000000000"], 0x11, 0x1) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0xfffffffffffffffe, 0x40, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 806.764303] oom_reaper: reaped process 28726 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:53:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x800000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 806.812591] input: syz1 as /devices/virtual/input/input348 [ 806.898407] input: syz1 as /devices/virtual/input/input349 01:53:47 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x708) [ 807.072751] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 807.093882] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 807.113148] input: syz1 as /devices/virtual/input/input350 [ 807.126322] CPU: 0 PID: 29051 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 807.134213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 807.143570] Call Trace: [ 807.146171] dump_stack+0x188/0x20d [ 807.149817] dump_header+0x159/0xa5e [ 807.153540] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 807.158656] ? ___ratelimit+0x59/0x573 [ 807.162566] oom_kill_process.cold+0x10/0x6dc [ 807.167079] ? task_will_free_mem+0x134/0x6d0 [ 807.171595] out_of_memory+0x349/0x1250 [ 807.175589] ? oom_killer_disable+0x270/0x270 [ 807.180100] mem_cgroup_out_of_memory+0x1c7/0x240 [ 807.184945] ? memcg_event_wake+0x210/0x210 [ 807.189279] ? do_raw_spin_unlock+0x171/0x260 [ 807.193816] try_charge+0xe22/0x1300 [ 807.197538] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 807.202372] ? mark_held_locks+0xa6/0xf0 [ 807.206429] ? mem_cgroup_charge_skmem+0x111/0x270 [ 807.211357] mem_cgroup_charge_skmem+0x126/0x270 [ 807.216100] ? mem_cgroup_sk_free+0x80/0x80 [ 807.220406] ? lock_downgrade+0x740/0x740 [ 807.224555] ? iov_iter_advance+0x219/0xe10 [ 807.228892] __sk_mem_raise_allocated+0x543/0x1360 [ 807.233824] __sk_mem_schedule+0x65/0xd0 [ 807.237886] tcp_sendmsg_locked+0x1898/0x2ff0 [ 807.242396] ? tcp_sendpage+0x60/0x60 [ 807.246217] ? mark_held_locks+0xa6/0xf0 [ 807.250294] ? __local_bh_enable_ip+0x159/0x270 [ 807.254970] tcp_sendmsg+0x2b/0x40 [ 807.258552] inet_sendmsg+0x12e/0x590 [ 807.262341] ? ipip_gro_receive+0x100/0x100 [ 807.266658] sock_sendmsg+0xcf/0x120 [ 807.270387] ___sys_sendmsg+0x3e2/0x920 [ 807.274377] ? copy_msghdr_from_user+0x410/0x410 [ 807.279123] ? mark_held_locks+0xf0/0xf0 [ 807.283169] ? lock_downgrade+0x740/0x740 [ 807.287318] ? check_preemption_disabled+0x41/0x280 [ 807.292337] ? find_held_lock+0x2d/0x110 [ 807.296395] ? __might_fault+0x11f/0x1d0 [ 807.300457] ? lock_downgrade+0x740/0x740 [ 807.304612] __sys_sendmmsg+0x195/0x470 [ 807.308598] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 807.312915] ? lock_downgrade+0x740/0x740 [ 807.317063] ? __might_fault+0x192/0x1d0 [ 807.321108] ? _copy_to_user+0xb8/0x100 [ 807.325093] ? put_timespec64+0xcb/0x120 [ 807.329189] ? nsecs_to_jiffies+0x30/0x30 [ 807.333362] ? __x64_sys_clock_gettime+0x165/0x240 [ 807.338301] ? __ia32_sys_clock_settime+0x260/0x260 [ 807.343338] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 807.348089] __x64_sys_sendmmsg+0x99/0x100 [ 807.352326] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 807.356909] do_syscall_64+0xf9/0x620 [ 807.360700] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 807.365911] RIP: 0033:0x45c479 [ 807.369109] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 807.388012] RSP: 002b:00007fd108d6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 807.395715] RAX: ffffffffffffffda RBX: 00007fd108d6d6d4 RCX: 000000000045c479 [ 807.402970] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 807.410238] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 807.417515] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 807.424779] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 807.434324] Task in /syz1 killed as a result of limit of /syz1 [ 807.440669] memory: usage 307192kB, limit 307200kB, failcnt 4498 [ 807.447449] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 807.462443] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 01:53:47 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000000)={[{0x7, 0xff, 0x0, 0xc1, 0x1, 0x2, 0x7, 0x7f, 0x1, 0x94, 0x89, 0x0, 0x8}, {0xf5, 0x7fff, 0x25, 0x9, 0x3, 0x5, 0x7, 0x6, 0x0, 0xf, 0x3, 0x6, 0x9}, {0x8000, 0x81, 0x20, 0x4, 0xf9, 0x3, 0x3, 0x0, 0x0, 0x2, 0x1f, 0x2, 0xa8}], 0xffffffff}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000000000004272b79a3a1e5a8068163137c83b9fc53da1d694866aa4efae71903a0a1b06368cbea813c8c904272b78b46fb4a802a842e189974c08bcd211bc53ce622e5099c8fa05fb9e995a60f9034dd53ba1737b57118b39f79aae7dab95bff0dbc20266a0441a00ad2f824d63fa05fe06e6663145e92955fce1f500e650c19f979444e55975ca8968b30b395c2cee10f1ff248ca4eb012a391069d834344c9d65893b5b6e1df09af23aac981bffb90d08045a17797b67ec5cae776cf645d5ca8d4a078af030f9c7d7dc7c958d9231fca3ae89f7f234835a068adb8e8edb1e4f16c72503a1903b72c89a17d194d308d84d052ba7fa0469c2c17e1fc9b4f2977624c389c05011dc195179b0879de9c21bdc314651e635264d218f25b32794cc28be4a11323ad7fc640cc56613c48edea4cb393e82a5bf07ce4e1355d5a2c38974dbdba497d4fa18bc980f132cf6f06f20384395fe9b36c4641ed29b77cb9db383634239146aeda6deef026c659c15546c4b708639"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 807.469058] Memory cgroup stats for /syz1: cache:0KB rss:184KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:176KB inactive_file:0KB active_file:0KB unevictable:0KB [ 807.505967] Memory cgroup out of memory: Kill process 29039 (syz-executor.1) score 1103 or sacrifice child [ 807.518902] input: syz1 as /devices/virtual/input/input351 01:53:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x34}], 0x1, 0x6c, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:48 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x30}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 807.529297] Killed process 29039 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB 01:53:48 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x720) [ 807.606317] oom_reaper: reaped process 29039 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:53:48 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfb}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000240)=ANY=[@ANYBLOB="87403e6108791a298b288e285f99bcde65a44471af1ac2940ebe2a166bb36fe6fc4757fafc6857d45f6ab91316242ad81353d7ea0a1b26a09bfca9eac84237f99fd52ec62622b77a82c6a8d27189c9e15ea96a8da48076c23be48fba7758f98c99ad92e672f9e3a4cf3cb1228d3b98c4bfbc4dc01425b4dde0bbb0c7a37c8e2650d9c5e615cd36459d6df7cd9b3f5e1b474fea0a0a7d31591e24a1cc38fe8c67dd08e493df6f4b0c891d340a15b0cb8b68d3deb79de34a744316111fdfd329f26732bb8d36f67fa8"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x2, 0xa}}, 0x20) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_MIGRATE_ID(r4, &(0x7f0000000100)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), r5, r7}}, 0x18) [ 807.840702] input: syz1 as /devices/virtual/input/input352 01:53:48 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x33}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 807.937048] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 807.956786] input: syz1 as /devices/virtual/input/input353 [ 808.019926] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 808.048915] CPU: 1 PID: 29119 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 808.056845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 808.066202] Call Trace: [ 808.068808] dump_stack+0x188/0x20d [ 808.072451] dump_header+0x159/0xa5e [ 808.076172] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 808.081277] ? ___ratelimit+0x59/0x573 [ 808.085167] oom_kill_process.cold+0x10/0x6dc [ 808.089662] ? task_will_free_mem+0x134/0x6d0 [ 808.094159] out_of_memory+0x349/0x1250 [ 808.098163] ? oom_killer_disable+0x270/0x270 [ 808.102677] mem_cgroup_out_of_memory+0x1c7/0x240 [ 808.107520] ? memcg_event_wake+0x210/0x210 [ 808.111868] ? do_raw_spin_unlock+0x171/0x260 [ 808.116366] try_charge+0xe22/0x1300 [ 808.120086] ? __kmalloc_node_track_caller+0x38/0x70 [ 808.125189] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 808.130033] ? rcu_read_lock_sched_held+0x10a/0x130 [ 808.135048] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 808.140328] ? mark_held_locks+0xa6/0xf0 [ 808.144384] ? mem_cgroup_charge_skmem+0x111/0x270 [ 808.149315] mem_cgroup_charge_skmem+0x126/0x270 [ 808.154072] ? mem_cgroup_sk_free+0x80/0x80 [ 808.158411] ? __alloc_skb+0x3ad/0x5b0 [ 808.162304] __sk_mem_raise_allocated+0x543/0x1360 [ 808.167242] __sk_mem_schedule+0x65/0xd0 [ 808.171306] tcp_sendmsg_locked+0x1898/0x2ff0 [ 808.175818] ? tcp_sendpage+0x60/0x60 [ 808.179637] ? mark_held_locks+0xa6/0xf0 [ 808.183713] ? __local_bh_enable_ip+0x159/0x270 [ 808.188387] tcp_sendmsg+0x2b/0x40 [ 808.191927] inet_sendmsg+0x12e/0x590 [ 808.195728] ? ipip_gro_receive+0x100/0x100 [ 808.200047] sock_sendmsg+0xcf/0x120 [ 808.203761] ___sys_sendmsg+0x3e2/0x920 [ 808.207748] ? copy_msghdr_from_user+0x410/0x410 [ 808.212505] ? mark_held_locks+0xf0/0xf0 [ 808.216578] ? lock_downgrade+0x740/0x740 [ 808.220763] ? check_preemption_disabled+0x41/0x280 [ 808.225782] ? find_held_lock+0x2d/0x110 [ 808.229845] ? __might_fault+0x11f/0x1d0 [ 808.233910] ? lock_downgrade+0x740/0x740 [ 808.238105] __sys_sendmmsg+0x195/0x470 [ 808.242102] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 808.246425] ? lock_downgrade+0x740/0x740 [ 808.250584] ? __might_fault+0x192/0x1d0 [ 808.254673] ? _copy_to_user+0xb8/0x100 [ 808.258649] ? put_timespec64+0xcb/0x120 [ 808.262719] ? nsecs_to_jiffies+0x30/0x30 [ 808.266888] ? __x64_sys_clock_gettime+0x165/0x240 [ 808.271843] ? __ia32_sys_clock_settime+0x260/0x260 [ 808.276872] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 808.281645] __x64_sys_sendmmsg+0x99/0x100 [ 808.285878] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 808.290477] do_syscall_64+0xf9/0x620 [ 808.294277] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 808.299463] RIP: 0033:0x45c479 [ 808.302651] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 808.321556] RSP: 002b:00007fd108d8dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 808.329274] RAX: ffffffffffffffda RBX: 00007fd108d8e6d4 RCX: 000000000045c479 [ 808.336546] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 808.343816] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 808.351082] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 808.358386] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:53:48 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x738) 01:53:48 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfc}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r5, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x76, &(0x7f0000000000)={r6, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) setsockopt$inet_sctp_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000040)={r6, 0x1, 0x16, "6d3efb74bc1a6bf3bff627debe85ffeeb2fa2bbdd60b"}, 0x1e) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffe41, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r9, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x76, &(0x7f0000000000)={r10, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000100)={r10, 0x81, 0x20}, &(0x7f0000000140)=0xc) [ 808.508962] Task in /syz1 killed as a result of limit of /syz1 [ 808.518507] memory: usage 307192kB, limit 307200kB, failcnt 4514 [ 808.530038] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 808.551300] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 808.552012] input: syz1 as /devices/virtual/input/input354 [ 808.574755] Memory cgroup stats for /syz1: cache:0KB rss:40KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:164KB inactive_file:0KB active_file:0KB unevictable:0KB 01:53:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000380)={{0x7, 0x3, 0x25f9, 0x3, 'syz1\x00', 0x7}, 0x2, 0x10000000, 0x1, r3, 0x2, 0x644, 'syz1\x00', &(0x7f00000001c0)=['ppp0\x00', '\x00'], 0x6, [], [0xff81, 0x0, 0x101, 0x2]}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, &(0x7f0000000040)={0x0, 0x6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000100)={r9, 0x3, 0xe42a, 0x3, 0x356c, 0x101}, &(0x7f0000000140)=0x14) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000180)=0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r10, 0xae80, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) [ 808.613911] Memory cgroup out of memory: Kill process 29097 (syz-executor.1) score 1103 or sacrifice child [ 808.633078] Killed process 29097 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 808.658517] input: syz1 as /devices/virtual/input/input355 [ 808.715456] oom_reaper: reaped process 29097 (syz-executor.1), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB 01:53:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x750) 01:53:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x1010000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 808.911217] input: syz1 as /devices/virtual/input/input356 [ 808.956951] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 808.987312] input: syz1 as /devices/virtual/input/input357 [ 809.004696] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 809.027636] CPU: 0 PID: 29265 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 809.035540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 809.044935] Call Trace: [ 809.047553] dump_stack+0x188/0x20d [ 809.051198] dump_header+0x159/0xa5e [ 809.054932] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 809.060050] ? ___ratelimit+0x59/0x573 [ 809.063949] oom_kill_process.cold+0x10/0x6dc [ 809.068458] ? task_will_free_mem+0x134/0x6d0 [ 809.072968] out_of_memory+0x349/0x1250 01:53:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) socket$tipc(0x1e, 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0xf9, 0x40000) ioctl$SNDCTL_DSP_GETIPTR(r2, 0x800c5011, &(0x7f00000001c0)) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000080), &(0x7f0000000680)) r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video0\x00', 0x2, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getpeername$netlink(r5, &(0x7f0000000580), &(0x7f00000005c0)=0xc) ioctl$SIOCX25GCAUSEDIAG(r2, 0x89e6, &(0x7f0000000600)={0x1, 0x40}) ioctl$VIDIOC_G_FREQUENCY(r3, 0xc02c5638, &(0x7f0000000280)={0x7, 0x5, 0x8}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) prctl$PR_GET_KEEPCAPS(0x7) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r7, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0], &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x76, &(0x7f0000000000)={r8, @in6={{0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000240)=0x9c) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000006c0)={r8, @in={{0x2, 0x4e21, @empty}}}, &(0x7f0000000440)=0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r9, @in={{0x2, 0x4e23, @loopback}}, 0xfffffff7, 0x0, 0x6, 0x669, 0xffffffff}, &(0x7f0000000540)=0x98) ioctl$KVM_RUN(r6, 0xae80, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$sock_ax25_SIOCDELRT(r10, 0x890c, &(0x7f0000000100)={@bcast, @null, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$SNDCTL_DSP_POST(r10, 0x5008, 0x0) [ 809.076960] ? oom_killer_disable+0x270/0x270 [ 809.081493] mem_cgroup_out_of_memory+0x1c7/0x240 [ 809.086345] ? memcg_event_wake+0x210/0x210 [ 809.090684] ? do_raw_spin_unlock+0x171/0x260 [ 809.095196] try_charge+0xe22/0x1300 [ 809.098937] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 809.103793] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 809.108658] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 809.114736] mem_cgroup_try_charge+0x249/0x5c0 [ 809.119334] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 809.124291] __handle_mm_fault+0x1cfb/0x3b60 [ 809.128723] ? copy_page_range+0x1e70/0x1e70 [ 809.133144] ? count_memcg_event_mm+0x279/0x4c0 [ 809.137842] handle_mm_fault+0x1a5/0x670 [ 809.141931] __do_page_fault+0x5ed/0xdd0 [ 809.146004] ? trace_hardirqs_off_caller+0x55/0x210 [ 809.151034] ? vmalloc_fault+0x730/0x730 [ 809.155108] ? page_fault+0x8/0x30 [ 809.158661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 809.163534] ? page_fault+0x8/0x30 [ 809.167103] page_fault+0x1e/0x30 [ 809.170635] RIP: 0033:0x45ee2d [ 809.173828] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8c fb ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 809.192714] RSP: 002b:00007fff9d8412e8 EFLAGS: 00010202 [ 809.198074] RAX: ffffffffffffffea RBX: 00007fd108d6d700 RCX: 00007fd108d6d700 [ 809.205349] RDX: 00000000003d0f00 RSI: 00007fd108d6cdb0 RDI: 0000000000413060 [ 809.212626] RBP: 00007fff9d841500 R08: 00007fd108d6d9d0 R09: 00007fd108d6d700 [ 809.219905] R10: 00007fd108d6cdc0 R11: 0000000000000246 R12: 0000000000000000 [ 809.227177] R13: 00007fff9d84139f R14: 00007fd108d6d9c0 R15: 000000000076bfcc [ 809.236074] Task in /syz1 killed as a result of limit of /syz1 [ 809.242562] memory: usage 307200kB, limit 307200kB, failcnt 4539 [ 809.267944] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:53:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x768) 01:53:49 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfd}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 809.283096] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 809.291384] Memory cgroup stats for /syz1: cache:0KB rss:172KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:164KB inactive_file:0KB active_file:0KB unevictable:0KB 01:53:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a5cd87b1105c6f64ab5adcafcc0e041e99ad6fe0f131119ed4f18"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 809.376487] input: syz1 as /devices/virtual/input/input358 [ 809.407252] Memory cgroup out of memory: Kill process 29265 (syz-executor.1) score 1103 or sacrifice child 01:53:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x780) [ 809.454884] Killed process 29265 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 809.492375] oom_reaper: reaped process 29265 (syz-executor.1), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 809.671574] input: syz1 as /devices/virtual/input/input360 01:53:50 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x3a}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000040)={0x5, 0x3ff, 0x7ff}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:53:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x2000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:50 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0xfe}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) dup3(r0, r0, 0x80000) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r6) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000240)=ANY=[@ANYBLOB="3819c7d8ecf748f5cc88536c56a1624900637930afc14c8b69b4fb935d88f27c06a53869b423adf52f"]) r12 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x410000, 0x0) connect$x25(r2, &(0x7f00000001c0)={0x9, @null=' \x00'}, 0x12) r13 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NODES(r12, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r13, 0x800, 0x70bd26, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40140}, 0x1) ioctl$KVM_RUN(r11, 0xae80, 0x0) 01:53:50 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x798) [ 809.956803] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 809.990112] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 810.001345] CPU: 1 PID: 29487 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 810.009236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 810.018598] Call Trace: [ 810.021204] dump_stack+0x188/0x20d [ 810.024848] dump_header+0x159/0xa5e [ 810.028682] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 810.033805] ? ___ratelimit+0x59/0x573 [ 810.037717] oom_kill_process.cold+0x10/0x6dc [ 810.042227] ? task_will_free_mem+0x134/0x6d0 [ 810.046735] out_of_memory+0x349/0x1250 [ 810.050747] ? oom_killer_disable+0x270/0x270 [ 810.055266] mem_cgroup_out_of_memory+0x1c7/0x240 [ 810.060117] ? memcg_event_wake+0x210/0x210 [ 810.064445] ? do_raw_spin_unlock+0x171/0x260 [ 810.068941] try_charge+0xe22/0x1300 [ 810.072661] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 810.077516] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 810.082364] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 810.088430] mem_cgroup_try_charge+0x249/0x5c0 [ 810.093019] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 810.097988] __handle_mm_fault+0x1cfb/0x3b60 [ 810.102427] ? copy_page_range+0x1e70/0x1e70 [ 810.106847] ? count_memcg_event_mm+0x279/0x4c0 [ 810.111558] handle_mm_fault+0x1a5/0x670 [ 810.115642] __do_page_fault+0x5ed/0xdd0 [ 810.119735] ? trace_hardirqs_off_caller+0x55/0x210 [ 810.124752] ? vmalloc_fault+0x730/0x730 [ 810.128821] ? page_fault+0x8/0x30 [ 810.132382] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 810.137236] ? page_fault+0x8/0x30 [ 810.140782] page_fault+0x1e/0x30 [ 810.144229] RIP: 0033:0x45ee2d [ 810.147417] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8c fb ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 810.166314] RSP: 002b:00007fff9d8412e8 EFLAGS: 00010202 [ 810.171682] RAX: ffffffffffffffea RBX: 00007fd108d6d700 RCX: 00007fd108d6d700 [ 810.178948] RDX: 00000000003d0f00 RSI: 00007fd108d6cdb0 RDI: 0000000000413060 [ 810.186211] RBP: 00007fff9d841500 R08: 00007fd108d6d9d0 R09: 00007fd108d6d700 [ 810.193476] R10: 00007fd108d6cdc0 R11: 0000000000000246 R12: 0000000000000000 [ 810.200754] R13: 00007fff9d84139f R14: 00007fd108d6d9c0 R15: 000000000076bfcc 01:53:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$netlink(0x10, 0x3, 0x8) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x20000000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') sendmsg$NL80211_CMD_GET_REG(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000001480)=ANY=[@ANYBLOB="81000000", @ANYRES16=r7, @ANYBLOB="8d060000000000001f0000008000e45f63d1040fac25a5f60020f14894bee4646894a7b60047fc3fadd92ca5ab7217aa270dc353a59f234d18cf333f0e9ebc883f39de66b1057144e932b834a1f919eeea3df6ecd1cda987e876f7b343e7406d817c9781e7b0728744544e201df2191800f644a7c6c45d011942237ed1c8ccdb2f07f391092b21d17f0b95944b47d827ea12c688"], 0x14}}, 0x0) r8 = getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = accept$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @empty}, &(0x7f00000002c0)=0x1c) r11 = dup2(r10, r9) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400282) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r11, 0x0) r12 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x68280, 0x0) r13 = socket$inet(0x10, 0x2000000002, 0x0) sendmsg(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="240000002e0007031dfffd946fa201000100000000000000000000e50c1be3a2f7fffe7e280000005e00ffaa1c0009b3ebea966cf0554edc7de8ddeb133c2bff0100000000000015f8ffff30", 0x4c}], 0x1}, 0x0) recvmmsg(r13, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/160, 0xa0}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1004}, {&(0x7f0000000480)=""/108, 0x6c}, {&(0x7f0000000040)=""/14, 0xe}], 0x6}}], 0x400000000000146, 0x42, 0x0) getsockopt$inet_IP_XFRM_POLICY(r13, 0x0, 0x11, &(0x7f0000000640)={{{@in=@empty, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@loopback}}, &(0x7f0000000740)=0xe8) sendmsg$inet6(r12, &(0x7f0000000980)={&(0x7f00000000c0)={0xa, 0x4e21, 0x3, @empty, 0x3}, 0x1c, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="300000000000000029000000370000008902000000000000400edf4f42b2f95239c2e17b6124a63ec204000000030000480000000000000029000000360000003a05000000000000000100c910fe8000000000000000000000000000430718000000030492020001000080ffffffff0100008000000000001400000000000000290000000b0000000000000800000000200000000000000029000000360000002c000000000000000502fff70000000088000000000000002900000039000000000e01000000000000000000000000000000000000000001fe880000000000000000000000000101b1ea7f58661ccf196faf62fcc4b2015d000000000000000000000000000000010000000000000000000000000000000100000000000000000000000000000000fe800000000000000000000000000018300000000000000029000000370000000002000000000000c910fe80000000000000000000000000001f00010000000014000000000000002900000008000000b8480000000000001400000000000000290000003e000000020000000000000024000000000000002900000032000000fe8000000000000000000000000000aa", @ANYRES32=r14, @ANYBLOB="6eeb0000"], 0x1c0}, 0x40000) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r5, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)={0x4c, r7, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_PID={0x8, 0x52, r8}, @NL80211_ATTR_PID={0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x3}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r11}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r14}, @NL80211_ATTR_PID={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000010}, 0x4004) sendmsg$NL80211_CMD_SET_KEY(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2cd653e8", @ANYRES16=r7, @ANYBLOB="000427bd7000fedbdf250a00000004000b001400508005000900010000000800030001ac0f000800370002000000"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x4000840) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 810.220010] input: syz1 as /devices/virtual/input/input362 [ 810.259062] Task in /syz1 killed as a result of limit of /syz1 01:53:50 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x7b0) [ 810.290286] memory: usage 307200kB, limit 307200kB, failcnt 4561 [ 810.304619] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 810.315938] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 810.329438] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:164KB inactive_file:0KB active_file:0KB unevictable:0KB [ 810.355000] Memory cgroup out of memory: Kill process 29487 (syz-executor.1) score 1103 or sacrifice child [ 810.389602] input: syz1 as /devices/virtual/input/input363 [ 810.414577] Killed process 29487 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 810.462827] oom_reaper: reaped process 29487 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 810.483951] input: syz1 as /devices/virtual/input/input364 01:53:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x91, 0x200007, 0x1, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000000), &(0x7f00000000c0)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r2, &(0x7f0000000180), &(0x7f0000000240)}, 0x20) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, &(0x7f0000000280)={{0x3, 0x0, @descriptor="a49ee457e32e6d17"}, 0xa1, [], "6263be24d879421de512b3d91615c3889f1f6c500141b5418b7358718ddc0a91490af30acaef909fabe55ac76789a65b8a8d52c51217a1173d025f55d9cfe63c697569aad3f33b73071b1f6d86fc19644b838525fbad814bd33f852af45e21cedb4d72bc04b4b32e9bad71f6334351f0f2297a7748ffc081c8f661b5ac49b91bd4cdc3ff1c0886fe690394dd283faf2577ba0a6643a9874e426da0b95b76b839a6"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0, 0x0, 0x4cb, 0x5, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffff19a], 0x5000}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:53:51 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x7c8) 01:53:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000040)=ANY=[@ANYBLOB="0000d53306412a9f4178f98fe02dd7403acb0000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x3000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 810.749160] input: syz1 as /devices/virtual/input/input365 [ 810.849622] input: syz1 as /devices/virtual/input/input366 [ 810.925499] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 810.968249] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 810.998988] CPU: 0 PID: 29726 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 811.006901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 811.016254] Call Trace: [ 811.018849] dump_stack+0x188/0x20d [ 811.022506] dump_header+0x159/0xa5e [ 811.026274] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 811.031396] ? ___ratelimit+0x59/0x573 [ 811.035355] oom_kill_process.cold+0x10/0x6dc [ 811.039869] ? task_will_free_mem+0x134/0x6d0 [ 811.044399] out_of_memory+0x349/0x1250 [ 811.048380] ? oom_killer_disable+0x270/0x270 [ 811.052893] mem_cgroup_out_of_memory+0x1c7/0x240 [ 811.057738] ? memcg_event_wake+0x210/0x210 [ 811.062079] ? do_raw_spin_unlock+0x171/0x260 [ 811.066578] try_charge+0xe22/0x1300 [ 811.070312] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 811.075163] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 811.080026] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 811.086094] mem_cgroup_try_charge+0x249/0x5c0 [ 811.090681] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 811.095618] __handle_mm_fault+0x1cfb/0x3b60 [ 811.100047] ? copy_page_range+0x1e70/0x1e70 [ 811.104467] ? count_memcg_event_mm+0x279/0x4c0 [ 811.109181] handle_mm_fault+0x1a5/0x670 [ 811.113279] __do_page_fault+0x5ed/0xdd0 [ 811.117343] ? trace_hardirqs_off_caller+0x55/0x210 [ 811.122359] ? vmalloc_fault+0x730/0x730 [ 811.126428] ? page_fault+0x8/0x30 [ 811.129992] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 811.134857] ? page_fault+0x8/0x30 [ 811.138404] page_fault+0x1e/0x30 [ 811.141858] RIP: 0033:0x413c6f [ 811.145067] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 811.163983] RSP: 002b:00007fff9d841330 EFLAGS: 00010206 [ 811.169368] RAX: 00007fd108d4d000 RBX: 0000000000020000 RCX: 000000000045c4ca [ 811.176634] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 811.183911] RBP: 00007fff9d841410 R08: ffffffffffffffff R09: 0000000000000000 [ 811.191195] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff9d841500 [ 811.198467] R13: 00007fd108d6d700 R14: 0000000000000001 R15: 000000000076bfcc [ 811.207491] Task in /syz1 killed as a result of limit of /syz1 [ 811.214310] memory: usage 307200kB, limit 307200kB, failcnt 4604 [ 811.221799] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 811.228795] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 811.235120] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:160KB inactive_file:0KB active_file:0KB unevictable:0KB [ 811.257729] Memory cgroup out of memory: Kill process 29726 (syz-executor.1) score 1103 or sacrifice child 01:53:51 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x102}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:51 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x7e0) 01:53:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x2000, 0x0) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x70, r4, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x70}}, 0x4000000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:51 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x3c}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_FORWARD(r4, 0x40084149, &(0x7f0000000040)=0x65b) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x4000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 811.267749] Killed process 29726 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 811.279164] oom_reaper: reaped process 29726 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 811.396036] input: syz1 as /devices/virtual/input/input367 [ 811.475581] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 811.510297] input: syz1 as /devices/virtual/input/input368 [ 811.547830] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 811.553285] CPU: 1 PID: 29825 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 811.561167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 811.570521] Call Trace: [ 811.573129] dump_stack+0x188/0x20d [ 811.576783] dump_header+0x159/0xa5e [ 811.580511] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 811.585624] ? ___ratelimit+0x59/0x573 [ 811.589520] oom_kill_process.cold+0x10/0x6dc [ 811.594024] ? task_will_free_mem+0x134/0x6d0 [ 811.598535] out_of_memory+0x349/0x1250 [ 811.602535] ? oom_killer_disable+0x270/0x270 [ 811.607062] mem_cgroup_out_of_memory+0x1c7/0x240 [ 811.611928] ? memcg_event_wake+0x210/0x210 [ 811.616274] ? do_raw_spin_unlock+0x171/0x260 [ 811.620784] try_charge+0xe22/0x1300 [ 811.624517] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 811.629392] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 811.634256] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 811.640331] mem_cgroup_try_charge+0x249/0x5c0 [ 811.644929] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 811.649872] __handle_mm_fault+0x1cfb/0x3b60 [ 811.654302] ? copy_page_range+0x1e70/0x1e70 [ 811.658728] ? count_memcg_event_mm+0x279/0x4c0 [ 811.663423] handle_mm_fault+0x1a5/0x670 [ 811.667494] __do_page_fault+0x5ed/0xdd0 [ 811.671574] ? trace_hardirqs_off_caller+0x55/0x210 [ 811.676602] ? vmalloc_fault+0x730/0x730 [ 811.680675] ? page_fault+0x8/0x30 [ 811.684229] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 811.689086] ? page_fault+0x8/0x30 [ 811.692640] page_fault+0x1e/0x30 [ 811.696100] RIP: 0033:0x4006c4 [ 811.699297] Code: 01 e9 c9 00 00 00 48 8b 44 24 10 48 0b 44 24 28 be 08 00 00 00 48 8b 14 24 75 17 48 8b 7c 24 20 e8 51 55 00 00 48 8b 4c 24 08 <48> 89 01 e9 9d 00 00 00 48 8b 44 24 08 48 8b 38 e8 37 55 00 00 8a [ 811.718198] RSP: 002b:00007fff9d8413e0 EFLAGS: 00010206 [ 811.723564] RAX: 0000000000000000 RBX: 000000000076c920 RCX: 0000000020003b40 [ 811.730835] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 811.738115] RBP: 0000000000770580 R08: 0000000000000000 R09: 0000000000000000 01:53:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x119401, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_DEASSIGN_DEV_IRQ(r4, 0x4040ae75, &(0x7f0000000040)={0x3, 0x8, 0xa97, 0x400}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 811.745387] R10: 00007fff9d8414f0 R11: 0000000000000246 R12: 000000000076bf20 [ 811.752670] R13: 0000000000770588 R14: 00000000000c61e9 R15: 000000000076bf2c [ 811.781262] Task in /syz1 killed as a result of limit of /syz1 [ 811.788179] memory: usage 307200kB, limit 307200kB, failcnt 4656 [ 811.794416] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 811.819056] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 01:53:52 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x7f8) 01:53:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x210100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$PPPIOCGMRU(r3, 0x80047453, &(0x7f0000000080)) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000000000000000e60d000000000000e1ffffffffffffff00400000000000000900000000000000001e44921c7d817863b611e55fa1d1594cc8204abb46f9fe6a2a25653653d69c210fc012dab52ff27fa3fba2af2a464b22bac369a737573a756c72fa8748aa8104e70d0f47fef25c15e8c84e9edd9b7050612e5ef720fefc9ff69b93ece0a4786a3097d95fa207f31352ed"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$SG_SET_COMMAND_Q(r6, 0x2271, &(0x7f0000000100)=0x1) [ 811.839325] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB [ 811.860453] Memory cgroup out of memory: Kill process 29825 (syz-executor.1) score 1103 or sacrifice child [ 811.914701] Killed process 29825 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 811.941823] input: syz1 as /devices/virtual/input/input369 [ 811.951298] oom_reaper: reaped process 29825 (syz-executor.1), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB 01:53:52 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x5000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 812.039017] input: syz1 as /devices/virtual/input/input370 01:53:52 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x810) 01:53:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="000400000000001454ece69a3a1c5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x201, 0x0, 0x0, {0x5, 0x0, 0xa}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x11}, 0x81) [ 812.176623] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 812.204620] syz-executor.1 cpuset=syz1 mems_allowed=0-1 01:53:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000100)=""/187, 0xbb}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:52 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x103}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 812.244679] input: syz1 as /devices/virtual/input/input371 [ 812.257061] CPU: 0 PID: 30058 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 812.264963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 812.274329] Call Trace: [ 812.276944] dump_stack+0x188/0x20d [ 812.280597] dump_header+0x159/0xa5e [ 812.284332] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 812.289452] ? ___ratelimit+0x59/0x573 [ 812.293357] oom_kill_process.cold+0x10/0x6dc [ 812.297883] ? task_will_free_mem+0x134/0x6d0 [ 812.302392] out_of_memory+0x349/0x1250 [ 812.306383] ? oom_killer_disable+0x270/0x270 [ 812.310908] mem_cgroup_out_of_memory+0x1c7/0x240 [ 812.315763] ? memcg_event_wake+0x210/0x210 [ 812.320178] ? do_raw_spin_unlock+0x171/0x260 [ 812.324685] try_charge+0xe22/0x1300 [ 812.328423] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 812.333291] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 812.338170] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 812.344272] ? __lock_acquire+0x6ee/0x49c0 [ 812.348512] mem_cgroup_try_charge+0x249/0x5c0 [ 812.353127] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 812.358059] wp_page_copy+0x3fe/0x1530 [ 812.361952] ? follow_pfn+0x260/0x260 [ 812.365755] ? __lock_acquire+0x6ee/0x49c0 [ 812.369996] do_wp_page+0x518/0xfa0 [ 812.373626] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 812.378325] __handle_mm_fault+0x21a4/0x3b60 [ 812.382736] ? copy_page_range+0x1e70/0x1e70 [ 812.387145] ? count_memcg_event_mm+0x279/0x4c0 [ 812.391845] handle_mm_fault+0x1a5/0x670 [ 812.395937] __do_page_fault+0x5ed/0xdd0 [ 812.400007] ? trace_hardirqs_off_caller+0x55/0x210 [ 812.405022] ? vmalloc_fault+0x730/0x730 [ 812.409086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 812.413945] page_fault+0x1e/0x30 [ 812.417417] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 812.423042] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a [ 812.441939] RSP: 0018:ffff888045f4f9c0 EFLAGS: 00010206 [ 812.447296] RAX: ffffed1008be9f4f RBX: 0000000000000028 RCX: 0000000000000005 [ 812.454558] RDX: 0000000000000000 RSI: ffff888045f4fa50 RDI: 000000000071a058 [ 812.461822] RBP: ffff888045f4fa50 R08: 0000000000006f6c R09: ffffed1008be9f4f [ 812.469092] R10: ffffed1008be9f4e R11: ffff888045f4fa77 R12: 000000000071a058 [ 812.476369] R13: 000000000071a080 R14: 00007ffffffff000 R15: 0000000000000000 [ 812.483671] _copy_to_user+0xe2/0x100 [ 812.487477] inet_gifconf+0x21d/0x360 [ 812.491298] ? inet_netconf_get_devconf+0x520/0x520 [ 812.496327] ? inet_netconf_get_devconf+0x520/0x520 [ 812.501343] dev_ifconf+0xd3/0x230 [ 812.504891] sock_do_ioctl+0x260/0x2f0 [ 812.508803] ? compat_ifr_data_ioctl+0x160/0x160 [ 812.513605] sock_ioctl+0x325/0x610 [ 812.517234] ? dlci_ioctl_set+0x30/0x30 [ 812.521217] ? dlci_ioctl_set+0x30/0x30 [ 812.525202] do_vfs_ioctl+0xcda/0x12e0 [ 812.529094] ? selinux_file_ioctl+0x46c/0x5d0 [ 812.533606] ? selinux_file_ioctl+0x125/0x5d0 [ 812.538160] ? check_preemption_disabled+0x41/0x280 [ 812.543188] ? ioctl_preallocate+0x200/0x200 [ 812.547593] ? selinux_file_mprotect+0x600/0x600 [ 812.552373] ? __fget+0x340/0x510 [ 812.555840] ? iterate_fd+0x350/0x350 [ 812.559651] ? security_file_ioctl+0x6c/0xb0 [ 812.564063] ksys_ioctl+0x9b/0xc0 [ 812.567523] __x64_sys_ioctl+0x6f/0xb0 [ 812.571415] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 812.575998] do_syscall_64+0xf9/0x620 [ 812.579803] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 812.585010] RIP: 0033:0x45c479 [ 812.588204] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 812.607101] RSP: 002b:00007fd108d8dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 812.614807] RAX: ffffffffffffffda RBX: 00007fd108d8e6d4 RCX: 000000000045c479 [ 812.622075] RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000005 [ 812.629342] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 812.636612] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 812.643887] R13: 000000000000040e R14: 00000000004c66f9 R15: 000000000076bf2c [ 812.708014] Task in /syz1 killed as a result of limit of /syz1 [ 812.733362] memory: usage 307176kB, limit 307200kB, failcnt 4684 [ 812.745288] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 812.753065] input: syz1 as /devices/virtual/input/input372 [ 812.764396] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 812.771855] Memory cgroup stats for /syz1: cache:0KB rss:168KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 812.798715] Memory cgroup out of memory: Kill process 30057 (syz-executor.1) score 1103 or sacrifice child 01:53:53 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x828) [ 812.823198] Killed process 30057 (syz-executor.1) total-vm:74700kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 812.853765] oom_reaper: reaped process 30057 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 812.929356] input: syz1 as /devices/virtual/input/input373 [ 813.007031] input: syz1 as /devices/virtual/input/input374 01:53:53 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x104}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x7000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:53 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x840) 01:53:53 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x88}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 813.485231] input: syz1 as /devices/virtual/input/input375 [ 813.506377] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 813.534650] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 813.559373] CPU: 0 PID: 30201 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 813.567296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 813.576654] Call Trace: [ 813.579254] dump_stack+0x188/0x20d [ 813.582907] dump_header+0x159/0xa5e [ 813.586639] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 813.591749] ? ___ratelimit+0x59/0x573 [ 813.595672] oom_kill_process.cold+0x10/0x6dc [ 813.600209] ? task_will_free_mem+0x134/0x6d0 [ 813.604734] out_of_memory+0x349/0x1250 [ 813.608733] ? oom_killer_disable+0x270/0x270 [ 813.613299] mem_cgroup_out_of_memory+0x1c7/0x240 [ 813.618181] ? memcg_event_wake+0x210/0x210 [ 813.622522] ? do_raw_spin_unlock+0x171/0x260 [ 813.627035] try_charge+0xe22/0x1300 [ 813.630766] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 813.635629] ? kasan_unpoison_shadow+0x30/0x40 [ 813.640246] ? kasan_kmalloc+0xbf/0xe0 [ 813.644176] ? mark_held_locks+0xa6/0xf0 [ 813.648248] ? mem_cgroup_charge_skmem+0x111/0x270 [ 813.653193] mem_cgroup_charge_skmem+0x126/0x270 [ 813.657962] ? mem_cgroup_sk_free+0x80/0x80 [ 813.662306] ? skb_trim+0x180/0x180 [ 813.665955] sk_forced_mem_schedule+0x133/0x160 [ 813.670637] sk_stream_alloc_skb+0x124/0x850 [ 813.675101] tcp_connect+0xf09/0x3df0 [ 813.678921] ? __tcp_transmit_skb+0x3750/0x3750 [ 813.683603] ? siphash_1u64+0x13/0x260 [ 813.687508] ? secure_ipv6_port_ephemeral+0x250/0x250 [ 813.692721] ? xfrm_lookup_route+0x56/0x1e0 [ 813.697060] ? check_preemption_disabled+0x41/0x280 [ 813.702082] ? prandom_u32_state+0xe/0x170 [ 813.706345] tcp_v4_connect+0x13fe/0x1a80 [ 813.710514] ? tcp_v4_parse_md5_keys+0x250/0x250 [ 813.715300] __inet_stream_connect+0x7d8/0xdf0 [ 813.719901] ? lock_sock_nested+0xa6/0x110 [ 813.724156] ? inet_dgram_connect+0x2d0/0x2d0 [ 813.728668] ? lock_acquire+0x170/0x400 [ 813.732656] ? mark_held_locks+0xa6/0xf0 [ 813.736731] ? __local_bh_enable_ip+0x159/0x270 [ 813.741415] ? __inet_stream_connect+0xdf0/0xdf0 [ 813.746227] ? __inet_stream_connect+0xdf0/0xdf0 [ 813.751018] inet_stream_connect+0x53/0xa0 [ 813.755287] __sys_connect+0x238/0x2c0 [ 813.759187] ? __ia32_sys_accept+0xb0/0xb0 [ 813.763450] ? put_timespec64+0xcb/0x120 [ 813.767520] ? nsecs_to_jiffies+0x30/0x30 [ 813.771684] ? __x64_sys_clock_gettime+0x165/0x240 [ 813.776628] ? __ia32_sys_clock_settime+0x260/0x260 [ 813.781653] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 813.786416] ? trace_hardirqs_off_caller+0x55/0x210 [ 813.791442] __x64_sys_connect+0x6f/0xb0 [ 813.795511] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 813.800103] do_syscall_64+0xf9/0x620 [ 813.803935] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 813.809149] RIP: 0033:0x45c479 [ 813.812350] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 813.831256] RSP: 002b:00007fd108d8dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 813.838978] RAX: ffffffffffffffda RBX: 00007fd108d8e6d4 RCX: 000000000045c479 [ 813.846250] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003 [ 813.853555] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 813.860834] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 813.868110] R13: 0000000000000081 R14: 00000000004c2d9d R15: 000000000076bf2c [ 813.892049] input: syz1 as /devices/virtual/input/input376 01:53:54 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x858) 01:53:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 814.050941] input: syz1 as /devices/virtual/input/input377 [ 814.112362] Task in /syz1 killed as a result of limit of /syz1 [ 814.149111] memory: usage 307200kB, limit 307200kB, failcnt 4707 [ 814.159230] input: syz1 as /devices/virtual/input/input378 [ 814.192619] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:53:54 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x870) [ 814.233572] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 814.260040] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB 01:53:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 814.394558] Memory cgroup out of memory: Kill process 30194 (syz-executor.1) score 1103 or sacrifice child [ 814.419176] Killed process 30194 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 814.425770] input: syz1 as /devices/virtual/input/input379 01:53:54 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x105}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 814.459833] oom_reaper: reaped process 30194 (syz-executor.1), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB 01:53:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x8000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r3 = dup3(r2, r2, 0x0) connect$rds(r3, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:55 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x888) [ 814.732364] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 814.748321] input: syz1 as /devices/virtual/input/input381 [ 814.825767] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 814.847904] input: syz1 as /devices/virtual/input/input382 [ 814.864623] CPU: 1 PID: 30252 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 814.872529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 814.881892] Call Trace: [ 814.884498] dump_stack+0x188/0x20d [ 814.888147] dump_header+0x159/0xa5e [ 814.891983] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 814.897107] ? ___ratelimit+0x59/0x573 [ 814.901013] oom_kill_process.cold+0x10/0x6dc [ 814.905531] ? task_will_free_mem+0x134/0x6d0 [ 814.910051] out_of_memory+0x349/0x1250 [ 814.914042] ? oom_killer_disable+0x270/0x270 [ 814.918566] mem_cgroup_out_of_memory+0x1c7/0x240 [ 814.923424] ? memcg_event_wake+0x210/0x210 [ 814.927776] ? do_raw_spin_unlock+0x171/0x260 [ 814.932290] try_charge+0xe22/0x1300 [ 814.936080] ? __kmalloc_node_track_caller+0x38/0x70 [ 814.941199] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 814.946063] ? rcu_read_lock_sched_held+0x10a/0x130 [ 814.951097] ? kmem_cache_alloc_node_trace+0x34d/0x750 [ 814.956395] ? mark_held_locks+0xa6/0xf0 [ 814.960472] ? mem_cgroup_charge_skmem+0x111/0x270 [ 814.965419] mem_cgroup_charge_skmem+0x126/0x270 [ 814.970191] ? mem_cgroup_sk_free+0x80/0x80 01:53:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x9, 0x400, 0x0, 0x0, 0x4ce, 0x3ff, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x200000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r5, 0x894c, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r6, 0x894c, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r7, 0x894c, 0x0) r8 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) sendmsg$IPVS_CMD_DEL_SERVICE(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYRES64, @ANYPTR64, @ANYPTR=&(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYPTR=&(0x7f0000000400)=ANY=[@ANYRES64=r5, @ANYRESOCT=r4, @ANYBLOB="61b33354e0b6c83f5f908f09b94bf5f13ddc8d0da4c136719c10ba88af2c3713b97b33edf5963742dffd7d6d4bb8990a8cefae7e18c2166a6c8b5d2e3080279f0ba8aa4eb6c0fa9288e7c839206a500dc475330d79c773651b780cd033be6cdd619dfad703b2f5833ee9f067d0bde45a6a7a6ef93be9135c79e7d5dc511e3abd0a8f52129db0dd9c0da64ea078d24d11c0a752724d41820635bc90361e10975a3937e9fb4b3e0b53dca3ab8f244578fd0028317fb2736796114a00"/197, @ANYRESDEC=r6, @ANYRES16=r7], @ANYBLOB="7fd2122c82b27502caa5b64eb739d123352fe5a4d2de2c731872dbdfbb4c494a7e9c720170888fce4886e0a2461ae00810929d1bea601535999e96742f1d4a65583b66f099c5960a512fc9f0016844bc1a55e6a21b64a1ba61029f630667"], @ANYPTR=&(0x7f0000000140)=ANY=[], @ANYPTR], 0x5}}, 0x0) r9 = dup(r8) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={&(0x7f0000000180)="463624aabde5a51f7799bf85ce199c2bbf9b435310c3a2a379f54a6c3852e07c145fb797f77bf916f151fb040524fee68f873635b54ce4ae64e10731224ff8d7ad9c", &(0x7f0000000540)=""/134, &(0x7f0000000280)="3c952315b3b239b1b75ca8a41d9dd3ebb61edf14cef5198110d24eddc2563b589a7b260ab680f160ab257b012e", &(0x7f0000000600)="847bcbb3c9bc714ca0311876e7b3fa93262efc51e8257e23a9e5e85aa9b95e8c1ff7ebf44446710efee50becdcabfbe1f9106ae7a092eb86758c57111af3141a7afa955be362f5e05ebb977a692d2bad8321d871600332c1964f419f9df18f9568f12f1d1671299585a55ad4951445c11402e82ff4956acb70d943e5a25127", 0x2, r9}, 0x38) r10 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) write$UHID_SET_REPORT_REPLY(r11, &(0x7f0000000100)={0xe, {0xa, 0x4, 0x5, 0x6e, "7d60d80757f60e0c6c1a2020109329fa98e1c880d11bcc78cb33ee4de49fbce4794e6b48b458b685e7cf2fe6eddd3e07848cc15b6f5ab902b5af931e8220b8fe829dad3b7cae078609fba44498941991da5646374e40933a69d3697d35a128bc3d140fbfb39800f7f0efc0711918"}}, 0x7a) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000340)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r8, 0x4008642b, &(0x7f0000000500)={r12}) ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000080)={r12, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/load\x00', 0x2, 0x0) [ 814.974534] ? __alloc_skb+0x3ad/0x5b0 [ 814.978444] __sk_mem_raise_allocated+0x543/0x1360 [ 814.983400] __sk_mem_schedule+0x65/0xd0 [ 814.987490] tcp_sendmsg_locked+0x1898/0x2ff0 [ 814.992079] ? tcp_sendpage+0x60/0x60 [ 814.995918] ? mark_held_locks+0xa6/0xf0 [ 814.999993] ? __local_bh_enable_ip+0x159/0x270 [ 815.004679] tcp_sendmsg+0x2b/0x40 [ 815.008240] inet_sendmsg+0x12e/0x590 [ 815.012072] ? ipip_gro_receive+0x100/0x100 [ 815.016504] sock_sendmsg+0xcf/0x120 [ 815.020228] ___sys_sendmsg+0x3e2/0x920 [ 815.024215] ? copy_msghdr_from_user+0x410/0x410 [ 815.028990] ? mark_held_locks+0xf0/0xf0 [ 815.033063] ? lock_downgrade+0x740/0x740 [ 815.037232] ? check_preemption_disabled+0x41/0x280 [ 815.042268] ? find_held_lock+0x2d/0x110 [ 815.046342] ? __might_fault+0x11f/0x1d0 [ 815.050424] ? lock_downgrade+0x740/0x740 [ 815.054600] __sys_sendmmsg+0x195/0x470 [ 815.058595] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 815.062931] ? lock_downgrade+0x740/0x740 [ 815.067118] ? __might_fault+0x192/0x1d0 [ 815.071196] ? _copy_to_user+0xb8/0x100 [ 815.075187] ? put_timespec64+0xcb/0x120 [ 815.079261] ? nsecs_to_jiffies+0x30/0x30 [ 815.083440] ? __x64_sys_clock_gettime+0x165/0x240 [ 815.088389] ? __ia32_sys_clock_settime+0x260/0x260 [ 815.093418] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 815.098186] __x64_sys_sendmmsg+0x99/0x100 [ 815.102431] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 815.107024] do_syscall_64+0xf9/0x620 [ 815.110842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 815.116099] RIP: 0033:0x45c479 [ 815.119302] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 815.138208] RSP: 002b:00007fd108d6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 815.145923] RAX: ffffffffffffffda RBX: 00007fd108d6d6d4 RCX: 000000000045c479 [ 815.153197] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 815.160474] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 815.167749] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 815.175035] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 815.187738] Task in /syz1 killed as a result of limit of /syz1 [ 815.196068] memory: usage 307176kB, limit 307200kB, failcnt 4724 [ 815.230509] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 815.268347] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 815.293443] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB 01:53:55 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0xfc}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:55 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x8a0) [ 815.346490] Memory cgroup out of memory: Kill process 30242 (syz-executor.1) score 1103 or sacrifice child 01:53:55 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x106}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)={0x268, 0x0, 0x5, 0x703, 0x0, 0x0, {0x3, 0x0, 0x9}, [{{0x254, 0x1, {{0x1, 0x8d21}, 0x80, 0x6, 0x3116, 0x3, 0xe, 'syz1\x00', "7de222cf0f1665c4016de2a2cef6d95e7d153cd41ff0e66c1059d6a27cd9a9d9", "d3101e18b3adc97c94ebd5cde44ac5480fd6436e282a29a47190f601fe2939c9", [{0x1f, 0x1, {0x3}}, {0x1, 0x0, {0x1, 0x4}}, {0x3, 0x7, {0x0, 0x80000000}}, {0x9, 0x101, {0x1, 0x3}}, {0x7b5e, 0x5f46, {0x3, 0x8001}}, {0x7ff, 0xc81, {0x3, 0x3}}, {0x4, 0x7, {0x3, 0x200}}, {0x8, 0x6, {0x0, 0x7}}, {0x8000, 0x4, {0x1}}, {0x6, 0x2, {0x0, 0x30f0}}, {0x9, 0x1d, {0x1, 0x1f}}, {0x8, 0x200, {0x0, 0x20}}, {0x55f9, 0x5, {0x1, 0x100}}, {0x7, 0x101, {0x2, 0x4}}, {0xe6, 0x20, {0x1, 0x9}}, {0x7, 0x800, {0x2, 0x6}}, {0x4, 0x8, {0x2, 0x5}}, {0x1, 0x40, {0x3, 0x5}}, {0x6, 0x519, {0x0, 0x9}}, {0x4, 0x3, {0x2, 0x9}}, {0x8, 0x6, {0x0, 0x3f}}, {0x5, 0x5}, {0x4, 0x7f, {0x1, 0x1}}, {0x3, 0x0, {0x2, 0x81000000}}, {0x2, 0x40, {0x2, 0x4}}, {0x1, 0x1000, {0x3, 0x5}}, {0x800, 0x5, {0x0, 0x40}}, {0x9, 0x7972, {0x1, 0xf60000}}, {0x2fe3, 0xff, {0x3, 0x2}}, {0xff, 0x3, {0x2, 0x7}}, {0x2, 0x7f, {0x2, 0x1000}}, {0x1, 0x3ff, {0x1, 0x1}}, {0xfffe, 0x401, {0x3, 0xdd2}}, {0x0, 0xfffe, {0x3, 0x5}}, {0xe79, 0xfffc, {0x2, 0x6}}, {0x3, 0x0, {0x2, 0x7fffffff}}, {0x3, 0x5, {0x0, 0x3}}, {0x401, 0xffff, {0x0, 0x3}}, {0xfff, 0x6, {0x1}}, {0x1, 0x8, {0x0, 0x1}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x48c0}, 0x4040040) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 815.421162] Killed process 30242 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 815.441366] input: syz1 as /devices/virtual/input/input383 01:53:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x1aff, 0x0, 0x0, 0x0, 0x4ce]}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1ff, 0x3, 0x6000, 0x2000, &(0x7f000001d000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:56 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x8b8) [ 815.560523] oom_reaper: reaped process 30242 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:53:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xa000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:56 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x107}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 815.761441] input: syz1 as /devices/virtual/input/input385 01:53:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair(0x2, 0xa, 0x7f, &(0x7f0000000040)) 01:53:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000100)="f041310400c4e14d74981f1300000f20c035040000000f22c067646565642e0f01c964400f01c442d8a50e000000643ef20f0d1136640f01c566baf80cb8b463fd82ef66bafc0c66edf780e3a500001c000000", 0x53}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_RESUME(r4, 0x4147, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:56 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x8d0) [ 815.938101] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 816.029896] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 816.047618] input: syz1 as /devices/virtual/input/input387 [ 816.096380] CPU: 0 PID: 30513 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 816.104291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 816.113651] Call Trace: [ 816.116255] dump_stack+0x188/0x20d [ 816.119906] dump_header+0x159/0xa5e [ 816.123637] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 816.128756] ? ___ratelimit+0x59/0x573 [ 816.132655] oom_kill_process.cold+0x10/0x6dc [ 816.137165] ? task_will_free_mem+0x134/0x6d0 [ 816.141661] out_of_memory+0x349/0x1250 [ 816.145654] ? oom_killer_disable+0x270/0x270 [ 816.150162] mem_cgroup_out_of_memory+0x1c7/0x240 [ 816.155036] ? memcg_event_wake+0x210/0x210 [ 816.159390] ? do_raw_spin_unlock+0x171/0x260 [ 816.163887] try_charge+0xe22/0x1300 [ 816.167630] ? __kmalloc_node_track_caller+0x38/0x70 [ 816.172742] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 816.177599] ? mark_held_locks+0xa6/0xf0 [ 816.181673] ? mem_cgroup_charge_skmem+0x111/0x270 [ 816.186621] ? mark_held_locks+0xa6/0xf0 [ 816.190693] ? mem_cgroup_charge_skmem+0x111/0x270 [ 816.195648] mem_cgroup_charge_skmem+0x126/0x270 [ 816.200412] ? mem_cgroup_sk_free+0x80/0x80 [ 816.204741] ? __sk_mem_raise_allocated+0x617/0x1360 [ 816.209858] __sk_mem_raise_allocated+0x543/0x1360 [ 816.214798] __sk_mem_schedule+0x65/0xd0 [ 816.218876] tcp_sendmsg_locked+0x1898/0x2ff0 [ 816.223392] ? tcp_sendpage+0x60/0x60 [ 816.227205] ? mark_held_locks+0xa6/0xf0 [ 816.231314] ? __local_bh_enable_ip+0x159/0x270 [ 816.236000] tcp_sendmsg+0x2b/0x40 [ 816.239551] inet_sendmsg+0x12e/0x590 [ 816.243370] ? ipip_gro_receive+0x100/0x100 [ 816.247697] sock_sendmsg+0xcf/0x120 [ 816.251423] ___sys_sendmsg+0x3e2/0x920 [ 816.255412] ? copy_msghdr_from_user+0x410/0x410 [ 816.260187] ? mark_held_locks+0xf0/0xf0 [ 816.264264] ? lock_downgrade+0x740/0x740 [ 816.268429] ? check_preemption_disabled+0x41/0x280 [ 816.273457] ? find_held_lock+0x2d/0x110 [ 816.277545] ? __might_fault+0x11f/0x1d0 [ 816.281627] ? lock_downgrade+0x740/0x740 [ 816.285819] __sys_sendmmsg+0x195/0x470 [ 816.289810] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 816.294142] ? lock_downgrade+0x740/0x740 [ 816.298311] ? __might_fault+0x192/0x1d0 [ 816.302383] ? _copy_to_user+0xb8/0x100 [ 816.306411] ? put_timespec64+0xcb/0x120 [ 816.310489] ? nsecs_to_jiffies+0x30/0x30 [ 816.314659] ? __x64_sys_clock_gettime+0x165/0x240 [ 816.319623] ? __ia32_sys_clock_settime+0x260/0x260 [ 816.324647] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 816.329411] __x64_sys_sendmmsg+0x99/0x100 [ 816.333654] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 816.338245] do_syscall_64+0xf9/0x620 [ 816.342071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 816.347266] RIP: 0033:0x45c479 [ 816.350465] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 816.369400] RSP: 002b:00007fd108d6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 816.377110] RAX: ffffffffffffffda RBX: 00007fd108d6d6d4 RCX: 000000000045c479 [ 816.384384] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 01:53:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x8200, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x9, 0x100) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x5, 0x0, 0x2000, 0x1000, &(0x7f0000000000/0x1000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$KVM_GET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{}]}) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="0000f200000000004272b7543a1e5a"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 816.391672] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 816.398963] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 816.406239] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 816.417668] Task in /syz1 killed as a result of limit of /syz1 [ 816.424343] memory: usage 307188kB, limit 307200kB, failcnt 4742 [ 816.430960] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 816.440556] input: syz1 as /devices/virtual/input/input388 [ 816.455123] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 816.497870] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:176KB inactive_file:0KB active_file:0KB unevictable:0KB 01:53:57 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x300}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000380)={'bridge_slave_0\x00', {0x2, 0x4e24, @local}}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r3) preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000040)}, {&(0x7f0000000080)=""/29, 0x1d}, {&(0x7f00000000c0)=""/31, 0x1f}, {&(0x7f0000000100)=""/227, 0xe3}, {&(0x7f0000000240)=""/28, 0x1c}, {&(0x7f0000000280)=""/40, 0x28}, {&(0x7f00000002c0)=""/16, 0x10}], 0x7, 0x9) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0x0, 0x11b103) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) 01:53:57 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x108}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:57 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x8e8) 01:53:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0xc) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 816.661554] Memory cgroup out of memory: Kill process 30403 (syz-executor.1) score 1103 or sacrifice child [ 816.726612] Killed process 30403 (syz-executor.1) total-vm:74832kB, anon-rss:96kB, file-rss:34816kB, shmem-rss:0kB [ 816.775060] input: syz1 as /devices/virtual/input/input389 [ 816.840517] oom_reaper: reaped process 30403 (syz-executor.1), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB [ 816.858246] input: syz1 as /devices/virtual/input/input390 01:53:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:57 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x900) 01:53:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) recvfrom$rxrpc(r3, &(0x7f00000000c0)=""/150, 0x96, 0x40000040, &(0x7f0000000180)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e21, @broadcast}}, 0x24) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/validatetrans\x00', 0x1, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, &(0x7f0000000040)=ANY=[]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200880, 0x0) r5 = accept$netrom(r3, &(0x7f0000000240)={{0x3, @bcast}, [@remote, @bcast, @netrom, @default, @bcast, @null, @remote, @rose]}, &(0x7f00000002c0)=0x48) ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40086607, &(0x7f0000000300)=0x7fffffff) [ 816.981727] syz-executor.1 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 01:53:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44200) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x10200, 0x0, 0x2000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$UI_SET_PROPBIT(r3, 0x4004556e, 0xc) sendmsg$NFT_MSG_GETRULE(r3, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)={0xec, 0x7, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_RULE_USERDATA={0x96, 0x7, 0x1, 0x0, "cf750b286767c14ded5bb804699c24c5bf22fa323421c525b637f26e015b9794e86ee88cdf71c9839bd8e3ec952df8d96f7b0e864c13b78af08efaebd9669975f57129586ae7a0748d4b98ea088608dd4ce8820e4ab17932db2d958ecf34fe7ad437ff6223d5ac2dbfb2115e6163dd873aebbfc7c84fc36f15590fd910b757cd492322f4eb8369149edd840caee54e12d0bf"}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}]}, 0xec}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) pipe(&(0x7f0000000040)={0xffffffffffffffff}) write$USERIO_CMD_REGISTER(r4, &(0x7f0000000080)={0x0, 0xdf}, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 817.028474] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 817.065053] CPU: 1 PID: 28656 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 817.072960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 817.082330] Call Trace: [ 817.084931] dump_stack+0x188/0x20d [ 817.088573] dump_header+0x159/0xa5e [ 817.092294] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 817.097401] ? ___ratelimit+0x59/0x573 [ 817.101325] oom_kill_process.cold+0x10/0x6dc [ 817.105837] ? task_will_free_mem+0x134/0x6d0 [ 817.110355] out_of_memory+0x349/0x1250 [ 817.114340] ? oom_killer_disable+0x270/0x270 [ 817.118874] mem_cgroup_out_of_memory+0x1c7/0x240 [ 817.123723] ? memcg_event_wake+0x210/0x210 [ 817.128059] ? do_raw_spin_unlock+0x171/0x260 [ 817.132566] try_charge+0xe22/0x1300 [ 817.136323] ? find_held_lock+0x2d/0x110 [ 817.140390] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 817.145239] ? lock_downgrade+0x740/0x740 [ 817.149384] ? check_preemption_disabled+0x41/0x280 [ 817.154428] memcg_kmem_charge_memcg+0x7b/0x150 [ 817.159126] ? memcg_kmem_put_cache+0xb0/0xb0 [ 817.163660] ? should_fail+0x142/0x7bc [ 817.167589] ? __isolate_free_page+0x4c0/0x4c0 [ 817.172171] memcg_kmem_charge+0x132/0x360 [ 817.176420] __alloc_pages_nodemask+0x396/0x6a0 [ 817.181091] ? __alloc_pages_slowpath+0x26a0/0x26a0 [ 817.186117] ? _raw_spin_unlock_irq+0x24/0x80 [ 817.190633] copy_process.part.0+0x3d6/0x7a60 [ 817.195143] ? mark_held_locks+0xf0/0xf0 [ 817.199217] ? mark_held_locks+0xf0/0xf0 [ 817.203298] ? __cleanup_sighand+0x60/0x60 [ 817.207539] ? lock_downgrade+0x740/0x740 [ 817.211696] ? __might_fault+0x192/0x1d0 [ 817.215760] _do_fork+0x22f/0xf40 [ 817.219228] ? fork_idle+0x1e0/0x1e0 [ 817.222946] ? __x64_sys_clock_gettime+0x165/0x240 [ 817.227872] ? __ia32_sys_clock_settime+0x260/0x260 [ 817.232888] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 817.237647] ? trace_hardirqs_off_caller+0x55/0x210 [ 817.242662] ? do_syscall_64+0x21/0x620 [ 817.246638] do_syscall_64+0xf9/0x620 [ 817.250441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 817.255632] RIP: 0033:0x45aa4a [ 817.258832] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 817.277732] RSP: 002b:00007fff9d841580 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 817.285443] RAX: ffffffffffffffda RBX: 00007fff9d841580 RCX: 000000000045aa4a [ 817.292715] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 817.299986] RBP: 00007fff9d8415c0 R08: 0000000000000001 R09: 0000000001b75940 [ 817.307256] R10: 0000000001b75c10 R11: 0000000000000246 R12: 0000000000000001 [ 817.314526] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff9d841610 [ 817.333708] input: syz1 as /devices/virtual/input/input391 01:53:57 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x918) [ 817.428446] Task in /syz1 killed as a result of limit of /syz1 [ 817.451161] memory: usage 309184kB, limit 307200kB, failcnt 5025 [ 817.478876] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 817.502375] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 817.509414] Memory cgroup stats for /syz1: cache:0KB rss:168KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:52KB inactive_file:0KB active_file:0KB unevictable:0KB [ 817.541742] input: syz1 as /devices/virtual/input/input393 01:53:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f00000000c0)="f2a60f20e06635002000000f22e0b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0xd}], 0x66f8248efc0ebf9, 0x0, 0x0, 0xfffffe24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 817.583131] Memory cgroup out of memory: Kill process 28656 (syz-executor.1) score 117 or sacrifice child [ 817.607204] input: syz1 as /devices/virtual/input/input394 [ 817.636285] Killed process 28656 (syz-executor.1) total-vm:74568kB, anon-rss:96kB, file-rss:35776kB, shmem-rss:0kB 01:53:58 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x109}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 817.703817] oom_reaper: reaped process 28656 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 01:53:58 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x500}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:53:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000012000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="67660fc73166ea630000009c00660fc7b40000ba200066edb800008ee8fece660f293d66b90d03000066b80000000066ba000000000f30baf80c66b89e88b28a66efbafc0cb80600ef66b8050000800f23d00f21f86635300000070f23f8", 0x5e}], 0x1, 0x1c, &(0x7f0000000100)=[@vmwrite={0x8, 0x0, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, @cstype3={0x5, 0xd}], 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:58 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x930) 01:53:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x10000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:53:58 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10a}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 818.316239] input: syz1 as /devices/virtual/input/input395 01:53:58 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x948) 01:53:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:53:58 executing program 5: r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x1, 0x640100) accept$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 01:53:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x11000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 818.629986] input: syz1 as /devices/virtual/input/input397 [ 818.726568] input: syz1 as /devices/virtual/input/input398 01:53:59 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x960) 01:53:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 819.011542] input: syz1 as /devices/virtual/input/input399 01:54:00 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x600}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5af03b8019248d4a988089b248bc4784843b2e8799e39564e4eaba584cffe3507739d8626e045de8717ee4d7711bf9628085667b8313ccd78738c5ed443a5c74099f7994abebdf553d416da92a5460f9612a27cca2a4e37262b0767903ce021d55"]) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x60002000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:00 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x978) 01:54:00 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10b}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 819.701419] input: syz1 as /devices/virtual/input/input401 01:54:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x3000, 0x1000, &(0x7f0000004000/0x1000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000000040)) r5 = syz_open_dev$mouse(&(0x7f0000000480)='/dev/input/mouse#\x00', 0xa7c, 0x20000) ioctl$FBIOPUT_CON2FBMAP(r5, 0x4610, &(0x7f00000004c0)={0x30}) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140)='batadv\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r7, 0x29, 0x22, &(0x7f0000000240)={{{@in=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast2}}, &(0x7f0000000180)=0xe8) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r12}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x3c, r8, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r12}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x77}]}, 0x3c}}, 0x40004) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_GET_XCRS(r7, 0x8188aea6, &(0x7f00000000c0)={0x2, 0x9, [{0x80000001, 0x0, 0x3}, {0x10000, 0x0, 0xb88}]}) r13 = syz_open_dev$audion(&(0x7f00000003c0)='/dev/audio#\x00', 0xed, 0x40) ioctl$RTC_VL_READ(r13, 0x80047013, &(0x7f0000000440)) 01:54:00 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x990) 01:54:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 820.254629] input: syz1 as /devices/virtual/input/input403 [ 820.347482] input: syz1 as /devices/virtual/input/input404 [ 821.851659] IPVS: ftp: loaded support on port[0] = 21 [ 821.942065] chnl_net:caif_netlink_parms(): no params data found [ 821.992664] bridge0: port 1(bridge_slave_0) entered blocking state [ 821.999125] bridge0: port 1(bridge_slave_0) entered disabled state [ 822.006486] device bridge_slave_0 entered promiscuous mode [ 822.013780] bridge0: port 2(bridge_slave_1) entered blocking state [ 822.020692] bridge0: port 2(bridge_slave_1) entered disabled state [ 822.027886] device bridge_slave_1 entered promiscuous mode [ 822.049279] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 822.059954] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 822.078273] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 822.085971] team0: Port device team_slave_0 added [ 822.092256] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 822.100240] team0: Port device team_slave_1 added [ 822.114649] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 822.120905] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 822.146145] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 822.158755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 822.165088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 822.190864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 822.202217] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 822.209812] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 822.267045] device hsr_slave_0 entered promiscuous mode [ 822.314947] device hsr_slave_1 entered promiscuous mode [ 822.355775] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 822.362961] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 822.443028] bridge0: port 2(bridge_slave_1) entered blocking state [ 822.449458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 822.456171] bridge0: port 1(bridge_slave_0) entered blocking state [ 822.462557] bridge0: port 1(bridge_slave_0) entered forwarding state [ 822.511482] 8021q: adding VLAN 0 to HW filter on device bond0 [ 822.521191] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 822.532894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 822.540956] bridge0: port 1(bridge_slave_0) entered disabled state [ 822.547871] bridge0: port 2(bridge_slave_1) entered disabled state [ 822.561548] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 822.567674] 8021q: adding VLAN 0 to HW filter on device team0 [ 822.578796] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 822.586765] bridge0: port 1(bridge_slave_0) entered blocking state [ 822.593115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 822.603299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 822.612238] bridge0: port 2(bridge_slave_1) entered blocking state [ 822.618702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 822.647591] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 822.656698] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 822.665420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 822.672890] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 822.683385] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 822.691484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 822.699810] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 822.710901] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 822.717230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 822.733332] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 822.741376] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 822.748600] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 822.755402] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 822.771869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 822.822612] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 822.833864] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 822.841046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 822.851222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 822.892225] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 822.899991] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 822.907175] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 822.918930] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 822.925858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 822.933284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 822.942082] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 822.949568] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 822.960670] device veth0_vlan entered promiscuous mode [ 822.972680] device veth1_vlan entered promiscuous mode [ 822.979055] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 822.988658] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 823.002981] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 823.013197] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 823.020163] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 823.028105] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 823.035991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 823.043631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 823.053989] device veth0_macvtap entered promiscuous mode [ 823.061281] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 823.069921] device veth1_macvtap entered promiscuous mode [ 823.076436] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 823.087544] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 823.098736] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 823.109843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.120391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.130358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.140176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.149373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.159146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.169883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.179668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.188826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.199156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.208361] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.218112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.227293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.237132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.246408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 823.256190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.267026] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 823.273977] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 823.282084] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 823.290341] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 823.297853] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 823.306173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 823.318681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.328628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.337851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.347610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.356835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.367055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.377201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.387004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.396164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.406258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.415471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.425746] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.434938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.444861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.453991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 823.464164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 823.475266] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 823.482144] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 823.490570] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 823.499362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 01:54:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x15000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:04 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x9a8) 01:54:04 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10c}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a048759093223b3f99b9802f43bdd37ddd184daf57ba361a42c"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:04 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x700}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) [ 823.678143] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 823.782185] input: syz1 as /devices/virtual/input/input405 01:54:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x5000, 0x2000, &(0x7f0000001000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x400, 0x3) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, 0x140d, 0x10, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4015}, 0x4) [ 823.867575] input: syz1 as /devices/virtual/input/input406 [ 823.962917] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=1000 [ 823.984596] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 823.990153] CPU: 0 PID: 31467 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 823.998042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 824.007392] Call Trace: [ 824.009990] dump_stack+0x188/0x20d [ 824.013643] dump_header+0x159/0xa5e [ 824.017386] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 824.022505] ? ___ratelimit+0x59/0x573 [ 824.026419] oom_kill_process.cold+0x10/0x6dc [ 824.030929] ? task_will_free_mem+0x134/0x6d0 [ 824.035444] out_of_memory+0x349/0x1250 [ 824.039439] ? oom_killer_disable+0x270/0x270 [ 824.043975] mem_cgroup_out_of_memory+0x1c7/0x240 [ 824.048821] ? memcg_event_wake+0x210/0x210 [ 824.053152] ? do_raw_spin_unlock+0x171/0x260 [ 824.057646] try_charge+0xe22/0x1300 [ 824.061386] ? __kmalloc_node_track_caller+0x38/0x70 [ 824.066491] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 824.071333] ? mark_held_locks+0xa6/0xf0 [ 824.075410] ? mem_cgroup_charge_skmem+0x111/0x270 [ 824.080361] ? mark_held_locks+0xa6/0xf0 [ 824.084420] ? mem_cgroup_charge_skmem+0x111/0x270 [ 824.089357] mem_cgroup_charge_skmem+0x126/0x270 [ 824.094112] ? mem_cgroup_sk_free+0x80/0x80 [ 824.098436] ? __sk_mem_raise_allocated+0x617/0x1360 [ 824.103540] __sk_mem_raise_allocated+0x543/0x1360 [ 824.108476] __sk_mem_schedule+0x65/0xd0 [ 824.112551] tcp_sendmsg_locked+0x1898/0x2ff0 [ 824.117063] ? tcp_sendpage+0x60/0x60 [ 824.120867] ? mark_held_locks+0xa6/0xf0 [ 824.124928] ? __local_bh_enable_ip+0x159/0x270 [ 824.129599] tcp_sendmsg+0x2b/0x40 [ 824.133139] inet_sendmsg+0x12e/0x590 [ 824.136940] ? ipip_gro_receive+0x100/0x100 [ 824.141261] sock_sendmsg+0xcf/0x120 [ 824.144975] ___sys_sendmsg+0x3e2/0x920 [ 824.148955] ? copy_msghdr_from_user+0x410/0x410 [ 824.153711] ? mark_held_locks+0xf0/0xf0 [ 824.157823] ? lock_downgrade+0x740/0x740 [ 824.161975] ? check_preemption_disabled+0x41/0x280 [ 824.167010] ? find_held_lock+0x2d/0x110 [ 824.171144] ? __might_fault+0x11f/0x1d0 [ 824.175207] ? lock_downgrade+0x740/0x740 [ 824.179367] __sys_sendmmsg+0x195/0x470 [ 824.183346] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 824.187668] ? lock_downgrade+0x740/0x740 [ 824.191840] ? __might_fault+0x192/0x1d0 [ 824.195913] ? _copy_to_user+0xb8/0x100 [ 824.199894] ? put_timespec64+0xcb/0x120 [ 824.203965] ? nsecs_to_jiffies+0x30/0x30 [ 824.208132] ? __x64_sys_clock_gettime+0x165/0x240 [ 824.213063] ? __ia32_sys_clock_settime+0x260/0x260 [ 824.218081] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 824.222839] __x64_sys_sendmmsg+0x99/0x100 [ 824.227073] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 824.231653] do_syscall_64+0xf9/0x620 [ 824.235461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 824.240649] RIP: 0033:0x45c479 [ 824.243839] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 01:54:04 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x9c0) 01:54:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 824.262741] RSP: 002b:00007f6a18f2bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 824.270460] RAX: ffffffffffffffda RBX: 00007f6a18f2c6d4 RCX: 000000000045c479 [ 824.277734] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 824.285004] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 824.292269] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 824.299558] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 824.365385] input: syz1 as /devices/virtual/input/input407 [ 824.441410] input: syz1 as /devices/virtual/input/input408 01:54:04 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x9d8) [ 824.614735] Task in /syz1 killed as a result of limit of /syz1 01:54:05 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10d}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 824.657821] input: syz1 as /devices/virtual/input/input409 [ 824.664785] memory: usage 307196kB, limit 307200kB, failcnt 5040 01:54:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 824.701698] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 824.790019] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 824.803035] input: syz1 as /devices/virtual/input/input410 [ 824.833109] Memory cgroup stats for /syz1: cache:0KB rss:2140KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2212KB inactive_file:0KB active_file:0KB unevictable:0KB [ 824.922480] Memory cgroup out of memory: Kill process 31398 (syz-executor.1) score 1110 or sacrifice child [ 824.977354] Killed process 31398 (syz-executor.1) total-vm:74964kB, anon-rss:2200kB, file-rss:35832kB, shmem-rss:0kB [ 825.011875] oom_reaper: reaped process 31398 (syz-executor.1), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 01:54:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x280b0000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:05 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x900}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:05 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0x9f0) 01:54:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@ipv4={[], [], @dev}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x1010, &(0x7f0000000240)={[{@index_on='index=on'}, {@metacopy_off='metacopy=off'}], [{@uid_lt={'uid<', r4}}, {@dont_appraise='dont_appraise'}, {@pcr={'pcr', 0x3d, 0x1c}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/kvm\x00'}}]}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_GET_MSR_INDEX_LIST(r7, 0xc004ae02, &(0x7f00000002c0)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r5, 0xae80, 0x0) 01:54:05 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10e}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 825.093844] input: syz1 as /devices/virtual/input/input411 [ 825.247770] input: syz1 as /devices/virtual/input/input412 01:54:05 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa08) 01:54:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000040)=0x8) [ 825.444701] input: syz1 as /devices/virtual/input/input413 01:54:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa20) [ 825.665594] input: syz1 as /devices/virtual/input/input415 [ 825.727747] input: syz1 as /devices/virtual/input/input416 01:54:06 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x10f}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:06 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x3f000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:06 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0xa00}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000040)='security.ima\x00', &(0x7f0000000080)=@sha1={0x1, "b1520ab93a061db98a433ea000ed06242400bfe2"}, 0x15, 0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x2c, 0x48, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r7 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x121040, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r7, 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$PPPIOCGCHAN(r9, 0x80047437, &(0x7f0000000100)) 01:54:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa38) 01:54:06 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x110}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:06 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x40000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 826.309714] input: syz1 as /devices/virtual/input/input417 [ 826.433615] input: syz1 as /devices/virtual/input/input418 01:54:06 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x111}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:54:06 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa50) 01:54:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_NET_GET(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x3e0, r5, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x10001}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}]}, @TIPC_NLA_BEARER={0x19c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x8, @remote, 0x8}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xfffff800, @ipv4={[], [], @multicast2}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e20, @loopback}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x51e, @loopback, 0x101}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x5, @mcast2, 0x8}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @local}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x4, @mcast1, 0x2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x70f}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa85}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7bfb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_LINK={0xd0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf0b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x10001}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x50a}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x24000000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10001}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1a}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}, @TIPC_NLA_SOCK={0x70, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8000}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x86}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5143}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x33}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xf21}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}]}, 0x3e0}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:07 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x40020000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 826.676181] input: syz1 as /devices/virtual/input/input419 [ 826.787023] input: syz1 as /devices/virtual/input/input420 01:54:07 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0xe80}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:07 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa68) 01:54:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 01:54:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a5241382a4ab77575b52d6e0ce52048450617ce766d06e044b021e12118ddb9de12b21abb94a88b82de04fa5cd4ecbb8fdfd9126b5b4eb210705d2d9577cf739d9a818cbb37662361b00f08ec3d8cc47d941eafc453bd67c0e83857e52788cf8f5087df8f127e79a83bc40e909ed9b0d40462ed556c2084dcd91e61"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:07 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x112}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:07 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x60000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 827.447712] input: syz1 as /devices/virtual/input/input421 01:54:07 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r0, 0xae80, 0x0) [ 827.533262] input: syz1 as /devices/virtual/input/input422 01:54:08 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x113}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x80040200}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x402000, 0x0) ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000080)=0x3ff) 01:54:08 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r0, 0xae80, 0x0) 01:54:08 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa80) [ 827.859450] input: syz1 as /devices/virtual/input/input423 [ 827.945382] input: syz1 as /devices/virtual/input/input424 01:54:08 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x1100}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:08 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r0, 0xae80, 0x0) 01:54:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = eventfd2(0x2, 0x1) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000040)={r5, 0x7, 0x6}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:08 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xa98) 01:54:08 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x114}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x8b000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:08 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 828.494744] input: syz1 as /devices/virtual/input/input425 [ 828.586536] input: syz1 as /devices/virtual/input/input426 01:54:09 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x115}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_PPC_GET_PVINFO(r4, 0x4080aea1, &(0x7f0000000080)=""/211) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$TUNGETSNDBUF(r6, 0x800454d3, &(0x7f0000000040)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:09 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0x94050000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:09 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xab0) 01:54:09 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 828.875936] input: syz1 as /devices/virtual/input/input427 01:54:09 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x2800}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:09 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:54:09 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xac8) 01:54:09 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xcb010000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:09 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x116}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 829.608901] input: syz1 as /devices/virtual/input/input429 01:54:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 829.676950] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 829.716665] input: syz1 as /devices/virtual/input/input430 01:54:10 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x117}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 829.747620] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 829.793895] CPU: 1 PID: 32053 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 829.801808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 829.811168] Call Trace: [ 829.813783] dump_stack+0x188/0x20d [ 829.817432] dump_header+0x159/0xa5e [ 829.821161] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 829.826275] ? ___ratelimit+0x59/0x573 [ 829.830174] oom_kill_process.cold+0x10/0x6dc [ 829.834683] ? task_will_free_mem+0x134/0x6d0 [ 829.839191] out_of_memory+0x349/0x1250 [ 829.843182] ? oom_killer_disable+0x270/0x270 [ 829.847692] mem_cgroup_out_of_memory+0x1c7/0x240 [ 829.852568] ? memcg_event_wake+0x210/0x210 [ 829.856926] ? do_raw_spin_unlock+0x171/0x260 [ 829.861429] try_charge+0xe22/0x1300 [ 829.865166] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 829.870033] ? mark_held_locks+0xa6/0xf0 [ 829.874097] ? mem_cgroup_charge_skmem+0x111/0x270 [ 829.879049] mem_cgroup_charge_skmem+0x126/0x270 [ 829.883809] ? mem_cgroup_sk_free+0x80/0x80 [ 829.888147] ? lock_downgrade+0x740/0x740 [ 829.892306] ? iov_iter_advance+0x219/0xe10 [ 829.896640] __sk_mem_raise_allocated+0x543/0x1360 [ 829.901583] __sk_mem_schedule+0x65/0xd0 [ 829.905661] tcp_sendmsg_locked+0x1898/0x2ff0 [ 829.910180] ? tcp_sendpage+0x60/0x60 [ 829.913992] ? mark_held_locks+0xa6/0xf0 [ 829.918085] ? __local_bh_enable_ip+0x159/0x270 [ 829.922765] tcp_sendmsg+0x2b/0x40 [ 829.926418] inet_sendmsg+0x12e/0x590 [ 829.930246] ? ipip_gro_receive+0x100/0x100 [ 829.934580] sock_sendmsg+0xcf/0x120 [ 829.938311] ___sys_sendmsg+0x3e2/0x920 [ 829.942296] ? copy_msghdr_from_user+0x410/0x410 [ 829.947079] ? mark_held_locks+0xf0/0xf0 [ 829.951156] ? lock_downgrade+0x740/0x740 [ 829.955316] ? check_preemption_disabled+0x41/0x280 [ 829.960355] ? find_held_lock+0x2d/0x110 [ 829.964447] ? __might_fault+0x11f/0x1d0 [ 829.968516] ? lock_downgrade+0x740/0x740 [ 829.972693] __sys_sendmmsg+0x195/0x470 [ 829.976678] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 829.981009] ? lock_downgrade+0x740/0x740 [ 829.985176] ? __might_fault+0x192/0x1d0 [ 829.989243] ? _copy_to_user+0xb8/0x100 [ 829.993233] ? put_timespec64+0xcb/0x120 [ 829.997300] ? nsecs_to_jiffies+0x30/0x30 [ 830.001463] ? __x64_sys_clock_gettime+0x165/0x240 [ 830.006401] ? __ia32_sys_clock_settime+0x260/0x260 [ 830.011432] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 830.016207] __x64_sys_sendmmsg+0x99/0x100 [ 830.020455] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 830.025052] do_syscall_64+0xf9/0x620 [ 830.028864] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 830.034221] RIP: 0033:0x45c479 [ 830.037419] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 830.056325] RSP: 002b:00007f6a18f4cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 830.064046] RAX: ffffffffffffffda RBX: 00007f6a18f4d6d4 RCX: 000000000045c479 [ 830.071317] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 830.078586] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 [ 830.085863] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 830.093146] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bf2c 01:54:10 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xae0) [ 830.186127] Task in /syz1 killed as a result of limit of /syz1 [ 830.193221] memory: usage 304920kB, limit 307200kB, failcnt 5064 [ 830.201544] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 830.220125] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 01:54:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 830.230851] Memory cgroup stats for /syz1: cache:0KB rss:2168KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2200KB inactive_file:0KB active_file:0KB unevictable:0KB [ 830.253374] Memory cgroup out of memory: Kill process 32052 (syz-executor.1) score 1110 or sacrifice child [ 830.270610] Killed process 32052 (syz-executor.1) total-vm:74700kB, anon-rss:2148kB, file-rss:34816kB, shmem-rss:0kB 01:54:10 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x118}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 830.285831] oom_reaper: reaped process 32052 (syz-executor.1), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 01:54:10 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xd9000000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 830.377239] input: syz1 as /devices/virtual/input/input431 01:54:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 830.490026] input: syz1 as /devices/virtual/input/input432 [ 830.629823] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 830.678520] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 830.697989] CPU: 1 PID: 32087 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 830.705897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 830.715249] Call Trace: [ 830.717869] dump_stack+0x188/0x20d [ 830.721521] dump_header+0x159/0xa5e [ 830.725249] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 830.730359] ? ___ratelimit+0x59/0x573 [ 830.734261] oom_kill_process.cold+0x10/0x6dc [ 830.738783] ? task_will_free_mem+0x134/0x6d0 [ 830.743291] out_of_memory+0x349/0x1250 [ 830.747283] ? oom_killer_disable+0x270/0x270 [ 830.751797] mem_cgroup_out_of_memory+0x1c7/0x240 [ 830.756651] ? memcg_event_wake+0x210/0x210 [ 830.761009] ? do_raw_spin_unlock+0x171/0x260 [ 830.765518] try_charge+0xe22/0x1300 [ 830.769253] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 830.774118] ? mark_held_locks+0xa6/0xf0 [ 830.778187] ? mem_cgroup_charge_skmem+0x111/0x270 [ 830.783128] mem_cgroup_charge_skmem+0x126/0x270 [ 830.787997] ? mem_cgroup_sk_free+0x80/0x80 [ 830.792324] ? lock_downgrade+0x740/0x740 [ 830.796481] ? iov_iter_advance+0x219/0xe10 [ 830.800868] __sk_mem_raise_allocated+0x543/0x1360 [ 830.805847] __sk_mem_schedule+0x65/0xd0 [ 830.809931] tcp_sendmsg_locked+0x1898/0x2ff0 [ 830.814450] ? tcp_sendpage+0x60/0x60 [ 830.818266] ? mark_held_locks+0xa6/0xf0 [ 830.822341] ? __local_bh_enable_ip+0x159/0x270 [ 830.827030] tcp_sendmsg+0x2b/0x40 [ 830.830582] inet_sendmsg+0x12e/0x590 [ 830.834393] ? ipip_gro_receive+0x100/0x100 [ 830.838724] sock_sendmsg+0xcf/0x120 [ 830.842450] ___sys_sendmsg+0x3e2/0x920 [ 830.846433] ? copy_msghdr_from_user+0x410/0x410 [ 830.851203] ? mark_held_locks+0xf0/0xf0 [ 830.855276] ? lock_downgrade+0x740/0x740 [ 830.859465] ? check_preemption_disabled+0x41/0x280 [ 830.864504] ? find_held_lock+0x2d/0x110 [ 830.868576] ? __might_fault+0x11f/0x1d0 [ 830.872645] ? lock_downgrade+0x740/0x740 [ 830.876808] __sys_sendmmsg+0x195/0x470 [ 830.880796] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 830.885127] ? lock_downgrade+0x740/0x740 [ 830.889307] ? __might_fault+0x192/0x1d0 [ 830.893384] ? _copy_to_user+0xb8/0x100 [ 830.897381] ? put_timespec64+0xcb/0x120 [ 830.901456] ? nsecs_to_jiffies+0x30/0x30 [ 830.905639] ? __x64_sys_clock_gettime+0x165/0x240 [ 830.910575] ? __ia32_sys_clock_settime+0x260/0x260 [ 830.915769] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 830.920746] __x64_sys_sendmmsg+0x99/0x100 [ 830.925021] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 830.929730] do_syscall_64+0xf9/0x620 [ 830.933543] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 830.938754] RIP: 0033:0x45c479 [ 830.942095] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 830.961038] RSP: 002b:00007f6a18f2bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 830.968748] RAX: ffffffffffffffda RBX: 00007f6a18f2c6d4 RCX: 000000000045c479 [ 830.976033] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 830.983322] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 830.990633] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 830.997907] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc [ 831.026332] Task in /syz1 killed as a result of limit of /syz1 [ 831.032506] memory: usage 307200kB, limit 307200kB, failcnt 5075 [ 831.054032] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 831.081519] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 831.094292] Memory cgroup stats for /syz1: cache:0KB rss:2156KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2208KB inactive_file:0KB active_file:0KB unevictable:0KB [ 831.123927] Memory cgroup out of memory: Kill process 32081 (syz-executor.1) score 1110 or sacrifice child [ 831.134283] Killed process 32081 (syz-executor.1) total-vm:74832kB, anon-rss:2148kB, file-rss:34816kB, shmem-rss:0kB [ 831.155087] oom_reaper: reaped process 32081 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:54:12 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x2c00}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:12 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xaf8) 01:54:12 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) 01:54:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe41b0000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:12 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x119}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 831.677314] input: syz1 as /devices/virtual/input/input433 01:54:12 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 831.827333] input: syz1 as /devices/virtual/input/input434 01:54:12 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xb10) [ 831.941873] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 01:54:12 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 832.009205] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 832.051315] CPU: 0 PID: 32111 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 832.059251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 832.068614] Call Trace: [ 832.071217] dump_stack+0x188/0x20d [ 832.074862] dump_header+0x159/0xa5e [ 832.078608] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 832.083743] ? ___ratelimit+0x59/0x573 [ 832.087642] oom_kill_process.cold+0x10/0x6dc [ 832.092152] ? task_will_free_mem+0x134/0x6d0 [ 832.096658] out_of_memory+0x349/0x1250 [ 832.100644] ? oom_killer_disable+0x270/0x270 [ 832.105192] mem_cgroup_out_of_memory+0x1c7/0x240 [ 832.110043] ? memcg_event_wake+0x210/0x210 [ 832.114389] ? do_raw_spin_unlock+0x171/0x260 [ 832.118952] try_charge+0xe22/0x1300 [ 832.122687] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 832.127554] ? mark_held_locks+0xa6/0xf0 [ 832.131620] ? mem_cgroup_charge_skmem+0x111/0x270 [ 832.136560] mem_cgroup_charge_skmem+0x126/0x270 [ 832.141320] ? mem_cgroup_sk_free+0x80/0x80 [ 832.145687] ? iov_iter_advance+0x219/0xe10 [ 832.150069] __sk_mem_raise_allocated+0x543/0x1360 [ 832.155009] __sk_mem_schedule+0x65/0xd0 [ 832.159115] tcp_sendmsg_locked+0x1898/0x2ff0 [ 832.163636] ? tcp_sendpage+0x60/0x60 [ 832.167447] ? mark_held_locks+0xa6/0xf0 [ 832.171515] ? __local_bh_enable_ip+0x159/0x270 [ 832.176199] tcp_sendmsg+0x2b/0x40 [ 832.179744] inet_sendmsg+0x12e/0x590 [ 832.183561] ? ipip_gro_receive+0x100/0x100 [ 832.187898] sock_sendmsg+0xcf/0x120 [ 832.191619] ___sys_sendmsg+0x3e2/0x920 [ 832.195613] ? copy_msghdr_from_user+0x410/0x410 [ 832.200381] ? mark_held_locks+0xf0/0xf0 [ 832.204453] ? lock_downgrade+0x740/0x740 [ 832.208647] ? check_preemption_disabled+0x41/0x280 [ 832.213678] ? find_held_lock+0x2d/0x110 [ 832.217755] ? __might_fault+0x11f/0x1d0 [ 832.221830] ? lock_downgrade+0x740/0x740 [ 832.225996] __sys_sendmmsg+0x195/0x470 [ 832.229994] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 832.234323] ? lock_downgrade+0x740/0x740 [ 832.238488] ? __might_fault+0x192/0x1d0 [ 832.242560] ? _copy_to_user+0xb8/0x100 [ 832.246560] ? put_timespec64+0xcb/0x120 [ 832.250635] ? nsecs_to_jiffies+0x30/0x30 [ 832.254819] ? __x64_sys_clock_gettime+0x165/0x240 [ 832.260189] ? __ia32_sys_clock_settime+0x260/0x260 [ 832.265220] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 832.269989] __x64_sys_sendmmsg+0x99/0x100 [ 832.274243] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 832.278876] do_syscall_64+0xf9/0x620 [ 832.282704] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 832.287901] RIP: 0033:0x45c479 [ 832.291132] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 832.310060] RSP: 002b:00007f6a18f2bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 832.317772] RAX: ffffffffffffffda RBX: 00007f6a18f2c6d4 RCX: 000000000045c479 [ 832.325062] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 832.332365] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 832.339638] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff 01:54:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 832.346918] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc 01:54:12 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xb28) 01:54:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 832.536879] input: syz1 as /devices/virtual/input/input436 01:54:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 832.605035] Task in /syz1 killed as a result of limit of /syz1 [ 832.633568] memory: usage 307200kB, limit 307200kB, failcnt 5136 [ 832.646215] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 832.667094] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 832.744620] Memory cgroup stats for /syz1: cache:0KB rss:168KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:184KB inactive_file:0KB active_file:0KB unevictable:0KB [ 832.780886] Memory cgroup out of memory: Kill process 32095 (syz-executor.1) score 1103 or sacrifice child [ 832.800038] Killed process 32095 (syz-executor.1) total-vm:74964kB, anon-rss:164kB, file-rss:35824kB, shmem-rss:0kB [ 832.815183] oom_reaper: reaped process 32095 (syz-executor.1), now anon-rss:0kB, file-rss:34884kB, shmem-rss:0kB 01:54:14 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x3000}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:14 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xb40) 01:54:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:14 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11a}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:14 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe5100000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 834.101826] input: syz1 as /devices/virtual/input/input438 [ 834.165819] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=1000 [ 834.221310] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 834.239864] CPU: 0 PID: 32163 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 834.247837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 834.257381] Call Trace: [ 834.259998] dump_stack+0x188/0x20d [ 834.263755] dump_header+0x159/0xa5e [ 834.267547] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 834.272665] ? ___ratelimit+0x59/0x573 [ 834.276566] oom_kill_process.cold+0x10/0x6dc [ 834.281082] ? task_will_free_mem+0x134/0x6d0 [ 834.285597] out_of_memory+0x349/0x1250 [ 834.289590] ? oom_killer_disable+0x270/0x270 [ 834.294109] mem_cgroup_out_of_memory+0x1c7/0x240 [ 834.298964] ? memcg_event_wake+0x210/0x210 [ 834.303372] ? do_raw_spin_unlock+0x171/0x260 [ 834.307893] try_charge+0xe22/0x1300 [ 834.311632] ? __kmalloc_node_track_caller+0x38/0x70 [ 834.316750] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 834.321623] ? mark_held_locks+0xa6/0xf0 [ 834.325706] ? mem_cgroup_charge_skmem+0x111/0x270 [ 834.330670] ? mark_held_locks+0xa6/0xf0 [ 834.334740] ? mem_cgroup_charge_skmem+0x111/0x270 [ 834.339707] mem_cgroup_charge_skmem+0x126/0x270 [ 834.344479] ? mem_cgroup_sk_free+0x80/0x80 [ 834.348821] ? __sk_mem_raise_allocated+0x617/0x1360 [ 834.353947] __sk_mem_raise_allocated+0x543/0x1360 [ 834.358898] __sk_mem_schedule+0x65/0xd0 [ 834.362974] tcp_sendmsg_locked+0x1898/0x2ff0 [ 834.367503] ? tcp_sendpage+0x60/0x60 [ 834.371322] ? mark_held_locks+0xa6/0xf0 [ 834.375398] ? __local_bh_enable_ip+0x159/0x270 [ 834.380083] tcp_sendmsg+0x2b/0x40 [ 834.383638] inet_sendmsg+0x12e/0x590 [ 834.387454] ? ipip_gro_receive+0x100/0x100 [ 834.391791] sock_sendmsg+0xcf/0x120 [ 834.395521] ___sys_sendmsg+0x3e2/0x920 [ 834.399517] ? copy_msghdr_from_user+0x410/0x410 [ 834.404294] ? mark_held_locks+0xf0/0xf0 [ 834.408367] ? lock_downgrade+0x740/0x740 [ 834.412563] ? check_preemption_disabled+0x41/0x280 [ 834.417714] ? find_held_lock+0x2d/0x110 [ 834.421789] ? __might_fault+0x11f/0x1d0 [ 834.425877] ? lock_downgrade+0x740/0x740 [ 834.430053] __sys_sendmmsg+0x195/0x470 [ 834.434045] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 834.438380] ? lock_downgrade+0x740/0x740 [ 834.442555] ? __might_fault+0x192/0x1d0 [ 834.446631] ? _copy_to_user+0xb8/0x100 [ 834.450628] ? put_timespec64+0xcb/0x120 [ 834.454704] ? nsecs_to_jiffies+0x30/0x30 [ 834.458875] ? __x64_sys_clock_gettime+0x165/0x240 [ 834.463822] ? __ia32_sys_clock_settime+0x260/0x260 [ 834.468857] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 834.473626] __x64_sys_sendmmsg+0x99/0x100 [ 834.477877] ? lockdep_hardirqs_on+0x40b/0x5d0 [ 834.482473] do_syscall_64+0xf9/0x620 [ 834.486365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 834.491575] RIP: 0033:0x45c479 [ 834.494774] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 834.513684] RSP: 002b:00007f6a18f2bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 834.521401] RAX: ffffffffffffffda RBX: 00007f6a18f2c6d4 RCX: 000000000045c479 [ 834.528674] RDX: 04000000000001cc RSI: 0000000020003b40 RDI: 0000000000000003 [ 834.535946] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 [ 834.543222] R10: 0000000004000000 R11: 0000000000000246 R12: 00000000ffffffff [ 834.550495] R13: 00000000000008d4 R14: 00000000004cb383 R15: 000000000076bfcc 01:54:15 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xb58) [ 834.614571] Task in /syz1 killed as a result of limit of /syz1 [ 834.646861] memory: usage 307192kB, limit 307200kB, failcnt 5161 01:54:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 834.703876] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 834.747456] input: syz1 as /devices/virtual/input/input440 [ 834.764626] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 834.764633] Memory cgroup stats for /syz1: cache:0KB rss:36KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:172KB inactive_file:0KB active_file:0KB unevictable:0KB [ 834.764706] Memory cgroup out of memory: Kill process 32155 (syz-executor.1) score 1103 or sacrifice child [ 834.764754] Killed process 32155 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB 01:54:15 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11b}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 834.876545] input: syz1 as /devices/virtual/input/input441 01:54:15 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xb70) 01:54:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 835.146429] input: syz1 as /devices/virtual/input/input442 01:54:15 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xb88) [ 835.288238] oom_reaper: reaped process 32155 (syz-executor.1), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB 01:54:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 835.441086] input: syz1 as /devices/virtual/input/input444 [ 835.547604] input: syz1 as /devices/virtual/input/input445 01:54:16 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x3300}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:16 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xe8030000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xba0) 01:54:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:16 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11c}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 836.021417] input: syz1 as /devices/virtual/input/input446 01:54:16 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 01:54:16 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xbb8) [ 836.172628] syz-executor.1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 836.326531] input: syz1 as /devices/virtual/input/input448 [ 836.388145] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 836.403796] CPU: 0 PID: 32314 Comm: syz-executor.1 Not tainted 4.19.107-syzkaller #0 [ 836.411694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 836.421052] Call Trace: [ 836.423653] dump_stack+0x188/0x20d [ 836.427294] dump_header+0x159/0xa5e [ 836.431064] ? _raw_spin_unlock_irqrestore+0xa0/0xe0 [ 836.436179] ? ___ratelimit+0x59/0x573 [ 836.440080] oom_kill_process.cold+0x10/0x6dc [ 836.444597] ? task_will_free_mem+0x134/0x6d0 [ 836.449111] out_of_memory+0x349/0x1250 [ 836.453103] ? oom_killer_disable+0x270/0x270 [ 836.457622] mem_cgroup_out_of_memory+0x1c7/0x240 [ 836.462476] ? memcg_event_wake+0x210/0x210 [ 836.466877] ? do_raw_spin_unlock+0x171/0x260 [ 836.471398] try_charge+0xe22/0x1300 [ 836.475133] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 836.479989] ? get_mem_cgroup_from_mm+0x179/0x4f0 [ 836.484857] ? __mem_cgroup_largest_soft_limit_node+0x440/0x440 [ 836.490931] ? __lock_acquire+0x6ee/0x49c0 [ 836.495178] mem_cgroup_try_charge+0x249/0x5c0 [ 836.499784] mem_cgroup_try_charge_delay+0x1a/0xa0 [ 836.504732] wp_page_copy+0x3fe/0x1530 [ 836.508636] ? follow_pfn+0x260/0x260 [ 836.512446] ? __lock_acquire+0x6ee/0x49c0 [ 836.516705] do_wp_page+0x518/0xfa0 [ 836.520347] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 836.525042] __handle_mm_fault+0x21a4/0x3b60 [ 836.529462] ? copy_page_range+0x1e70/0x1e70 [ 836.533880] ? count_memcg_event_mm+0x279/0x4c0 [ 836.538577] handle_mm_fault+0x1a5/0x670 [ 836.542652] __do_page_fault+0x5ed/0xdd0 [ 836.546727] ? trace_hardirqs_off_caller+0x55/0x210 [ 836.551747] ? vmalloc_fault+0x730/0x730 [ 836.555828] ? page_fault+0x8/0x30 [ 836.559374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 836.564232] ? page_fault+0x8/0x30 [ 836.567781] page_fault+0x1e/0x30 [ 836.571244] RIP: 0033:0x4114c8 01:54:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 836.574447] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf 78 1d 4c 00 31 c0 e8 e3 09 ff ff 31 ff e8 2c 06 ff ff 0f 1f 40 00 <89> 3c b5 00 00 74 00 eb b6 31 ed 0f 1f 44 00 00 80 3d 7e 11 87 00 [ 836.593353] RSP: 002b:00007fff0a055100 EFLAGS: 00010246 [ 836.598721] RAX: 000000005872530b RBX: 0000000072e3ade6 RCX: 0000001b31220000 [ 836.606006] RDX: 0000000000000000 RSI: 000000000000130b RDI: ffffffff5872530b [ 836.613277] RBP: 0000000000000005 R08: 000000005872530b R09: 000000005872530f [ 836.620552] R10: 00007fff0a0552a0 R11: 0000000000000246 R12: 000000000076bfa8 [ 836.627826] R13: 0000000080000000 R14: 00007f6a1af4e008 R15: 0000000000000005 01:54:17 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11d}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) [ 836.668134] input: syz1 as /devices/virtual/input/input449 01:54:17 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xbd0) 01:54:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 836.899187] input: syz1 as /devices/virtual/input/input450 [ 836.954550] Task in /syz1 killed as a result of limit of /syz1 [ 836.960623] memory: usage 307164kB, limit 307200kB, failcnt 5188 [ 836.983030] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 836.996845] input: syz1 as /devices/virtual/input/input451 01:54:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000004272b79a3a1e5a"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 837.015601] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 837.037717] Memory cgroup stats for /syz1: cache:0KB rss:168KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB [ 837.139358] Memory cgroup out of memory: Kill process 32314 (syz-executor.1) score 1103 or sacrifice child [ 837.193509] Killed process 32314 (syz-executor.1) total-vm:74832kB, anon-rss:100kB, file-rss:34816kB, shmem-rss:0kB [ 837.227958] oom_reaper: reaped process 32314 (syz-executor.1), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 837.998751] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 838.005760] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 838.015245] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 838.022067] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 838.031184] device bridge_slave_1 left promiscuous mode [ 838.044159] bridge0: port 2(bridge_slave_1) entered disabled state [ 838.095673] device bridge_slave_0 left promiscuous mode [ 838.102463] bridge0: port 1(bridge_slave_0) entered disabled state [ 838.152225] device veth1_macvtap left promiscuous mode [ 838.174547] device veth0_macvtap left promiscuous mode [ 838.179926] device veth1_vlan left promiscuous mode [ 838.194864] device veth0_vlan left promiscuous mode [ 844.387212] device hsr_slave_1 left promiscuous mode [ 844.428092] device hsr_slave_0 left promiscuous mode [ 844.483394] team0 (unregistering): Port device team_slave_1 removed [ 844.493114] team0 (unregistering): Port device team_slave_0 removed [ 844.502474] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 844.547818] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 844.615163] bond0 (unregistering): Released all slaves 01:54:25 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x0, 0x0, 0x3a00}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x60, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29}, @routing={0x0, 0x4, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c"]}]}}}}}}, 0x92) 01:54:25 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000d00)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}}, 0xbe8) 01:54:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000900)=0xce, 0x7c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x1cb}, 0xeffdffff}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:25 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001940)="a5", 0xc01}], 0x1, 0x0, 0x0, 0x11e}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000600)="da", 0x220908}], 0x1}}], 0x4000000000001cc, 0x4000000) 01:54:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x420080, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000180)={0x0, 0x0, 0x100000000}) ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f00000001c0)={r2}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r5, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x24004801) r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x200000, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r7, 0x800443d3, &(0x7f0000000280)={@any, 0x40, 0x4, 0x8b}) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000002000100000072b79a3a1e5a25530f93d1f92e7b2569c6b6fa05af12866d620ef13e120d8a67661903447484f242d05b5455d4a63e495b551f10a190cbf6"]) ioctl$KVM_RUN(r6, 0xae80, 0x0) 01:54:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 844.727616] input: syz1 as /devices/virtual/input/input452 [ 844.805314] ------------[ cut here ]------------ [ 844.811650] ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x90 [ 844.821897] WARNING: CPU: 1 PID: 378 at lib/debugobjects.c:325 debug_print_object+0x160/0x250 [ 844.830567] Kernel panic - not syncing: panic_on_warn set ... [ 844.830567] [ 844.837921] CPU: 1 PID: 378 Comm: kworker/u4:3 Not tainted 4.19.107-syzkaller #0 [ 844.845440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.854784] Workqueue: netns cleanup_net [ 844.858817] Call Trace: [ 844.861445] dump_stack+0x188/0x20d [ 844.865063] panic+0x26a/0x50e [ 844.868236] ? __warn_printk+0xf3/0xf3 [ 844.872124] ? debug_print_object+0x160/0x250 [ 844.876598] ? __probe_kernel_read+0x16c/0x1b0 [ 844.881172] ? __warn.cold+0x5/0x46 [ 844.884773] ? __warn+0xe4/0x1c0 [ 844.888119] ? debug_print_object+0x160/0x250 [ 844.892596] __warn.cold+0x20/0x46 [ 844.896113] ? debug_print_object+0x160/0x250 [ 844.900590] report_bug+0x262/0x2a0 [ 844.904228] do_error_trap+0x1d7/0x310 [ 844.908114] ? math_error+0x310/0x310 [ 844.911953] ? irq_work_claim+0xa6/0xc0 [ 844.915909] ? irq_work_queue+0x2b/0x80 [ 844.919861] ? wake_up_klogd+0x8c/0xc0 [ 844.923723] ? trace_hardirqs_off_caller+0x55/0x210 [ 844.928733] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 844.933552] invalid_op+0x14/0x20 [ 844.936983] RIP: 0010:debug_print_object+0x160/0x250 [ 844.942067] Code: dd 60 0f ab 87 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd 60 0f ab 87 48 c7 c7 a0 04 ab 87 e8 fb 02 e7 fd <0f> 0b 83 05 c3 b6 37 06 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89 [ 844.960961] RSP: 0000:ffff8880a8e878e8 EFLAGS: 00010082 [ 844.966316] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 844.973606] RDX: 0000000000000000 RSI: ffffffff8152c6e1 RDI: ffffed10151d0f0f [ 844.980880] RBP: 0000000000000001 R08: ffff8880a8e740c0 R09: ffffed1015ce3ee3 [ 844.988163] R10: ffffed1015ce3ee2 R11: ffff8880ae71f717 R12: ffffffff88b9faa0 [ 844.995412] R13: ffffffff81581220 R14: ffffffff8b8cd948 R15: ffff8880a860dae0 [ 845.002668] ? __internal_add_timer+0x1d0/0x1d0 [ 845.007322] ? vprintk_func+0x81/0x17e [ 845.011203] ? debug_print_object+0x160/0x250 [ 845.015681] ? __free_object+0xdd/0x1e0 [ 845.019652] debug_check_no_obj_freed+0x2a3/0x42e [ 845.024479] kfree+0xbb/0x220 [ 845.027569] ? xps_cpus_store+0x2a0/0x2a0 [ 845.031697] kvfree+0x59/0x60 [ 845.034798] device_release+0x76/0x210 [ 845.038665] ? device_remove_bin_file+0x30/0x30 [ 845.043316] kobject_put+0x17c/0x270 [ 845.047014] netdev_run_todo+0x4f1/0x740 [ 845.051055] ? register_netdev+0x50/0x50 [ 845.055098] ? sysfs_remove_group+0xee/0x1b0 [ 845.059489] ? net_set_todo+0xb9/0x140 [ 845.063355] default_device_exit_batch+0x309/0x3c0 [ 845.068264] ? unregister_netdevice_many+0x50/0x50 [ 845.073172] ? do_wait_intr_irq+0x270/0x270 [ 845.077473] ? unregister_netdevice_many+0x50/0x50 [ 845.082380] ? dev_change_net_namespace+0xb90/0xb90 [ 845.087379] ops_exit_list.isra.0+0xef/0x140 [ 845.091793] cleanup_net+0x3bf/0x850 [ 845.095488] ? net_drop_ns+0x90/0x90 [ 845.099182] ? __lock_is_held+0x50/0x140 [ 845.103247] process_one_work+0x91f/0x1640 [ 845.107482] ? pwq_dec_nr_in_flight+0x310/0x310 [ 845.112139] worker_thread+0x96/0xe20 [ 845.115924] ? process_one_work+0x1640/0x1640 [ 845.120406] kthread+0x34a/0x420 [ 845.123760] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 845.129276] ret_from_fork+0x24/0x30 [ 845.132972] [ 845.132975] ====================================================== [ 845.132978] WARNING: possible circular locking dependency detected [ 845.132980] 4.19.107-syzkaller #0 Not tainted [ 845.132983] ------------------------------------------------------ [ 845.132986] kworker/u4:3/378 is trying to acquire lock: [ 845.132988] 0000000020e1a67c ((console_sem).lock){-.-.}, at: down_trylock+0xe/0x60 [ 845.132995] [ 845.132997] but task is already holding lock: [ 845.132999] 000000004fcf5cef (&obj_hash[i].lock){-.-.}, at: debug_check_no_obj_freed+0xc4/0x42e [ 845.133007] [ 845.133009] which lock already depends on the new lock. [ 845.133011] [ 845.133012] [ 845.133015] the existing dependency chain (in reverse order) is: [ 845.133016] [ 845.133017] -> #5 (&obj_hash[i].lock){-.-.}: [ 845.133024] debug_object_activate+0x131/0x4e0 [ 845.133027] enqueue_hrtimer+0x27/0x3f0 [ 845.133029] hrtimer_start_range_ns+0x580/0xbe0 [ 845.133031] schedule_hrtimeout_range_clock+0x17a/0x360 [ 845.133034] wait_task_inactive+0x443/0x550 [ 845.133036] __kthread_bind_mask+0x1f/0xb0 [ 845.133038] init_rescuer.part.0+0xf2/0x190 [ 845.133040] workqueue_init+0x504/0x7e9 [ 845.133043] kernel_init_freeable+0x2bd/0x5bb [ 845.133044] kernel_init+0xd/0x1c0 [ 845.133046] ret_from_fork+0x24/0x30 [ 845.133048] [ 845.133049] -> #4 (hrtimer_bases.lock){-.-.}: [ 845.133056] lock_hrtimer_base.isra.0+0x6d/0x120 [ 845.133059] hrtimer_start_range_ns+0xf5/0xbe0 [ 845.133061] enqueue_task_rt+0x97f/0xdf0 [ 845.133063] __sched_setscheduler.constprop.0+0xc79/0x1df0 [ 845.133065] _sched_setscheduler+0xee/0x180 [ 845.133068] watchdog_dev_init+0xdd/0x1ae [ 845.133070] watchdog_init+0x14/0x17e [ 845.133072] do_one_initcall+0xf1/0x734 [ 845.133074] kernel_init_freeable+0x4c9/0x5bb [ 845.133076] kernel_init+0xd/0x1c0 [ 845.133078] ret_from_fork+0x24/0x30 [ 845.133079] [ 845.133080] -> #3 (&rt_b->rt_runtime_lock){-.-.}: [ 845.133087] rq_online_rt+0xaf/0x390 [ 845.133089] set_rq_online.part.0+0xe3/0x140 [ 845.133091] sched_cpu_activate+0x17f/0x270 [ 845.133094] cpuhp_invoke_callback+0x213/0x1bb0 [ 845.133096] cpuhp_thread_fun+0x440/0x840 [ 845.133098] smpboot_thread_fn+0x653/0x9d0 [ 845.133100] kthread+0x34a/0x420 [ 845.133102] ret_from_fork+0x24/0x30 [ 845.133103] [ 845.133104] -> #2 (&rq->lock){-.-.}: [ 845.133111] task_fork_fair+0x6a/0x520 [ 845.133113] sched_fork+0x3a7/0x8b0 [ 845.133115] copy_process.part.0+0x187d/0x7a60 [ 845.133117] _do_fork+0x22f/0xf40 [ 845.133119] kernel_thread+0x2f/0x40 [ 845.133121] rest_init+0x1f/0x212 [ 845.133123] start_kernel+0x7e4/0x81c [ 845.133125] secondary_startup_64+0xa4/0xb0 [ 845.133126] [ 845.133127] -> #1 (&p->pi_lock){-.-.}: [ 845.133134] try_to_wake_up+0x80/0xe90 [ 845.133136] up+0x92/0xe0 [ 845.133138] __up_console_sem+0xb3/0x1c0 [ 845.133140] console_unlock+0x64d/0xfe0 [ 845.133142] vprintk_emit+0x282/0x6e0 [ 845.133144] vprintk_func+0x79/0x17e [ 845.133146] printk+0xba/0xed [ 845.133148] kauditd_hold_skb.cold+0x41/0x50 [ 845.133150] kauditd_send_queue+0x12d/0x170 [ 845.133152] kauditd_thread+0x6f4/0xa20 [ 845.133154] kthread+0x34a/0x420 [ 845.133156] ret_from_fork+0x24/0x30 [ 845.133157] [ 845.133158] -> #0 ((console_sem).lock){-.-.}: [ 845.133166] _raw_spin_lock_irqsave+0x8c/0xbf [ 845.133168] down_trylock+0xe/0x60 [ 845.133170] __down_trylock_console_sem+0xa3/0x210 [ 845.133172] console_trylock+0x12/0x90 [ 845.133174] vprintk_emit+0x269/0x6e0 [ 845.133176] vprintk_func+0x79/0x17e [ 845.133178] printk+0xba/0xed [ 845.133180] __warn_printk+0x9b/0xf3 [ 845.133182] debug_print_object+0x160/0x250 [ 845.133184] debug_check_no_obj_freed+0x2a3/0x42e [ 845.133186] kfree+0xbb/0x220 [ 845.133188] kvfree+0x59/0x60 [ 845.133190] device_release+0x76/0x210 [ 845.133192] kobject_put+0x17c/0x270 [ 845.133194] netdev_run_todo+0x4f1/0x740 [ 845.133196] default_device_exit_batch+0x309/0x3c0 [ 845.133199] ops_exit_list.isra.0+0xef/0x140 [ 845.133201] cleanup_net+0x3bf/0x850 [ 845.133203] process_one_work+0x91f/0x1640 [ 845.133205] worker_thread+0x96/0xe20 [ 845.133207] kthread+0x34a/0x420 [ 845.133209] ret_from_fork+0x24/0x30 [ 845.133210] [ 845.133212] other info that might help us debug this: [ 845.133213] [ 845.133215] Chain exists of: [ 845.133216] (console_sem).lock --> hrtimer_bases.lock --> &obj_hash[i].lock [ 845.133225] [ 845.133227] Possible unsafe locking scenario: [ 845.133228] [ 845.133230] CPU0 CPU1 [ 845.133233] ---- ---- [ 845.133234] lock(&obj_hash[i].lock); [ 845.133239] lock(hrtimer_bases.lock); [ 845.133244] lock(&obj_hash[i].lock); [ 845.133248] lock((console_sem).lock); [ 845.133252] [ 845.133253] *** DEADLOCK *** [ 845.133255] [ 845.133257] 4 locks held by kworker/u4:3/378: [ 845.133258] #0: 0000000059862c9b ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x81a/0x1640 [ 845.133267] #1: 00000000fad1cd4d (net_cleanup_work){+.+.}, at: process_one_work+0x84e/0x1640 [ 845.133275] #2: 000000007c2f1979 (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x850 [ 845.133284] #3: 000000004fcf5cef (&obj_hash[i].lock){-.-.}, at: debug_check_no_obj_freed+0xc4/0x42e [ 845.133296] [ 845.133298] stack backtrace: [ 845.133301] CPU: 1 PID: 378 Comm: kworker/u4:3 Not tainted 4.19.107-syzkaller #0 [ 845.133305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 845.133307] Workqueue: netns cleanup_net [ 845.133310] Call Trace: [ 845.133312] dump_stack+0x188/0x20d [ 845.133314] print_circular_bug.isra.0.cold+0x1c4/0x282 [ 845.133317] __lock_acquire+0x2e19/0x49c0 [ 845.133319] ? add_lock_to_list.isra.0+0x179/0x330 [ 845.133321] ? save_trace+0xd6/0x290 [ 845.133323] ? mark_held_locks+0xf0/0xf0 [ 845.133325] ? format_decode+0x230/0xad0 [ 845.133327] ? kvm_clock_read+0x14/0x30 [ 845.133329] lock_acquire+0x170/0x400 [ 845.133331] ? down_trylock+0xe/0x60 [ 845.133334] _raw_spin_lock_irqsave+0x8c/0xbf [ 845.133336] ? down_trylock+0xe/0x60 [ 845.133337] down_trylock+0xe/0x60 [ 845.133339] ? vprintk_emit+0x269/0x6e0 [ 845.133342] __down_trylock_console_sem+0xa3/0x210 [ 845.133344] console_trylock+0x12/0x90 [ 845.133346] vprintk_emit+0x269/0x6e0 [ 845.133348] ? __internal_add_timer+0x1d0/0x1d0 [ 845.133350] vprintk_func+0x79/0x17e [ 845.133352] printk+0xba/0xed [ 845.133354] ? kmsg_dump_rewind_nolock+0xd9/0xd9 [ 845.133356] ? mark_held_locks+0xf0/0xf0 [ 845.133358] ? __warn_printk+0x8f/0xf3 [ 845.133360] ? work_on_cpu_safe+0x90/0x90 [ 845.133362] __warn_printk+0x9b/0xf3 [ 845.133364] ? add_taint.cold+0x16/0x16 [ 845.133366] ? lock_downgrade+0x740/0x740 [ 845.133368] ? work_on_cpu_safe+0x90/0x90 [ 845.133370] debug_print_object+0x160/0x250 [ 845.133372] ? __free_object+0xdd/0x1e0 [ 845.133375] debug_check_no_obj_freed+0x2a3/0x42e [ 845.133376] kfree+0xbb/0x220 [ 845.133378] ? xps_cpus_store+0x2a0/0x2a0 [ 845.133380] kvfree+0x59/0x60 [ 845.133382] device_release+0x76/0x210 [ 845.133384] ? device_remove_bin_file+0x30/0x30 [ 845.133386] kobject_put+0x17c/0x270 [ 845.133388] netdev_run_todo+0x4f1/0x740 [ 845.133390] ? register_netdev+0x50/0x50 [ 845.133392] ? sysfs_remove_group+0xee/0x1b0 [ 845.133394] ? net_set_todo+0xb9/0x140 [ 845.133397] default_device_exit_batch+0x309/0x3c0 [ 845.133399] ? unregister_netdevice_many+0x50/0x50 [ 845.133401] ? do_wait_intr_irq+0x270/0x270 [ 845.133403] ? unregister_netdevice_many+0x50/0x50 [ 845.133406] ? dev_change_net_namespace+0xb90/0xb90 [ 845.133408] ops_exit_list.isra.0+0xef/0x140 [ 845.133410] cleanup_net+0x3bf/0x850 [ 845.133412] ? net_drop_ns+0x90/0x90 [ 845.133414] ? __lock_is_held+0x50/0x140 [ 845.133416] process_one_work+0x91f/0x1640 [ 845.133418] ? pwq_dec_nr_in_flight+0x310/0x310 [ 845.133420] worker_thread+0x96/0xe20 [ 845.133422] ? process_one_work+0x1640/0x1640 [ 845.133424] kthread+0x34a/0x420 [ 845.133427] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 845.133429] ret_from_fork+0x24/0x30 [ 846.266087] Shutting down cpus with NMI [ 847.066243] Kernel Offset: disabled [ 847.069865] Rebooting in 86400 seconds..