b27b55cfe23acb8752857c95aae3cabf890e7381f3819e595a05fb577c814eff0bde84546e024b56b9a7b4b31f7aa13e97e83e467f3d054fef5a1c4050a6e0646049ca41d88e451affc224f1741046fa6d37e6716cef4745bf5a46566389fb16b908a4af1d48549c169fecd441f2e323184e12daece2431a1a31a3f5079ec7b4d34fdfb8db96912572b4bb7cd39bf6137bf85afa8c58b664a3b0e355296008502da1bc03b85a4ca87090a184e59aae22614fd8bbeec9c3507751f14a2fd1b11ca93931c55fafb8d839d0439b5654ddd3e49fe68aa2b72237d2b48ccb2b48106c9a7e77c05cb18b1b536159f0961e92584dde0731a7f53bb4412bdcaed56d28bb9408eda5bccfe2c4b2b42c12ba2efae4895d77ebeb77c7ae3cca379b81f34d87f3a267f7449cb11995b1a1ba5fddcd22e9ddcd943d679111468fbee00eafc6e9be42a6d85b054b0cdd2c43501e6991c287a69d28a9e8125b06599f92c5b4e0a4d9f20db2ba1153ca7f91aeac884609d6c1c24790993818c706003cf633e87b0517584898596d47f947f9003efcc7193c770b0cbccaf47c61f7efc68c8e034e657353ba440c698076a0e846f1cbee819c1b70ed7655aa3ac87916f61d026c7c294e656dd5fd775a22c81c5e6d79ca06d296f818e57133667092ad2a31531cf5f23b5b359f1d6004cfbb9bedd221dc90814a24be522b98dc441ef145cfb8ba7752d9a6ab096ff303139b1dd553a2451b5ef170ed11f2dd2d08b08391df4a67b2930f4643d763a0a2c4069e586fa2eb18c4bd247d3fec78845faece8ee6f53b07a717583d68d072cd45a1e2b5be2203dc5668c3c1f1e468bbfbd11cb2e760c3c5543ded667f53656f64e082ff3a76807469b34d83f144586abdd07af92b2dc74505b54616b5a2d48ed27ebab35c60e51712ed45aec7c55ebd2753643960d5ed3b8976315cd54b000f7c241cd14aacd50dab9d59d5172353bf4fc0e74eba7bb7053aa4b02ffabeba36416855fb381ff59f946751404ac8309164646c01560c317eda1266a0f47c1268e9254e19fddd492061fa8645c1e7c3d4a870aef117422a2cce23062866ac68315cd4c0762b5a56ecd8a2b26299c323437a658c57f5356361b49823463cc1bba566e9041ee824184ba722f5d0e69e95e88588936973b7c357a34334e4c9f16783d7c108bf2505878345851e99d55e1c271e718e819b1b5acf706f46797ec1c72d7ebffd3f6d065ba84ea1b5d951f72b13ac3f281e712dc418680c2b44d89df561f06f82254908eafa2ed372ea441d33f5c5522daac20c37ced555942df9cd106b8a53a6c457ca77bfc320136a06cd6d6b15c5b3afa6ff8d89d7ad9b0c8f38872e2ed17f83d6f0758dc6fcec40b922d7714c51a55c3f209afaa6ecafe9a9b80039e95d64ab0e2d256de5e52f236be8f87450d8fbdaa8011bae93c5a4ca423b783a7590c790bcf5c3c6383f108c8e10e730aa73caed8897c6703b4e009850111d560b86c3f9c1bf3c3608bcb108b770382c3804034561f52a1a76f26884ee569355942166758b50484491d801870052ddbba2d916c877ef7cea6cfc3027f9c8512fb22c46e233e036b9b0f14c686c5bfecfedf241dc79d4c8eeb794e58d3d0299ef2a3a9787c15c4698c59c795b3141125510cefe691a841092118710ebbac6da89a7b807ebdcc5d89e379927960252791c3ca7068e251b8fcbeda09692bd6c2cd24b98c4fe263763f73d25219c40d793350ea9daaab1ae358b330d0391e39da1a9e00714f1cd1447add7fc8b67bf0865378d4d96d580eb68aee42732046e7be864987daa36778d0ec74bfd9acbfda5eab80b5cef721c63fb0e6af85f1b4b384738a9007f030d8e275ad78c8e5b5080a281ba779829f6032e06587f5da584c9e92151862e0112bb259c150d483a7cb22b4bd643127dc7b58d06779800783378842a90735f3212cecc458d2f5ec9fb2d1bdb954e844c179741fb51e437893a17f155a8f21129f092207011ad65dc1bc2eb2f77bd940b3f84a3e9dbfa81434ca8d4fa16198e136ea21766273010f639c6edf8fb2649a307378558fd7e02a657c97fe7cc39d6738480c3de7da379e889d88fc90163b7362bfa4fdbf35879fa2a464993a480cf13a3ac98546eb5e757af2783770c1da1d6fdf4e31d037c1a8534df63ff9b2411ee9ff89b2bdf078138c1cbe70e3a5c1d41360506d664e6fa29f484c419997ae0c66291f1c1fb4749083e12b9838a4e5cae339878de378776280360ba8bef2f22a6572b6113fb7792c98e8d4e39fa5d50c6022e69c951c9d79a65f4ec90ec9dd3cf738b7bb54588248e891ab93eae6b60e7d9e93ef7938db7aedb18731762593845fb53dd5aa802fcff0962443959bc37832f2abca7628a324422bf188f40de332f6b87c945c1ed8191961a5477d32ce1f5f2eb8c745257681abe9af6a02542087d834de1464a49e67ef246996dea0e0650585d6f7b636320b6eb13c7aa03a8fb7882628305687cb3ab4b4c9b5a5292f9e997b44eb9eb7f91a21e89a13b3f13f97eacd6931ab62b021cd7adeba09691a2370a2fc488cc659a4ea4ee9e2296ff4a4378a9fc33fb96734af197c9c2b37415a264a82d34cf0ee93c95efcca98aaf3029c27b4650cac2ff3520689847d985f4a381bfca553b2d7c014576e1e6a7a493d84300f5a5b6ec85d53040bcf7fddc0ff0337e99d6bd94936fc6c053524f1d7e7e65f134168411d9183f7daa2d9f0a833e49296a25ca05b881c8e293a5bf77bd4a3e44b6c1b4aab4aef64e0afec2534bfad4e89e40edc255b50a2a44e4fb326f04b4cf3109a3b1215337ca768beea98e2004c539333a81d31096f39c325ffb3806e278cd8118c94f4c79d6434f67a7a43afd364c6f0fe9cff0441046b173d0b6689baf1a75e9fc75cb790c82ac5178b700a6222f8098c8c159e65795b7da7d1536b7cdfe322c464e242734b7af964e25663dc875ff9c65909d814b2b6e438287c95f0d0c8beab66698542966c8b73c763e2eb59849cce54824049458336beb64949c2cdb996ccc663ddd2c752c32c4e5c9ed59e75a8cb1168a59f46a4672ee9272823530852df6acd1728053eda0abcba216eecf7bae0a49ec78ea09894cb1a0da69ba4d55ad5cdf370f071c8df3104dbf78981e088b8c351a93e2eef78ca622cf8640add3c90250dedfc368e3405c1a38edf3b6c4976b5ffc7baae1d8e526ff8973d21fe1462770dc82db2cf5fe877e5721af20300b4b1d620b9255841d9ac70fb2c67c0e4c917b561a989819ee55d6a94418237ccd420724666faca7ee69e63a4e977879da8f37c3907fb57fb5d0cd6d84273951a55cfd3947feeecb4881c6b7d8b0ddde7c5010dbda2c958e013d7c2f8d9db6e80b7c588521f55495dcb0ab1304b1d04e64cef22fd1f034fec51e127eb450a5a7ff070b1b2c7b5f1c1b8d086e63e98de2f10ffc082213b71dca8880f72aaf6a0f94172342b13f29de8cd0c59e2d5d3f9a3e9d4f7a451131d30f4155328a241f8883196e14bdf0fdc42296f890c06e3dd4f51151656b40eaecc39c96663e10275b786c62179f3315a7f0beca803a121a4ad670739f7a15d870d3686538b2ee07e9f6fea949cf1670ec7dabd1acabd860d4eabffa13b0168127e76985abe8510769d0a24685805f8d835c5d6a9b688521c72dfea54efedcfb9b417c89fb0f87daa2fbbdafceb73cb2157afde7bfe651a8522ae4a9770f8b3e4662fcbcb3fe252fddc83c5054fc10de195eb79607cea80390d47147c181a491b60e83b15145344279173628e87767a80f6bea54da3cb292d1ee4d2b224fe42ae56a40f33636d9d92a58919d8d434d81faa04251dff4273b44b5faaf777c2807e10af31ee443c596fc7f86c1540ead44adce73d5f15f55cd7c44f9573b41231d20891850d5eaa7c8ca860babbb69c5975dcb660f289b6e954542253dd4a7e310b643bc60d16f098db855205cec8983af25328432cef2f043a546c635a850dba4740cbb5b4a44c9e0fc512fda8e06af1e1dde0a291bfc8634c06c21712648f942ddef7686488f2f49c9228deb10f9e0b5d0c231060ddd1f7920da6c8a22a9e422a09ce955195f0681a3ad4856a519650f4be13a0c7f8a7a336c6f33926afd843acc7f3550ea2ff214d0e2eba5ae313e4c801ff4be0ff8cdae1cf84ef9b9583ce76de03947e8f17614382eeb7663212eaf63672108cbf704b8557a697d77a9e8cb83381c61df7dbb0f36c11e7fc17cd0bdd491b616239624140bcb71a6934433ac19bbe0f29a5204fdbc83400483b6904f28ad9186c4bf788ac9ca7213cdcf10e351e64c6d39d8057e295c7567ff13c1c19d97195a9e2eae93cc55949aa20dbb56be6687b6ccf31278c6cea4eae3994eafd70af54c2ba8829ed60db29535dee18be1aa7470572c13e1ad3cce4910596e91339ca9f6b05aa97a2049961d6536c26189492779b8fbe509602f83b659492ac0904c6e95f0e1cfeb6c63975c16cbaa9ce6b566d5f4c081d4041eb5c922ca8b078719d9c0c96f51b942df883aa48b2cc98e0ca9ffbd87d36099ca981db0e61a42525bd7f93e3aa9d83f2cc86275ee5f75126023e4f6e126d27081dace699887f22a4ad"}, 0x1004) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:31 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x3f000000) 16:42:31 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 1981.400372] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1981.444176] CPU: 1 PID: 30634 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1981.451344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1981.460704] Call Trace: [ 1981.463314] dump_stack+0x172/0x1f0 [ 1981.466956] dump_header+0x10f/0xb6c [ 1981.470682] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1981.475800] ? ___ratelimit+0x60/0x595 [ 1981.479718] ? do_raw_spin_unlock+0x57/0x270 [ 1981.484148] oom_kill_process.cold+0x10/0x6f5 [ 1981.488655] ? task_will_free_mem+0x139/0x6e0 [ 1981.493163] out_of_memory+0x79a/0x1280 [ 1981.497148] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1981.502265] ? oom_killer_disable+0x280/0x280 [ 1981.506762] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1981.511881] mem_cgroup_out_of_memory+0x99/0xe0 [ 1981.516562] ? memcg_memory_event+0x40/0x40 [ 1981.520900] ? _raw_spin_unlock+0x2d/0x50 [ 1981.525053] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1981.530162] try_charge+0xfec/0x1570 [ 1981.533877] ? find_held_lock+0x35/0x130 [ 1981.537950] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1981.542805] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1981.547648] ? find_held_lock+0x35/0x130 [ 1981.551719] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1981.556572] memcg_kmem_charge_memcg+0x7c/0x130 [ 1981.561241] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1981.565741] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1981.570587] memcg_kmem_charge+0x13b/0x340 [ 1981.574830] __alloc_pages_nodemask+0x437/0x710 [ 1981.579500] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1981.584526] ? ___might_sleep+0x163/0x280 [ 1981.588675] ? copyin+0xb5/0x100 [ 1981.592048] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1981.597599] alloc_pages_current+0x107/0x210 [ 1981.602015] pipe_write+0xa65/0xfb0 [ 1981.605655] __vfs_write+0x613/0x8e0 [ 1981.609619] ? kernel_read+0x120/0x120 [ 1981.613506] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1981.619071] ? rw_verify_area+0x118/0x360 [ 1981.623232] vfs_write+0x20c/0x580 [ 1981.626783] ksys_write+0xea/0x1f0 [ 1981.630342] ? __ia32_sys_read+0xb0/0xb0 [ 1981.634438] ? do_syscall_64+0x26/0x610 [ 1981.638421] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1981.643800] ? do_syscall_64+0x26/0x610 [ 1981.647795] __x64_sys_write+0x73/0xb0 [ 1981.651693] do_syscall_64+0x103/0x610 [ 1981.655586] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1981.660779] RIP: 0033:0x457e39 [ 1981.663976] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1981.682898] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:42:31 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x57}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:31 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) socket$inet_tcp(0x2, 0x1, 0x0) [ 1981.690625] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1981.697914] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000006 [ 1981.705206] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1981.712486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 1981.719792] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 1981.736422] Bluetooth: Invalid header checksum 16:42:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1981.762613] Bluetooth: Invalid header checksum [ 1981.767287] Bluetooth: Invalid header checksum [ 1981.793466] Bluetooth: Invalid header checksum 16:42:31 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video0\x00', 0x2, 0x0) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$int_out(r0, 0x0, &(0x7f0000000080)) [ 1981.829008] memory: usage 307200kB, limit 307200kB, failcnt 651 [ 1981.865394] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1981.889614] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1981.904331] Memory cgroup stats for /syz5: cache:22976KB rss:260360KB rss_huge:249856KB shmem:23012KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283428KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1981.948855] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=30402,uid=0 [ 1982.012716] Memory cgroup out of memory: Kill process 30402 (syz-executor5) score 1160 or sacrifice child [ 1982.048323] Killed process 30402 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35800kB, shmem-rss:0kB [ 1982.081546] oom_reaper: reaped process 30402 (syz-executor5), now anon-rss:0kB, file-rss:34840kB, shmem-rss:40kB 16:42:32 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xea}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:32 executing program 1: r0 = syz_open_dev$usb(&(0x7f0000000340)='/dev/bus/usb/00#/00#\x00', 0x0, 0x410002) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000140)={'nat\x00', 0x0, 0x4, 0x9, [], 0x5, &(0x7f0000000080)=[{}, {}, {}, {}, {}], &(0x7f0000000100)=""/9}, &(0x7f00000001c0)=0x78) preadv(0xffffffffffffffff, &(0x7f0000001380), 0xffffffffffffff73, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)) fcntl$getown(r0, 0x9) getpgrp(0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400), &(0x7f0000000440)=0xc) fcntl$getownex(r0, 0x10, &(0x7f0000000480)={0x0, 0x0}) r2 = syz_open_procfs(r1, &(0x7f00000004c0)='net/ptype\x00\xc6\"\xed\xf5\xdcq\x14\xfc*\xe9k\x12e0\x01\x90_YW\xa3\xba\xdb&\xae%\xa34\x14\xbf\x9b\xcaU\x12\xd0]v\x00\x1981tN\xcc\xa7&\xcd\xeb%o\xe1\xd4\xcc\x8e\xfa\x94\xfemD:\x00az\xa1\xc6\x04\xa1\xb4*=\xd6\x9bMO\x04H*m\x99<&|\x16hP\x9b\xa3\xcd\xcf\xb5\xc1OaMl\xb0\xb2\x06\xd1!\xdc') ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000200)={{0x6, 0x7fffffff}, {0xaee8, 0x20}, 0x7ff, 0x2, 0x200}) preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) fdatasync(r2) 16:42:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x40000000) 16:42:32 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x58}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:32 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:42:32 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/55, 0x37}, {&(0x7f0000000080)=""/63, 0xfffffffffffffd0f}, {&(0x7f00000000c0)=""/147, 0x93}, {&(0x7f0000000180)=""/106, 0x6a}, {&(0x7f0000000300)=""/123, 0x7b}], 0x5, 0x38) 16:42:32 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 16:42:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfdfdffff) 16:42:32 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 16:42:32 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000440)=0x100000008001) preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/243, 0xf3}, {&(0x7f0000000180)=""/142, 0xffffffffffffff66}, {&(0x7f0000000240)=""/141, 0x8d}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f0000000000)=""/41, 0x109}], 0x5, 0x38) 16:42:32 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:32 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xeb}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfeffffff) 16:42:32 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x101000, 0x0) r0 = getpgrp(0xffffffffffffffff) r1 = syz_open_procfs(r0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:32 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 16:42:32 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x59}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:32 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x80000, 0x0) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000080)=0x3) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1982.974173] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1983.022576] CPU: 1 PID: 30719 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1983.029735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1983.029742] Call Trace: [ 1983.029769] dump_stack+0x172/0x1f0 [ 1983.029792] dump_header+0x10f/0xb6c [ 1983.029808] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1983.029824] ? ___ratelimit+0x60/0x595 [ 1983.029841] ? do_raw_spin_unlock+0x57/0x270 [ 1983.029860] oom_kill_process.cold+0x10/0x6f5 [ 1983.029877] ? task_will_free_mem+0x139/0x6e0 [ 1983.029907] out_of_memory+0x79a/0x1280 [ 1983.029928] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1983.029946] ? oom_killer_disable+0x280/0x280 [ 1983.029961] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1983.029985] mem_cgroup_out_of_memory+0x99/0xe0 [ 1983.030003] ? memcg_memory_event+0x40/0x40 [ 1983.071700] ? _raw_spin_unlock+0x2d/0x50 [ 1983.103446] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1983.108561] try_charge+0xfec/0x1570 [ 1983.112283] ? find_held_lock+0x35/0x130 [ 1983.116366] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1983.121220] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1983.126069] ? find_held_lock+0x35/0x130 [ 1983.130141] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1983.135007] memcg_kmem_charge_memcg+0x7c/0x130 [ 1983.139724] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1983.144245] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1983.149113] memcg_kmem_charge+0x13b/0x340 [ 1983.153376] __alloc_pages_nodemask+0x437/0x710 [ 1983.158074] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1983.163112] ? ___might_sleep+0x163/0x280 [ 1983.167280] ? copyin+0xb5/0x100 [ 1983.170671] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1983.176232] alloc_pages_current+0x107/0x210 [ 1983.180660] pipe_write+0xa65/0xfb0 [ 1983.184322] __vfs_write+0x613/0x8e0 [ 1983.188054] ? kernel_read+0x120/0x120 [ 1983.191945] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1983.197527] ? rw_verify_area+0x118/0x360 [ 1983.201683] vfs_write+0x20c/0x580 [ 1983.205235] ksys_write+0xea/0x1f0 [ 1983.208783] ? __ia32_sys_read+0xb0/0xb0 [ 1983.212849] ? do_syscall_64+0x26/0x610 [ 1983.216827] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1983.222193] ? do_syscall_64+0x26/0x610 [ 1983.226174] __x64_sys_write+0x73/0xb0 [ 1983.230070] do_syscall_64+0x103/0x610 [ 1983.233965] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1983.239154] RIP: 0033:0x457e39 [ 1983.242349] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1983.261262] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:42:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xff0f0000) 16:42:33 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) write$P9_RREADDIR(r0, &(0x7f0000000340)={0x68, 0x29, 0x1, {0x800, [{{0x9, 0x2, 0x8}, 0x3c, 0x4, 0x7, './file0'}, {{0x2, 0x4, 0x8}, 0x81, 0x40, 0x7, './file0'}, {{0x20, 0x2, 0x4}, 0x6, 0x5, 0x7, './file0'}]}}, 0x68) sendmsg$xdp(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d9049de39e5eff30829a510bf794df594d77ff81b32782142111f21c4469f2b5853f22422b543783b9168a799f2317c5f82f35aef27b53910035025b14413bfe20c66b080291178420f48bd9233df233241968f966c929e1b627c6dc01644785b681eb1961e80e25", 0x68}, {&(0x7f0000000100)="20be8ef8faf6107ee4c6497d2ab64b68aa4ca6baa1dffb68ed53d6f8ba50db4059dce96d2aa7e9a737d107f7a7399032c7c7d0b603f9064f9a15fa3bf859240f32c6a1a656b2219fb148518b5de9ad7c2a9a574c34c268778fab3e301812304bf06bc6ca5d46cb4ff42264022ded2c53f4fe4ec5943754e21e38f531d9fec57fe5d805dd0a0c", 0x86}, {&(0x7f00000001c0)="03e97734b951fade87dc0dbd7d4b625084f81ac878c8066ec82bee0b40317bd5bb5c0dd9e5e7611a41eda6288e69ba43dd7204b75b370baea08693b9d87235feb43f50626d2528efaaa1b3771f4fd3ef8a182a78353549c1f7df964dcf7d3d6c223bc28bd2ed9cb1a60e636115f8e5f6f4fbc79625f0272757a22a4c276bab29f0fc365e2aa243f4bafab474115f601988941833eb06adb517fd58c07300d8b286bf9c55ac1c82a36286df51dc2159ffaba105e42993cb81ff18e4f5af549af63780278c74", 0xc5}], 0x3, 0x0, 0x0, 0x8000}, 0x20000010) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000300)=0x3, 0x4) 16:42:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1983.268985] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1983.276270] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 1983.283560] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1983.290842] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 1983.298144] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:42:33 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 1983.543860] memory: usage 307168kB, limit 307200kB, failcnt 734 [ 1983.618734] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1983.627679] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1983.693739] Memory cgroup stats for /syz5: cache:23108KB rss:260192KB rss_huge:249856KB shmem:23144KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283308KB inactive_file:8KB active_file:0KB unevictable:0KB [ 1983.721667] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=30687,uid=0 16:42:33 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:33 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0x5, 0x70bd2c, 0x25dfdbfd, {{}, 0x0, 0x4102, 0x0, {0x18, 0x13, @l2={'eth', 0x3a, 'bridge_slave_0\x00'}}}, ["", "", "", "", "", ""]}, 0x34}}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x5a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:33 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfffffdfd) 16:42:33 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xec}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 1983.749210] Memory cgroup out of memory: Kill process 30687 (syz-executor5) score 1160 or sacrifice child [ 1983.760513] Killed process 30687 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35816kB, shmem-rss:0kB [ 1983.778324] oom_reaper: reaped process 30687 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:42:33 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') write$capi20_data(r0, &(0x7f0000000080)={{0x10, 0xfffffffffffffffb, 0x8, 0x81, 0x3ff, 0x1}, 0x70, "cde5479e9a779b6efbdf45a681a5fb3ac746e661de92210c269db7772ccf0b75b56673d42a68013e0d6214baeb58a30836b194ab444e911d8e6d2c0ee2af16e3ea3705f0ae960cc251c75e885a2af88b9b6793fe4c2c4005e1334e5f4291554f1fdde5f7bcdb4548e36b62db30a5a4de"}, 0x82) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') gettid() sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000001}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r1, 0x0, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x70}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x40000) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:34 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) readahead(r0, 0x2, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$FICLONE(r0, 0x40049409, r0) preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfffffffe) 16:42:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:34 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x80, 0x0) bind$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @hyper}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) setsockopt$TIPC_MCAST_REPLICAST(r1, 0x10f, 0x86) 16:42:34 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x4000000000000) 16:42:34 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x5b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:34 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x6, 0x400000) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000100)={r1, @in={{0x2, 0x4e23, @broadcast}}, 0x0, 0x20, 0x1000, 0x14, 0x4}, &(0x7f00000001c0)=0x98) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:34 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xed}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:34 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:34 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') fsetxattr$security_capability(r0, &(0x7f0000000000)='security.capability\x00', &(0x7f0000000080)=@v1={0x1000000, [{0x87, 0x9}]}, 0xc, 0x2) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:34 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x100000000000000) 16:42:34 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001800)='/dev/rtc0\x00', 0x40, 0x0) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000001840)=0x3) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x18c, 0x38) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000001340)={{0x7b, 0x7}, 0x8}, 0x10) readv(r2, &(0x7f0000001180)=[{&(0x7f0000000080)=""/95, 0x5f}, {}, {&(0x7f0000000100)=""/4096, 0x1000}, {&(0x7f0000001100)=""/97, 0x61}, {&(0x7f00000013c0)=""/241, 0xf1}, {&(0x7f00000014c0)=""/235, 0xeb}, {&(0x7f00000015c0)=""/244, 0xf4}], 0x7) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000012c0)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000000)='selfeth1:&em0%@,+$#\x00', 0xffffffffffffffff}, 0x30) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f00000016c0)={{0x4, 0x0, 0x50, 0x2, 'syz1\x00', 0x5}, 0x2, 0x510, 0x2, r3, 0x3, 0x4, 'syz1\x00', &(0x7f0000001300)=['vboxnet0}}\x00', 'net/unix\x00', 'net/unix\x00'], 0x1d, [], [0x800, 0x0, 0xfffffffffffffffd, 0x19b]}) 16:42:35 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xee}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x200000000000000) 16:42:35 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x5c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x4) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r1 = getpgrp(0xffffffffffffffff) fcntl$setown(r0, 0x8, r1) 16:42:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:35 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x300000000000000) 16:42:35 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xef}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:35 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) socketpair(0xb, 0x800, 0x1, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$SIOCAX25GETINFOOLD(r0, 0x89e9, &(0x7f00000000c0)) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000600), 0x0, 0x38) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000000)=0x3, 0x4) sendmsg$nfc_llcp(r0, &(0x7f00000005c0)={&(0x7f0000000100)={0x27, 0x1, 0x1, 0x1, 0x1, 0x7, "ac86e3f5e9bf64de709ec17974d9ef49d379d779dcfb1cce130e253bcdf47db6369ac5856792ce14f9e3e05815101010661bb7290652d20f62a577f2e3b38f", 0x1f}, 0x60, &(0x7f00000004c0)=[{&(0x7f0000000180)="81716131ff8c28669b8898346b774691a0099123ec075bdb4e40adb78dbd66bb95ffcf25f8e4499379e8a4bdf2bbd7", 0x2f}, {&(0x7f00000001c0)="166ce7e3080820cd10643cb16e7dfa47117132e405f9122852f3b07fc52fb264bf382eb7cf1bc40e91c72c36353c4ee01eac173a2d54484d3d9159b90a73a1998b756a9d4a680b51562ff2d003d81ffabf9876e68a78edfa2d1257a2439879139b495dd24376f5645f4570ec9e1db95664bc2bdb9805900cdf358c8eb110aae859d670862e0da849a979f5ba16c7859519427b0dd7f6f4ce859589a7bd4a3e4335ddd453621661e7e8967e002eb909474606e1fa43e1a38a4c2e6b45c31ee978c45046c50676618bfa25b1eccb65ca41e242044edd2b56aa1184c94473b2872287afb34cdc630915b8ba5160092a078a6319ef661a1b95eee9bf804edc", 0xfd}, {&(0x7f00000002c0)="41559efdfeced446ef6b409bbb91b6e1ce864cb738599d5f85f013746e94b2153f7582ee99a4f69350136a45cf93b01abf5ceb5dd2f8020c8bba68e2a870ad7cc35e2486cb250444449df58661cdf454cb831b3f4056ebbcced456448b9524c32e3936681e6b602318c75020ac169082cf42e0021cba25ba759adba90a7b42937fb4ec0bf034c91f17849e8ba4b65c", 0x8f}, {&(0x7f0000000380)="1fca97695a851328ebbf44402139051f8e14fb641f74a16c9848a6836bffde6dc17f6eee", 0x24}, {&(0x7f00000003c0)="4e643a31232d1eee37faae96acaf6f65f11a348a1efcd7d0cb9855b163865f730758689f5eda9c54a630b0d4c120406975623ae3342cfcfc76f886c5b4dce610d488656e2e66d57ee1d02600dfa1fd80b8d37a31bdce84a052650419b5f7da99c17aa340328499955e4b87d63f588b3fcc708ea4ef0614473f01ab54342c8fc8bb8bb0d6709c423dac6446392138afc41977cf9e3d707ca1bb426d1a450ea9013759ccf0fbcb0bc0b36724486024fb200a85c4c285dd3634601d3c613194b317c946154f5e7a4fbbfdf9af1ee0", 0xcd}], 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="50000000000000001100ac2fd90600200000000000195f398107b0703ea9fe4650e86713c16932c332000000000000643ae0d27b06198ce95e4c86f80fdce0209606483c4005f66453a0463e3b0258ea"], 0x50, 0x40}, 0x40) 16:42:35 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x80, 0x0) preadv(r0, &(0x7f0000000100), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='\xe9j\x10\bnet/u') readahead(r1, 0x1, 0x0) ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000040)={0x2, {0x9, 0x9, 0xa3b, 0x3584c72f}}) preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$KVM_GET_DEBUGREGS(r1, 0x8080aea1, &(0x7f0000000080)) 16:42:35 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x400000000000000) 16:42:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1985.823482] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1985.843272] CPU: 1 PID: 30886 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1985.850415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1985.859769] Call Trace: [ 1985.862405] dump_stack+0x172/0x1f0 [ 1985.866094] dump_header+0x10f/0xb6c [ 1985.869820] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1985.869838] ? ___ratelimit+0x60/0x595 [ 1985.869856] ? do_raw_spin_unlock+0x57/0x270 [ 1985.869875] oom_kill_process.cold+0x10/0x6f5 [ 1985.878854] ? task_will_free_mem+0x139/0x6e0 [ 1985.892284] out_of_memory+0x79a/0x1280 [ 1985.896274] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1985.901393] ? oom_killer_disable+0x280/0x280 [ 1985.905888] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1985.911004] mem_cgroup_out_of_memory+0x99/0xe0 [ 1985.915671] ? memcg_memory_event+0x40/0x40 [ 1985.919999] ? _raw_spin_unlock+0x2d/0x50 [ 1985.924158] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1985.929271] try_charge+0xfec/0x1570 [ 1985.932983] ? find_held_lock+0x35/0x130 [ 1985.937051] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1985.941901] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1985.946744] ? find_held_lock+0x35/0x130 [ 1985.950811] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1985.955660] memcg_kmem_charge_memcg+0x7c/0x130 [ 1985.960338] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1985.964837] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1985.969716] memcg_kmem_charge+0x13b/0x340 [ 1985.973977] __alloc_pages_nodemask+0x437/0x710 [ 1985.978679] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1985.983726] ? ___might_sleep+0x163/0x280 [ 1985.987912] ? copyin+0xb5/0x100 [ 1985.991320] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1985.996920] alloc_pages_current+0x107/0x210 [ 1986.001374] pipe_write+0xa65/0xfb0 [ 1986.005247] __vfs_write+0x613/0x8e0 [ 1986.008990] ? kernel_read+0x120/0x120 [ 1986.012902] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1986.018482] ? rw_verify_area+0x118/0x360 [ 1986.022660] vfs_write+0x20c/0x580 [ 1986.026237] ksys_write+0xea/0x1f0 [ 1986.029806] ? __ia32_sys_read+0xb0/0xb0 [ 1986.033898] ? do_syscall_64+0x26/0x610 [ 1986.037908] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1986.043327] ? do_syscall_64+0x26/0x610 [ 1986.047353] __x64_sys_write+0x73/0xb0 [ 1986.051269] do_syscall_64+0x103/0x610 [ 1986.055197] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1986.060406] RIP: 0033:0x457e39 [ 1986.063617] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1986.082535] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1986.090265] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1986.097553] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 1986.104834] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1986.112113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 16:42:36 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0xa348bed6246321c, 0x3a) [ 1986.119390] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 1986.133179] memory: usage 307200kB, limit 307200kB, failcnt 801 [ 1986.139778] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1986.146602] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1986.152873] Memory cgroup stats for /syz5: cache:22956KB rss:260148KB rss_huge:249856KB shmem:22984KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1986.177381] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=30836,uid=0 16:42:36 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x200, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000080)={{0x1, 0x4b}, 'port0\x00', 0xe8, 0x100808, 0x6, 0x1, 0x5, 0x47, 0x2, 0x0, 0x3, 0xb86}) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 1986.240836] Memory cgroup out of memory: Kill process 30836 (syz-executor5) score 1160 or sacrifice child [ 1986.267033] Killed process 30836 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35816kB, shmem-rss:0kB 16:42:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x5d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x500000000000000) 16:42:36 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf0}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:36 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:36 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x20000, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x28, 0x6, &(0x7f0000000080)={0x77359400}, 0x10) syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f00000000c0), 0x0, 0x0) 16:42:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:36 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000000), 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) 16:42:36 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x600000000000000) 16:42:36 executing program 1: r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000100)=0xe, 0x0) r1 = geteuid() r2 = getegid() getgroups(0x43, &(0x7f0000000400)=[0xee00, 0xee01, 0xee00, 0xffffffffffffffff, 0xee01]) lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010007000000000002000100", @ANYRES32=r1, @ANYBLOB="040002100200000008000400", @ANYRES32=r2, @ANYBLOB='\b\x00\a\x00', @ANYRES32=r3, @ANYBLOB="08000500", @ANYRES32=r4, @ANYBLOB="10000400000000002000020000000000"], 0x44, 0x2) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) fcntl$notify(r0, 0x402, 0x80000009) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r5, 0x40a85321, &(0x7f0000000340)={{0x101, 0x8}, 'port0\x00', 0x91, 0x20, 0x401, 0x41e2, 0x2016, 0x74c08249, 0x6, 0x0, 0x7, 0x1000}) syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x7f, 0x40000) ioctl$PPPIOCSNPMODE(r5, 0x4008744b, &(0x7f0000000300)={0x8077}) setsockopt$TIPC_MCAST_REPLICAST(r5, 0x10f, 0x86) syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x400001, 0x0) 16:42:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x5e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:36 executing program 1: r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x80800) preadv(r0, &(0x7f00000002c0), 0x100000000000037c, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) 16:42:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x700000000000000) 16:42:37 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf1}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:37 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000200)='/dev/md0\x00', 0x40048842, 0x0) r1 = getpgid(0xffffffffffffffff) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000080)) r2 = syz_open_procfs(r1, &(0x7f0000000180)='\x83\x00\x00\x00ip[[ab\x00es_matche\x05\x00\x00\x00\x00\x00\x00\x00f\xe70\xff\x11\xcb\x98\xcf>\x9da\x8f\xee\xa8M\x06\xd5\x91\xe7s\xc0(\xeb\x1f\"\"\xbby\xd2\xc3\x82V)W&\xf2\x1c\xdc\x1b!\xf5JzYrw\x06\xf2\v`8\x1f\\E\x8e\xac\x04&E\xa9Px\xfb&\xca6\f\xedR2\x8e\xde\x82\xb5oN\x13\xc2\xf1\xa9\x1a\xfcg8A\xf1\xb2\v\xb1\xa8\xe1Z\xb2\xcf') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) 16:42:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf00000000000000) 16:42:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:37 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000800}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r1, 0x210, 0x70bd2c, 0x25dfdbfc, {{}, 0x0, 0x4107, 0x0, {0x4c, 0x18, {0x10001, @media='ib\x00'}}}, ["", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x1) ioctl$TIOCGPTPEER(r0, 0x5441, 0xfff) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:37 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x5f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:37 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x1}, &(0x7f0000000080)=0xc) link(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00') getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000000c0)={r1, @in6={{0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0x15}, 0x3}}, 0xb7e, 0xc32b, 0x8, 0x6, 0x3}, &(0x7f0000000180)=0x98) 16:42:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1000000000000000) 16:42:37 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) syz_open_procfs(r1, &(0x7f0000000080)='limits\x00') 16:42:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:37 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf2}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:37 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1d00000000000000) 16:42:37 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/relabel\x00', 0x2, 0x0) pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000340)="418850b18df1e519913d2e2a11ef344f1ba0da5f65379dd2ace691f40bf043c2c4fdeaa8c4b27f9bb0e30904ba41b9e454708e122b78574d9d623700a4923e9a88c002f81926d4e5debfcbc5d3e01716c7877f50e9d2a729d0f5b2e38112", 0x5e}, {&(0x7f00000003c0)="09a28f4d1269a71aeafbcee2c100d7ae327ddd5a", 0x14}, {&(0x7f0000000400)="34006ac097511652a06861c6345f6c7408fbf1fee06a65c7fbf742049ad1bd749e4736707446136295fb97ec8945118890b95a04b2f26fa0d13443fc31c3caa4bc959380", 0x44}, {&(0x7f0000000480)="c2708cdb2be574daa053e322a90af55876f345d7c155c01e4a05e9f5c0d4e23be1178f51ffb311a732cf881a34990e2b416f41a40b2b921783e62cf39a4e0e4c3eff847d5f89d1c0a82c8903eeaed22ebbfbd5ae507d10726bc58ae87d101572a081c68910bd35fe5f32e323", 0x6c}], 0x4, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000080)) preadv(r1, &(0x7f0000000480), 0x1000000000000399, 0x0) r2 = timerfd_create(0x6, 0x80800) getresuid(&(0x7f0000000180)=0x0, &(0x7f00000001c0), &(0x7f0000000200)) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x800, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x8}}, {@cache_mmap='cache=mmap'}, {@cache_none='cache=none'}], [{@euid_gt={'euid>', r3}}]}}) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f00000000c0)) 16:42:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x60}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:37 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:38 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, r0, 0x0, 0x9, &(0x7f0000000000)='net/unix\x00', 0xffffffffffffffff}, 0x30) process_vm_writev(r1, &(0x7f0000000700)=[{&(0x7f00000000c0)=""/170, 0xaa}, {&(0x7f0000000180)=""/138, 0x8a}, {&(0x7f0000000240)=""/205, 0xcd}, {&(0x7f0000000340)=""/217, 0xd9}, {&(0x7f0000000440)=""/129, 0x81}, {&(0x7f0000000500)=""/102, 0x66}, {&(0x7f0000000580)=""/85, 0x55}, {&(0x7f0000000600)=""/135, 0x87}, {&(0x7f00000006c0)=""/43, 0x2b}], 0x9, &(0x7f0000000880)=[{&(0x7f00000007c0)=""/178, 0xb2}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2, 0x0) preadv(r0, &(0x7f0000000480), 0x21206398ffa4aef, 0x38) 16:42:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x3f00000000000000) 16:42:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:38 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) getpgid(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffff9c, 0x0, 0x9, &(0x7f0000000140)='net/unix\x00', 0x0}, 0x30) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x10001, 0x0) setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000100), 0x4) r3 = fcntl$getown(0xffffffffffffffff, 0x9) r4 = syz_open_procfs(r3, &(0x7f00000001c0)='fd/4\x00') bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r0, r4, 0x0, 0x5, &(0x7f0000000040)='fd/4\x00', r1}, 0x30) [ 1988.264903] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1988.283755] CPU: 1 PID: 31045 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1988.290866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1988.300217] Call Trace: [ 1988.302807] dump_stack+0x172/0x1f0 [ 1988.306443] dump_header+0x10f/0xb6c [ 1988.310160] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1988.315264] ? ___ratelimit+0x60/0x595 [ 1988.319153] ? do_raw_spin_unlock+0x57/0x270 [ 1988.323566] oom_kill_process.cold+0x10/0x6f5 [ 1988.328063] ? task_will_free_mem+0x139/0x6e0 [ 1988.332568] out_of_memory+0x79a/0x1280 [ 1988.336546] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1988.341655] ? oom_killer_disable+0x280/0x280 [ 1988.346146] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1988.351258] mem_cgroup_out_of_memory+0x99/0xe0 [ 1988.355926] ? memcg_memory_event+0x40/0x40 [ 1988.360256] ? _raw_spin_unlock+0x2d/0x50 [ 1988.364404] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1988.369503] try_charge+0xfec/0x1570 [ 1988.373211] ? find_held_lock+0x35/0x130 [ 1988.377273] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1988.382113] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1988.386953] ? find_held_lock+0x35/0x130 [ 1988.391015] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1988.395864] memcg_kmem_charge_memcg+0x7c/0x130 [ 1988.400534] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1988.405054] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1988.409904] memcg_kmem_charge+0x13b/0x340 [ 1988.414145] __alloc_pages_nodemask+0x437/0x710 [ 1988.418815] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1988.423830] ? ___might_sleep+0x163/0x280 [ 1988.427981] ? copyin+0xb5/0x100 [ 1988.431354] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1988.436902] alloc_pages_current+0x107/0x210 [ 1988.441322] pipe_write+0xa65/0xfb0 [ 1988.444963] __vfs_write+0x613/0x8e0 [ 1988.448676] ? kernel_read+0x120/0x120 [ 1988.452558] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1988.458111] ? rw_verify_area+0x118/0x360 [ 1988.462263] vfs_write+0x20c/0x580 [ 1988.465803] ksys_write+0xea/0x1f0 [ 1988.469343] ? __ia32_sys_read+0xb0/0xb0 [ 1988.473403] ? do_syscall_64+0x26/0x610 [ 1988.477380] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1988.482744] ? do_syscall_64+0x26/0x610 [ 1988.486722] __x64_sys_write+0x73/0xb0 [ 1988.490610] do_syscall_64+0x103/0x610 [ 1988.494501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1988.499687] RIP: 0033:0x457e39 [ 1988.502882] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1988.521778] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1988.529495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1988.536761] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 1988.544022] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1988.554067] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 1988.561338] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:42:38 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) timer_create(0x3, 0x0, &(0x7f0000000000)) setxattr$security_evm(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000100)=@v1={0x2, "17b603666ed75b1c630045bcbd14fd9f0fc2cb"}, 0x14, 0x33e0d456424aa5d7) exit(0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1988.632568] memory: usage 307200kB, limit 307200kB, failcnt 874 [ 1988.656183] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1988.719756] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1988.745869] Memory cgroup stats for /syz5: cache:22956KB rss:259772KB rss_huge:249856KB shmem:22984KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282888KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1988.778173] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31017,uid=0 [ 1988.810058] Memory cgroup out of memory: Kill process 31017 (syz-executor5) score 1160 or sacrifice child 16:42:38 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf3}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x4000000000000000) 16:42:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1988.836882] Killed process 31017 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35816kB, shmem-rss:0kB [ 1988.866928] oom_reaper: reaped process 31017 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:42:38 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x61}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:38 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfdfdffff00000000) 16:42:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfeffffff00000000) 16:42:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:39 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) sendmsg$nfc_llcp(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x2, 0x30, "d439e74c7b9ae92076def093e0314f6132dbc3d3ed272969e5b0e5de360b188eb776fd2aa81edba86a3a374d7dbc215cdb8d6985f1c0384d77fb03acf02bc1", 0xb}, 0x60, &(0x7f0000000100)=[{&(0x7f0000000000)="20717f798822335c307735d86ca8bb8c4f9daf0206980bfb9b8ce64cb4dffe32cd4c3ff17a7a379602cbf01c66613a02d784216b4ee0f99001dde6", 0x3b}], 0x1, &(0x7f0000000140)={0xf0, 0x116, 0x7, "3933f569b94c66236d1ea990fca72c3be5518f679ca8513bda2382481d61965ee1d465b885f44ad8dc8321620771f60509a15f43506530f2805f6fedc1fedb85519e2ddce62186395659f696d5a7fb0ca5781aea44f40f273cd1ff322f475d4107e493858316a0e6dfccb913043c61306f1a62fe7686cb8483af3233727ca99169e5af90a4e98bbf04c21e98c0d6934454d41c51b167e20df2609f93303ffc0ada945e1eb6f0acf1586d966795d14a9bce33900fbce856135a3a30c1e1b08b951baa09376bba31e1ca520ed00431167d3024079192da1d581f4f89aba1faaf"}, 0xf0, 0x4}, 0x800) connect$rxrpc(r0, &(0x7f0000000280)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x17}}}, 0x24) 16:42:39 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf4}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xff0f000000000000) 16:42:39 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:39 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xc89, 0x8000) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) getpid() gettid() r1 = getpgrp(0xffffffffffffffff) r2 = syz_open_procfs(r1, &(0x7f0000000040)='net/ptype\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000080)={0xffff, 0x20, [0xf5, 0xc3e, 0x400, 0x1, 0x8000, 0x6, 0xffff, 0x101]}) 16:42:39 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:39 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x62}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:39 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf5}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xffffffff00000000) 16:42:40 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x0, 0x38) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) 16:42:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:40 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2a100, 0x10) open_by_handle_at(r0, &(0x7f0000000100)={0x96, 0x2, "b7dea16cbd36dd89645c0cba579be547811699cabf5b4db1a62cb58b1527a1ea5b9378fea40dc1ac89498b86a8bfe643617e9fd06cf6626b4a67c513627a7f9e7d98d018bf0fe5dcf27b55ee2fa02cc224fac4ae819a0db8fc195374ecbea72326ccf094e4097e3f9caf91c963f39f98f413af9f9b0a60525ffc24c1a3f966e5c9b0df339752aaf4058319c90d09"}, 0xc0483) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x82, 0x0) write$P9_RRENAME(r1, &(0x7f0000000080)={0x7, 0x15, 0x1}, 0x7) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f00000001c0)={0x3ff, 0x101, 0x8, 0x100000000, 0x9}, 0x14) 16:42:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x10000, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) 16:42:40 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = getpid() r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3, 0x400) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x0, 'veth1\x00', 0x1}, 0x18) r2 = syz_open_procfs(r0, &(0x7f0000000080)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) prctl$PR_SET_PTRACER(0x59616d61, r0) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000001c0)=0xffffffffffffffff) 16:42:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x100000000000000f) ioctl$KDADDIO(r0, 0x400455c8, 0x10000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x10040, 0x0) ioctl$VIDIOC_G_STD(r1, 0x80085617, &(0x7f0000000180)) 16:42:40 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:40 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f0000000000)) 16:42:40 executing program 3: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x8000, 0x0) ioctl$TIOCSBRK(r0, 0x5427) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x4000, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)) ioctl$KDSETMODE(r1, 0x4b3a, 0x800) 16:42:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:40 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x63}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:40 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf6}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:40 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x4000000001ff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x80080, 0x0) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000080)=0x80) 16:42:40 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000080)='\xeeet\x91\x9f%d/\xb9') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:41 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000180), 0x0, 0x38) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) 16:42:41 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x25) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xc0040008}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x80, r2, 0x201, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x100000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x53}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4f}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@rand_addr="f2a106142df7bf6998afaf39178c89d2"}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20040000}, 0x840) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:41 executing program 1: r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000080)={0xac, @empty, 0x4e23, 0x3, 'wrr\x00', 0x20, 0x6, 0x5b}, 0x2c) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000000c0)={r0, 0x1, 0x0, 0x1000000000000}) 16:42:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x64}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:41 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf7}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:41 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x8000, 0x20000) ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000080)={0x4fb, 0x3, 0x8, 0x7, 0x8, 0x8}) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1991.939550] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1991.993692] CPU: 0 PID: 31286 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1992.000845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1992.010201] Call Trace: [ 1992.012797] dump_stack+0x172/0x1f0 [ 1992.016450] dump_header+0x10f/0xb6c [ 1992.020176] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1992.025285] ? ___ratelimit+0x60/0x595 [ 1992.025304] ? do_raw_spin_unlock+0x57/0x270 [ 1992.025333] oom_kill_process.cold+0x10/0x6f5 [ 1992.038102] ? task_will_free_mem+0x139/0x6e0 [ 1992.042614] out_of_memory+0x79a/0x1280 [ 1992.046602] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1992.051728] ? oom_killer_disable+0x280/0x280 [ 1992.056228] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1992.061355] mem_cgroup_out_of_memory+0x99/0xe0 [ 1992.066034] ? memcg_memory_event+0x40/0x40 [ 1992.070365] ? _raw_spin_unlock+0x2d/0x50 [ 1992.074520] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1992.079629] try_charge+0xfec/0x1570 [ 1992.083355] ? find_held_lock+0x35/0x130 [ 1992.087433] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1992.092291] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1992.097149] ? find_held_lock+0x35/0x130 [ 1992.101216] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1992.106080] memcg_kmem_charge_memcg+0x7c/0x130 [ 1992.110758] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1992.115262] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1992.120119] memcg_kmem_charge+0x13b/0x340 [ 1992.124369] __alloc_pages_nodemask+0x437/0x710 [ 1992.129050] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1992.134079] ? ___might_sleep+0x163/0x280 [ 1992.138227] ? copyin+0xb5/0x100 [ 1992.141599] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1992.147140] alloc_pages_current+0x107/0x210 [ 1992.151552] pipe_write+0xa65/0xfb0 [ 1992.155191] __vfs_write+0x613/0x8e0 [ 1992.158906] ? kernel_read+0x120/0x120 [ 1992.162792] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1992.168350] ? rw_verify_area+0x118/0x360 [ 1992.172501] vfs_write+0x20c/0x580 [ 1992.176043] ksys_write+0xea/0x1f0 [ 1992.179586] ? __ia32_sys_read+0xb0/0xb0 [ 1992.183649] ? do_syscall_64+0x26/0x610 [ 1992.187621] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1992.192978] ? do_syscall_64+0x26/0x610 [ 1992.196955] __x64_sys_write+0x73/0xb0 [ 1992.200848] do_syscall_64+0x103/0x610 [ 1992.204741] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1992.209929] RIP: 0033:0x457e39 [ 1992.213120] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1992.232014] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:42:42 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$RTC_VL_CLR(r0, 0x7014) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 1992.239721] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1992.246987] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 1992.254254] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1992.261519] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 1992.268786] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:42:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x80000000) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xfffffffffffffff9, 0x14000) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], 0x5, 0x4, 0x1, 0x4}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 1992.538277] memory: usage 307104kB, limit 307200kB, failcnt 932 [ 1992.544492] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1992.586745] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1992.618762] Memory cgroup stats for /syz5: cache:23088KB rss:259612KB rss_huge:249856KB shmem:22984KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282704KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1993.068213] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31207,uid=0 [ 1993.103189] Memory cgroup out of memory: Kill process 31207 (syz-executor5) score 1160 or sacrifice child [ 1993.143068] Killed process 31207 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35816kB, shmem-rss:0kB 16:42:43 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x406, r0) r3 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x5, 0x200000) accept4$inet(r2, 0x0, &(0x7f00000001c0), 0xb814209a5b22c3b3) ioctl$KVM_S390_VCPU_FAULT(r1, 0x4008ae52, &(0x7f0000000180)=0xffff) ioctl$UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f0000000140)={0x0, 0x2, [{r2, 0x0, 0xfffffffff0000000, 0x1000000010000}, {r3, 0x0, 0xfffffffffffff000, 0x10000}]}) prctl$PR_SET_PDEATHSIG(0x1, 0x1e) [ 1993.191113] oom_reaper: reaped process 31207 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 16:42:43 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) write$binfmt_aout(r0, &(0x7f0000000080)={{0x10b, 0x79, 0x6, 0x32a, 0x4f, 0x5725d82f, 0x29c, 0x5}, "c3dff7641c6310688e893d8707c361636ae95072ca65fa85c60cf27a84ee2651266f152738259cce5a750189a12bd6da0b67cd2c4d5ec38f63a381015b9fd2e6c085a5ce53a2b5b9a16a11a4e8b49ec491ce79640958a24441b00dfe6adf741bb6f35155e28cfb6070063f8ca0641e171d98f618640e507e7e47be78ba64e694320cd437b80153e6602202", [[]]}, 0x1ab) 16:42:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:43 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x65}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:43 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf8}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x840, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000140)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000000080)=0xe8) ioctl$SIOCAX25DELUID(r1, 0x89e2, &(0x7f0000000240)={0x3, @default, r2}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:43 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) fcntl$setsig(r0, 0xa, 0x3a) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000100)={{{@in6=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000200)=0xe8) mount$9p_virtio(&(0x7f0000000000)='net/unix\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x2080000, &(0x7f0000000240)={'trans=virtio,', {[{@access_client='access=client'}, {@posixacl='posixacl'}, {@msize={'msize', 0x3d, 0xd9b}}, {@afid={'afid', 0x3d, 0x60}}, {@mmap='mmap'}, {@version_9p2000='version=9p2000'}, {@loose='loose'}, {@cachetag={'cachetag', 0x3d, 'wlan0/GPLvboxnet1vboxnet0'}}], [{@smackfsroot={'smackfsroot'}}, {@smackfsroot={'smackfsroot', 0x3d, 'net/unix\x00'}}, {@uid_lt={'uid<', r2}}, {@smackfstransmute={'smackfstransmute'}}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@seclabel='seclabel'}]}}) preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:43 executing program 1: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/148, 0x94}], 0x10000000000001b3, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x204100, 0x0) ioctl$PPPIOCSMRRU(r1, 0x4004743b, &(0x7f0000000080)=0x9) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000100)) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x8000000000) 16:42:44 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:44 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') ioctl$VIDIOC_S_EDID(r0, 0xc0285629, &(0x7f0000000100)={0x0, 0x0, 0x8, [], &(0x7f00000000c0)}) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000004500)={0x0, @empty, @initdev}, &(0x7f0000004540)=0xc) accept$packet(r0, &(0x7f0000004580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000045c0)=0xfffffffffffffe9b) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000004600)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@initdev}}, &(0x7f0000004700)=0xe8) getpeername$packet(r0, &(0x7f0000004740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000004780)=0x14) getsockname$packet(r0, &(0x7f0000004800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000004840)=0x14) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000004880)={{{@in, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@loopback}}, &(0x7f0000004980)=0xe8) getsockopt$inet6_dccp_int(r0, 0x21, 0x1, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000049c0)={'vcan0\x00', 0x0}) getpeername$packet(r0, &(0x7f0000004a00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000004a40)=0x14) getpeername$packet(r0, &(0x7f0000004a80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000004ac0)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000004b80)={{{@in=@multicast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@ipv4={[], [], @dev}}}, &(0x7f0000004c80)=0xe8) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000005100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000050c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc030000", @ANYRES16=r1, @ANYBLOB="00012abd7000fcdbdf250000000008000100", @ANYRES32=r2, @ANYBLOB="a00102003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000104000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400b600000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400540300003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r4, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000200000008000600", @ANYRES32=r6, @ANYBLOB="400001002400018000756575e55f696400000000000000000000000000000000000000000000000008000300037300000800040005000000080006002d8fb1a80e2fa793929ce2c4926cdf66c86af7486fbd74468df54d957a7fc7173f37dc353a5ad0994b691710e2b725857119faa43d4823e99f65d32a42701f43c917416b0fea2a", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="7c01020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004004300062c05000000010006096f0e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r10, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000000000008000700000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="40000100240001006d6f646500000000000000000000000000000000000000000000000000000000080003000500000010000400726f756e64726f62696e00003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="080001009f8a6e448bf360578df8bf3f307650ee872d11e0a4bac5fc7b4d594dbd7fad3f0b5b75fd7a73f3ed4ea75fa7e279b57d16ee118b64773e8196f2380b91ddf633153c841a3de2b80306833b206fe0b732c0d00df1185dcbed98f9f3b454d6c7f479eb51990d061d033fec688f2136844f71e106197af76f57508c17b3e8050a118cb41ea6b8ff656e67746ef2dc1092335c848ea3fcb0ffb11477191dc21949fa2dd4f3deafbc224fef0050beb91e2725a6", @ANYRES32=0x0, @ANYBLOB="b400020040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000800000008000600", @ANYRES32=r13, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004003f00000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400fbffffff"], 0x3fc}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000600)='/dev/loop0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='fuseblk\x00', 0x40, &(0x7f0000000780)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r9}, 0x2c, {'group_id', 0x3d, r14}, 0x2c, {[{@default_permissions='default_permissions'}], [{@fowner_gt={'fowner>', r5}}]}}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:44 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xf9}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000280)='/dev/snd/pcmC#D#p\x00', 0x80, 0x10200) setsockopt$inet_dccp_int(r1, 0x21, 0x0, &(0x7f00000002c0)=0x4b709ef6, 0x4) r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000240)={0xb, {0x3, 0x7, 0x5, 0x9}, {0x1, 0xe4, 0x2, 0x7f}, {0x1}}) r3 = getuid() stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000010001000000000002000704", @ANYRES32=r3, @ANYBLOB="040004000000000008000100", @ANYRES32=r4, @ANYBLOB="10000400000000002000040000000000"], 0x34, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:44 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x66}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:44 executing program 1: openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0x4000, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000080)={0x0, 0x1000, 0x9, 0xfffffffffffffc00, 0x5, 0x3b7, 0xffffffffffffffe0, 0x3, {0x0, @in={{0x2, 0x4e22, @broadcast}}, 0x9, 0x8df7, 0x7fffffff, 0x1, 0x1ff}}, &(0x7f0000000000)=0xb0) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000140)={r1, 0x7, 0x6, 0x7fff}, &(0x7f0000000180)=0x10) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x8, 0x800) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x40000, 0x0) ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000080)={0xc59, 0x8001}) 16:42:44 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000000)=0x81, 0x4) 16:42:44 executing program 5: syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:42:44 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000040)='net/unix\x00') ioctl$SIOCX25SCAUSEDIAG(r1, 0x89ec, &(0x7f0000000180)={0x20, 0x4}) preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0xc) ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0)=r2, 0x12) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000100)=0x1, 0x4) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f00000001c0)={0x9, [0x100000001, 0x9f6c, 0x1, 0x4, 0xffffffffffffffe0, 0x95c, 0x3, 0x2, 0x5]}) 16:42:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000000), 0x4) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x8000, 0x0) write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000051ffffff0100000800395032301f302e754c435e44ef45c9787edd5a5344deaa61"], 0x15) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/sockcreate\x00') setsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000000140)=0xffffffff, 0x1) 16:42:45 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') getpeername$netrom(r0, &(0x7f0000000080)={{0x3, @null}, [@null, @rose, @remote, @bcast, @netrom, @bcast, @rose, @null]}, &(0x7f0000000000)=0x48) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:45 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xfa}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 1995.227938] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1995.278080] CPU: 1 PID: 31423 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1995.285232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1995.294598] Call Trace: [ 1995.297196] dump_stack+0x172/0x1f0 [ 1995.300854] dump_header+0x10f/0xb6c [ 1995.304577] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1995.309690] ? ___ratelimit+0x60/0x595 [ 1995.313614] ? do_raw_spin_unlock+0x57/0x270 [ 1995.318037] oom_kill_process.cold+0x10/0x6f5 [ 1995.322543] ? task_will_free_mem+0x139/0x6e0 [ 1995.327054] out_of_memory+0x79a/0x1280 [ 1995.331037] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1995.336174] ? oom_killer_disable+0x280/0x280 [ 1995.340690] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1995.345810] mem_cgroup_out_of_memory+0x99/0xe0 [ 1995.350481] ? memcg_memory_event+0x40/0x40 [ 1995.354815] ? _raw_spin_unlock+0x2d/0x50 [ 1995.358963] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1995.364067] try_charge+0xfec/0x1570 [ 1995.367781] ? find_held_lock+0x35/0x130 [ 1995.371855] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1995.376707] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1995.381556] ? find_held_lock+0x35/0x130 [ 1995.385621] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 1995.390477] memcg_kmem_charge_memcg+0x7c/0x130 [ 1995.395164] ? memcg_kmem_put_cache+0xb0/0xb0 [ 1995.399676] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1995.404528] memcg_kmem_charge+0x13b/0x340 [ 1995.408785] __alloc_pages_nodemask+0x437/0x710 [ 1995.413467] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1995.418498] ? ___might_sleep+0x163/0x280 [ 1995.422677] ? copyin+0xb5/0x100 [ 1995.426070] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1995.431636] alloc_pages_current+0x107/0x210 [ 1995.436052] pipe_write+0xa65/0xfb0 [ 1995.439691] __vfs_write+0x613/0x8e0 [ 1995.443411] ? kernel_read+0x120/0x120 [ 1995.447297] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1995.452869] ? rw_verify_area+0x118/0x360 [ 1995.457012] vfs_write+0x20c/0x580 [ 1995.460552] ksys_write+0xea/0x1f0 [ 1995.464104] ? __ia32_sys_read+0xb0/0xb0 [ 1995.468167] ? do_syscall_64+0x26/0x610 [ 1995.472139] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1995.477509] ? do_syscall_64+0x26/0x610 [ 1995.481481] __x64_sys_write+0x73/0xb0 [ 1995.485396] do_syscall_64+0x103/0x610 [ 1995.489301] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1995.494524] RIP: 0033:0x457e39 [ 1995.497741] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1995.516659] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:42:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x67}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 16:42:45 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000140)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f0000000680)=0xe8) ioprio_get$uid(0x3, r0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0xc) r2 = openat(0xffffffffffffff9c, &(0x7f00000006c0)='./file0\x00', 0x400, 0x8) getsockopt$ax25_int(r2, 0x101, 0xd, &(0x7f0000000700), &(0x7f0000000740)=0x4) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_procfs(r1, 0xfffffffffffffffd) ioctl$PPPIOCSFLAGS1(r3, 0x40047459, &(0x7f0000000200)=0x4000040) preadv(r3, &(0x7f0000000500)=[{&(0x7f0000000280)=""/209}, {&(0x7f0000000000)=""/10}, {&(0x7f0000000380)=""/82}, {&(0x7f0000000040)=""/4}, {&(0x7f0000000400)=""/245}, {&(0x7f00000013c0)=""/4096}], 0x1000000000000161, 0x3b) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/qat_adf_ctl\x00', 0x0, 0x0) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x200080, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r4, 0xc0a85322, &(0x7f0000000780)) getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 1995.524406] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1995.531694] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000006 [ 1995.538983] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1995.546279] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 1995.553574] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:42:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000540)=0x4f) lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)=0x0) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/mls\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f0000000380)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000400)=0xc) fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getgid() getgroups(0x7, &(0x7f00000004c0)=[r1, r2, r3, r4, r5, r6, r7]) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r8 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000500)='/selinux/mls\x00', 0x0, 0x0) r9 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x0, 0x0) shutdown(r8, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r9, 0x111, 0x1, 0x1f, 0x4) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r10 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$SO_TIMESTAMPING(r10, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000080)=0x4) [ 1995.627658] QAT: Invalid ioctl [ 1995.643380] QAT: Invalid ioctl [ 1995.657069] memory: usage 307200kB, limit 307200kB, failcnt 990 16:42:45 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x80000, 0x0) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000000c0)={[0x80, 0x2, 0x8, 0x401, 0x0, 0x7ff, 0x3ff, 0x7, 0x2, 0x13, 0xffffffff, 0xffffffffffffff50, 0x5, 0x2, 0xd4, 0x6], 0xf000, 0x2250}) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 1995.698351] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1995.714592] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 16:42:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 1995.757432] Memory cgroup stats for /syz5: cache:22944KB rss:259640KB rss_huge:249856KB shmem:22944KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282704KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1995.824245] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31390,uid=0 [ 1995.897287] Memory cgroup out of memory: Kill process 31390 (syz-executor5) score 1160 or sacrifice child [ 1995.932031] Killed process 31390 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35816kB, shmem-rss:0kB 16:42:45 executing program 5: syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:42:45 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xfb}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) futex(&(0x7f0000000000), 0x4, 0x1, &(0x7f0000000080)={0x77359400}, &(0x7f0000000140)=0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x20, 0x100) ioctl$KDADDIO(r0, 0x400455c8, 0x5) ioctl$KDSKBLED(r0, 0x4b65, 0x4ef9d73a) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:45 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000000)=0x6, 0x4) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 16:42:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x68}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:46 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp6\x00') ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x4, 0x401}) openat$userio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/userio\x00', 0x60201, 0x0) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$proc_capi20(0xffffffffffffff9c, 0xfffffffffffffffe, 0x80000, 0x0) fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000240)=0x0) r4 = getpgrp(0xffffffffffffffff) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x200, 0x0) sendmsg$nl_generic(r1, &(0x7f00000007c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80002001}, 0xc, &(0x7f0000000780)={&(0x7f0000000280)={0x4d4, 0x16, 0x4, 0x70bd26, 0x25dfdbff, {0x11}, [@typed={0x8, 0x80, @uid=r2}, @typed={0x8, 0x85, @fd=r0}, @typed={0xc, 0x62, @u64=0x7fff}, @generic="b949a70cce8d7c7d61026eecd1aec052470927d592ad6bd838f85dcf124d0b044eb2f7ac09fda1", @nested={0x180, 0xf, [@generic="28a45a31504e2c6d046feab1f8addcb5340318466e34cfc4655ee6f4bb3c126231c34fe140980b3ec5b714a552b5af1ded77fda20cddb20c2da4aef6fa7dd4be6f1c8c262e1bbb947ec460cf00fda63e47e6d3009a1a58b4be999782c3c42f01e9a4ac2e697646c5cb874e11d7cf575313b72c6dc28521a08f2b7d48699f4675903c02f029989f81cdc1abcb08c2d69977f405cf6527ff2dbcc309c5d8955fe189604c9c25698ffdbd94943a6808264b202389", @typed={0x8, 0x6e, @u32=0x4}, @generic="db7fa566f5b29835ab3d35ef9b38d9ac03555e4da8b559fbe12099270991587b3cd60618dd284014291af9750a5fb2bfe1bf6925572f3939e667d3a6330d76d0af1114fb149a1c2c0c4609f5e34594d841a3702953358b951405cdcca5c2696e6863b402d14e269aa8c8a67e9332f65ba68950a674cd35125fbad784ecb5dc4431db95ae90833524e4cd3d0d4ef1e7ff22d023b1d51c4f1e3ccdc922bfc0e581667624607b3b9acd3e06b47f5ba0b00c46fb2732cefc8a2a9673e8ebe8aab0"]}, @generic="bba8cb7c009818308ed313b642f968a6c6718d42aa49b41310629e255250b270fd2084d7e7e5ecaf9a8c1d0763cf140625311621e6203817d370975ada2c88c2dbef7317dfdd0f076a8395af4c418701affa8a62ca63fd309c8948bb150255766cb6963964f0c97575626e15066a79403d58a4fab44a9cfba4c637af3acd8c208ec64eaeff56e25dbd9c089b952f386cf783602c4ec11aa80802791ddc3181bd5e5afb8be14bbdce4f74d87450e6ebca6622efa2fce7edefd1ce5425e06134df81ad75871a4016ad6dce30f5b27ecdc125fb7923c8e9ba6b639dc177964230731f4f1fd98b39d0357aa6d7f3c4fec8d5aaf324e09a", @generic="43c6e18c64ffee8794337193b39ed0e9299709d621adab0fd26eb5f921af8e13ae639182d3ce2097c282060c070b18b411b6a1e60b26514c8a56d543717e67af74c98d06ab10fe7e7c6bf7e2a934320fe72ac3aa11079a4b48fd8f03435d2578a7b0f926eb4e31b0994f7c5724762f06f37323c0af1ad1ba9e6be452fc6db5a10bd543f77553069faacd55618f49850503ca1257d3c4ca39496a6dadcce5574ab574c5035a70aeddd2ec36f861f9fe4f97a33a53c9df86e00a070f5486c26b56f5590631ef8dbcf2e2434b30b72601e665dc2d06e5c2219d05d9ddafc101a7e954a0dca7c56190e1bd3a969650d530c46047e3564fd8e5a09c", @generic="6fa03f9d01206841622d627dd77c424b7a42486878d6f8d8e80a883e2d0800a6a61358a76d154ce61b538941be63f2eb1e057ccc21fc557882f59f4348979e552a43d9e1d7d0778767729c76ac05916f10af851b2fcf6a3d13f20b25b14a68820c3fa81afbcfd574b314fc56f4147a909c5c8eb44bba673b2054f4f822279127a0d88a3f6992997511618acfdb2243cb38e91d502d28dca7c789592bd0c1ee3c82c76058759b25ec845b86", @nested={0x64, 0x85, [@typed={0x8, 0x5d, @pid=r3}, @typed={0x8, 0x88, @pid=r4}, @typed={0x4, 0x68}, @typed={0x8, 0x83, @ipv4=@remote}, @typed={0xc, 0x4c, @u64=0xffffffffffff0001}, @typed={0x10, 0x7a, @str='/dev/ptmx\x00'}, @typed={0x8, 0x56, @ipv4=@dev={0xac, 0x14, 0x14, 0x19}}, @generic="3f3368321936cdfcd83a1cea0aeca38f1be7bcc1c6769e0bfe64e814ae3c"]}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x4000}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:46 executing program 0: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x2008000) 16:42:46 executing program 1: r0 = getpid() rt_sigsuspend(&(0x7f00000003c0)={0x8001}, 0x8) syz_open_procfs(r0, &(0x7f0000000380)='setgroups\x00') r1 = openat$cgroup_int(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.memory_migrate\x00', 0x2, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) clock_gettime(0x6, &(0x7f0000000340)) preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/56, 0x38}, {&(0x7f0000000140)=""/161, 0xa1}, {&(0x7f0000000200)=""/73, 0x49}, {&(0x7f0000000280)=""/138, 0x8a}], 0x4, 0x0) preadv(r3, &(0x7f0000000100)=[{&(0x7f0000001200)=""/148, 0x94}], 0x10000000000002e4, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r1, &(0x7f00000000c0), 0x0, 0x0) 16:42:46 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='bpf\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) lseek(r0, 0x4, 0x0) 16:42:46 executing program 3: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000080)={'icmp\x00'}, &(0x7f0000000140)=0x1e) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x28, &(0x7f0000000180)}, 0x10) ioctl$KDADDIO(r1, 0x400455c8, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0x9, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000240)={0xd000, 0x1d001, 0x5, 0x5, 0xffffffffffffff1f}) ioctl$VT_ACTIVATE(r1, 0x5606, 0xa80c) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000340)={0x0, 0x1000000}, &(0x7f0000000380)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000003c0)={r3, 0x4}, 0x8) ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000440)={0x4864, 0x80, 0x6, 0x7, 0x9}) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000280)={0x1, 0x80000001, 0x800a, 0x4, 0x9, 0x6, 0x5, 0x0, 0x0}, &(0x7f00000002c0)=0x20) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000300)={r4, 0x3f}, 0x8) syz_open_dev$sndtimer(&(0x7f0000000400)='/dev/snd/timer\x00', 0x0, 0x1) [ 1996.568838] QAT: Invalid ioctl [ 1996.623359] QAT: Invalid ioctl 16:42:46 executing program 5: syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:42:46 executing program 0: r0 = socket(0x18, 0x0, 0x4) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, 0x0) 16:42:46 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xfc}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x10001, 0x80) accept4$alg(r1, 0x0, 0x0, 0x80000) 16:42:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x69}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:46 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f000001c000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) rmdir(&(0x7f0000000140)='./file0\x00') mknod(0x0, 0x0, 0x0) mount(0x0, &(0x7f000000fff8)='./file0\x00', 0x0, 0x7ffbf, 0x0) openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) 16:42:47 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2}}) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5420, 0x0) 16:42:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = accept(0xffffffffffffffff, &(0x7f0000000140)=@x25, &(0x7f0000000000)=0x80) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@loopback, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@broadcast}}, &(0x7f00000002c0)=0xe8) fstat(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r1, &(0x7f0000000640)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000380)=@getpolicy={0x26c, 0x15, 0x400, 0x70bd26, 0x25dfdbfb, {{@in=@multicast2, @in6=@empty, 0x4e23, 0x400, 0x4e24, 0x0, 0xa, 0x0, 0xe560954f0b465cd7, 0x3f, r2, r3}, 0x6e6bb6, 0x3}, [@tmpl={0x1c4, 0x5, [{{@in6=@dev={0xfe, 0x80, [], 0x2a}, 0x4d2, 0x3c}, 0x2, @in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x3, 0x1, 0x2, 0x8af, 0x80, 0x9, 0x7ff}, {{@in6=@ipv4={[], [], @empty}, 0x4d2, 0x2b}, 0x2, @in=@local, 0x0, 0x3, 0x3, 0x4, 0x6, 0xfffffffffffffff8, 0x3a}, {{@in=@empty, 0x4d2, 0x32}, 0xa, @in6=@mcast2, 0x3504, 0x12ff90115b62287c, 0x1, 0x737, 0x10000, 0x9, 0xfffffffffffeffff}, {{@in=@multicast2, 0x4d2, 0xff}, 0xa, @in=@multicast1, 0x0, 0x1, 0x3, 0x5ee3, 0x0, 0xfffffffffffff800, 0x901}, {{@in6=@remote, 0x4d3, 0x6c}, 0x2, @in6=@local, 0x3503, 0x3, 0x0, 0x3, 0x10000, 0x5, 0x3ff}, {{@in6=@rand_addr="233a8849f58ca42b4917367282af4abb", 0x4d4, 0xff}, 0x2, @in6=@remote, 0x3503, 0x4, 0x3, 0x8, 0x40, 0x80000000, 0x7}, {{@in=@local, 0x4d3, 0x2b}, 0xa, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc1}]}, @proto={0x8, 0x19, 0x3f}, @tfcpad={0x8, 0x16, 0x3f}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd2c, 0x70bd2a, 0x70bd27, 0x70bd28, 0xbd, [0x1, 0x2a244, 0x7, 0xffff]}}, @encap={0x1c, 0x4, {0x0, 0x4e24, 0x4e23, @in=@empty}}]}, 0x26c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:47 executing program 5: r0 = socket$inet(0x2, 0x0, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='nouser_xattr,jqfmt=vfsold']) 16:42:47 executing program 1: r0 = socket$rxrpc(0x21, 0x2, 0x2) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000080)) preadv(r1, &(0x7f0000000480), 0x1000000000000160, 0x38) ioctl$NBD_CLEAR_QUE(r1, 0xab05) 16:42:47 executing program 5: r0 = socket$inet(0x2, 0x0, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:47 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) [ 1997.565724] syz-executor5 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1997.578942] CPU: 1 PID: 31565 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1997.586061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1997.595414] Call Trace: [ 1997.598019] dump_stack+0x172/0x1f0 [ 1997.601658] dump_header+0x10f/0xb6c [ 1997.605382] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1997.610936] ? ___ratelimit+0x60/0x595 [ 1997.614837] ? do_raw_spin_unlock+0x57/0x270 [ 1997.619282] oom_kill_process.cold+0x10/0x6f5 [ 1997.623801] ? task_will_free_mem+0x139/0x6e0 [ 1997.628334] out_of_memory+0x79a/0x1280 [ 1997.632330] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1997.637442] ? oom_killer_disable+0x280/0x280 [ 1997.641942] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1997.647060] mem_cgroup_out_of_memory+0x99/0xe0 [ 1997.651730] ? memcg_memory_event+0x40/0x40 [ 1997.656061] ? _raw_spin_unlock+0x2d/0x50 [ 1997.660210] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1997.665308] try_charge+0xfec/0x1570 [ 1997.669026] ? find_held_lock+0x35/0x130 [ 1997.673095] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1997.677943] ? kasan_check_read+0x11/0x20 [ 1997.682097] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1997.686943] mem_cgroup_try_charge+0x24d/0x5e0 [ 1997.691545] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1997.696476] shmem_getpage_gfp+0x69b/0x3520 [ 1997.700823] ? shmem_add_to_page_cache+0x1200/0x1200 [ 1997.705930] ? lock_downgrade+0x810/0x810 [ 1997.710084] shmem_fault+0x22d/0x760 [ 1997.713801] ? __handle_mm_fault+0x349d/0x3f20 [ 1997.718385] ? shmem_read_mapping_page_gfp+0x1a0/0x1a0 [ 1997.723668] ? lock_downgrade+0x810/0x810 [ 1997.727837] __do_fault+0x116/0x4e0 [ 1997.731497] __handle_mm_fault+0x2cbd/0x3f20 [ 1997.736229] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1997.741071] ? find_held_lock+0x35/0x130 [ 1997.745156] ? handle_mm_fault+0x322/0xb30 [ 1997.749418] ? kasan_check_read+0x11/0x20 [ 1997.753579] handle_mm_fault+0x43f/0xb30 [ 1997.757646] __do_page_fault+0x5da/0xd60 [ 1997.761732] do_page_fault+0x71/0x581 [ 1997.765628] page_fault+0x1e/0x30 [ 1997.769082] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 1997.774964] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 1997.793963] RSP: 0018:ffff8880649d7b40 EFLAGS: 00010206 [ 1997.799335] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 00000000000001c0 [ 1997.806602] RDX: 0000000000001000 RSI: 0000000020007000 RDI: ffff88809dffee40 [ 1997.813871] RBP: ffff8880649d7b78 R08: ffffed1013bffe00 R09: 0000000000000000 [ 1997.821139] R10: ffffed1013bffdff R11: ffff88809dffefff R12: 00000000200061c0 [ 1997.828411] R13: ffff88809dffe000 R14: 00000000200071c0 R15: 00007ffffffff000 [ 1997.835707] ? copyin+0xe2/0x100 [ 1997.839078] copy_page_from_iter+0x324/0x750 [ 1997.843495] pipe_write+0x27d/0xfb0 [ 1997.847136] __vfs_write+0x613/0x8e0 [ 1997.850865] ? kernel_read+0x120/0x120 [ 1997.854753] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1997.860330] ? rw_verify_area+0x118/0x360 [ 1997.864483] vfs_write+0x20c/0x580 [ 1997.868027] ksys_write+0xea/0x1f0 [ 1997.871569] ? __ia32_sys_read+0xb0/0xb0 [ 1997.875630] ? do_syscall_64+0x26/0x610 [ 1997.879607] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1997.884968] ? do_syscall_64+0x26/0x610 [ 1997.888946] __x64_sys_write+0x73/0xb0 [ 1997.892835] do_syscall_64+0x103/0x610 [ 1997.896725] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1997.901914] RIP: 0033:0x457e39 [ 1997.905108] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1997.924021] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1997.931724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1997.939003] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000006 [ 1997.946263] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1997.953542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 16:42:47 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xfd}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:47 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x696041, 0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431) setsockopt$inet6_int(r0, 0x29, 0x7c, &(0x7f00000000c0)=0x3, 0x4) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000000)=0x5) sysfs$3(0x3) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r2, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x40003, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000080)={0xffffffffffffffb9, 0x74a}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 1997.960810] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:42:47 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000005c0)={0x0, {{0xa, 0x0, 0x0, @initdev}}}, 0x84) 16:42:47 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/64, 0x40}, {&(0x7f00000000c0)=""/58, 0x3a}], 0x2, 0x0) [ 1998.043541] memory: usage 307200kB, limit 307200kB, failcnt 1021 [ 1998.052849] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1998.071696] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1998.084936] Memory cgroup stats for /syz5: cache:22944KB rss:259576KB rss_huge:249856KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:96KB active_anon:282612KB inactive_file:0KB active_file:4KB unevictable:0KB 16:42:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xfffffffffffffffc) 16:42:48 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0x10000, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000180)=0x1, 0x4) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000002c0)={0x0, 0x5, 0x1, {0x1, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd]}}}) gettid() ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f00000001c0)={0x200, 0x8, 0x1000}) ioctl$VIDIOC_STREAMOFF(r1, 0xc0205647, &(0x7f0000000100)) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:event_device_t:s0\x00', 0x24, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) userfaultfd(0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000b00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000340)=""/175) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, 0x0) perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000004c0)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00\"\x00'}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)) rt_sigtimedwait(&(0x7f0000000400), &(0x7f0000000500), &(0x7f0000000480), 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xa40, 0x0) syz_open_dev$vcsn(0x0, 0x6, 0x0) mq_unlink(&(0x7f00000005c0)='bctf0\x00\x00\x00\x00\x00\x00\"\x00') openat$nullb(0xffffffffffffff9c, 0x0, 0x802, 0x0) finit_module(r3, &(0x7f0000000740)='nodevkeyringsecurity\x00', 0x1) [ 1998.149170] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31526,uid=0 [ 1998.170086] Memory cgroup out of memory: Kill process 31526 (syz-executor5) score 1160 or sacrifice child [ 1998.186198] Killed process 31526 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35804kB, shmem-rss:0kB 16:42:48 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:48 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f0000000000)) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 1998.279892] oom_reaper: reaped process 31526 (syz-executor5), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB 16:42:48 executing program 5: r0 = socket$inet(0x2, 0x0, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x200000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000240)) r2 = open(&(0x7f0000002000)='./bus\x00', 0x20000141046, 0x0) fallocate(r2, 0x10, 0x0, 0x10000101) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:48 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') preadv(r0, &(0x7f0000000480), 0xfffffffffffffec, 0x3c) 16:42:48 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0xfe}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:48 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xf, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff}, [@jmp={0x5, 0xffffffff, 0x7, 0xf, 0xf, 0x0, 0x4}, @exit, @jmp={0x5, 0x4, 0x0, 0xf, 0x0, 0xffffffffffffffe0, 0x4}, @jmp={0x5, 0x6, 0x7, 0x0, 0x9, 0x8, 0xfffffffffffffff1}, @exit, @alu={0x0, 0x3, 0xd, 0x0, 0x0, 0x100}]}, 0x0, 0x1, 0x8c, &(0x7f0000000100)=""/140, 0x41f00, 0x679ac0b9ff4eafee, [], 0x0, 0x7}, 0x48) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x5) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240), 0x10) getresgid(0x0, 0x0, 0x0) getgroups(0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1}, 0x100) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) recvmmsg(r0, &(0x7f00000086c0), 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') 16:42:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xfffffffffffffff8, 0x4080) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000140)=[@in={0x2, 0x4e22, @multicast1}, @in6={0xa, 0x4e20, 0x9, @local, 0x20}, @in6={0xa, 0x4e21, 0x6, @ipv4={[], [], @loopback}, 0x5}, @in6={0xa, 0x4e20, 0x81, @mcast2, 0x8001}, @in6={0xa, 0x4e23, 0x8, @mcast1}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x28}}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e22, 0xfff, @local, 0x2}], 0xbc) ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000200)={0x3, 0x652}) 16:42:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xb) ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f00000000c0)={0x1, "cf77b2263ade0aab5e9b048c4a80b9353d5aaf7127a7018bd132ca6b650f633f", 0x0, 0x1}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x0, 0x0) 16:42:48 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xffffffffffffffff) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x40, 0x0) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180)='nbd\x00') sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r2, 0x208, 0x70bd28, 0x25dfdbfd, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x6}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x0) ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000000)) [ 1999.202493] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1999.215737] CPU: 1 PID: 31648 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 1999.222861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1999.232218] Call Trace: [ 1999.232373] dump_stack+0x172/0x1f0 [ 1999.232400] dump_header+0x10f/0xb6c [ 1999.242330] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1999.247448] ? ___ratelimit+0x60/0x595 [ 1999.251358] ? do_raw_spin_unlock+0x57/0x270 [ 1999.255791] oom_kill_process.cold+0x10/0x6f5 [ 1999.260302] ? task_will_free_mem+0x139/0x6e0 [ 1999.264859] out_of_memory+0x79a/0x1280 [ 1999.268860] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1999.274018] ? oom_killer_disable+0x280/0x280 [ 1999.278524] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1999.283643] mem_cgroup_out_of_memory+0x99/0xe0 [ 1999.288331] ? memcg_memory_event+0x40/0x40 [ 1999.292676] ? _raw_spin_unlock+0x2d/0x50 [ 1999.296829] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 1999.301943] try_charge+0xfec/0x1570 [ 1999.305659] ? find_held_lock+0x35/0x130 [ 1999.309733] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 1999.314585] ? kasan_check_read+0x11/0x20 [ 1999.318744] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 1999.323615] mem_cgroup_try_charge+0x24d/0x5e0 [ 1999.328208] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 1999.333147] wp_page_copy+0x408/0x1740 [ 1999.337045] ? find_held_lock+0x35/0x130 [ 1999.341115] ? pmd_pfn+0x1d0/0x1d0 [ 1999.344660] ? lock_downgrade+0x810/0x810 [ 1999.348821] ? __pte_alloc_kernel+0x220/0x220 [ 1999.353327] ? kasan_check_read+0x11/0x20 [ 1999.357476] ? do_raw_spin_unlock+0x57/0x270 [ 1999.361891] do_wp_page+0x2ed/0x11d0 [ 1999.365615] ? rwlock_bug.part.0+0x90/0x90 [ 1999.369848] ? lock_acquire+0x16f/0x3f0 [ 1999.373825] ? finish_mkwrite_fault+0x540/0x540 [ 1999.378494] ? add_mm_counter_fast.part.0+0x40/0x40 [ 1999.383516] __handle_mm_fault+0x22db/0x3f20 [ 1999.387935] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1999.392794] ? find_held_lock+0x35/0x130 [ 1999.396856] ? handle_mm_fault+0x322/0xb30 [ 1999.401149] ? kasan_check_read+0x11/0x20 [ 1999.405324] handle_mm_fault+0x43f/0xb30 [ 1999.409395] __do_page_fault+0x5da/0xd60 [ 1999.413469] do_page_fault+0x71/0x581 [ 1999.417271] page_fault+0x1e/0x30 [ 1999.420723] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 1999.426607] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 1999.445514] RSP: 0018:ffff88800d3d7b30 EFLAGS: 00010206 [ 1999.450879] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 1999.458149] RDX: 0000000000001000 RSI: ffff88801c55fe00 RDI: 00000000208b2000 [ 1999.465422] RBP: ffff88800d3d7b68 R08: ffffed10038ac000 R09: 0000000000000000 [ 1999.472691] R10: ffffed10038abfff R11: ffff88801c55ffff R12: 00000000208b1200 [ 1999.479971] R13: ffff88801c55f000 R14: 00000000208b2200 R15: 00007ffffffff000 [ 1999.487282] ? copyout+0xe2/0x100 [ 1999.490750] copy_page_to_iter+0x347/0xd00 [ 1999.495006] pipe_read+0x28a/0x940 [ 1999.498557] __vfs_read+0x610/0x8c0 [ 1999.502205] ? vfs_copy_file_range+0xbb0/0xbb0 [ 1999.506805] ? rw_verify_area+0x118/0x360 [ 1999.511002] vfs_read+0x194/0x3e0 [ 1999.514458] ksys_read+0xea/0x1f0 [ 1999.517915] ? kernel_write+0x120/0x120 [ 1999.521897] ? do_syscall_64+0x26/0x610 [ 1999.525880] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1999.531250] ? do_syscall_64+0x26/0x610 [ 1999.535229] __x64_sys_read+0x73/0xb0 [ 1999.539033] do_syscall_64+0x103/0x610 [ 1999.542947] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1999.548162] RIP: 0033:0x457e39 [ 1999.551369] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1999.570276] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1999.577994] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 1999.585261] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000005 [ 1999.592544] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 1999.599823] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 1999.607089] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 1999.669553] memory: usage 307100kB, limit 307200kB, failcnt 1087 [ 1999.675970] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1999.693927] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1999.714100] Memory cgroup stats for /syz5: cache:23076KB rss:259508KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282528KB inactive_file:0KB active_file:4KB unevictable:0KB [ 1999.797955] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31627,uid=0 [ 1999.834855] Memory cgroup out of memory: Kill process 31627 (syz-executor5) score 1151 or sacrifice child [ 1999.845420] Killed process 31628 (syz-executor5) total-vm:72844kB, anon-rss:14976kB, file-rss:35748kB, shmem-rss:0kB [ 1999.863340] oom_reaper: reaped process 31628 (syz-executor5), now anon-rss:0kB, file-rss:34788kB, shmem-rss:0kB 16:42:49 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0x10000, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000180)=0x1, 0x4) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000002c0)={0x0, 0x5, 0x1, {0x1, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd]}}}) gettid() ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f00000001c0)={0x200, 0x8, 0x1000}) ioctl$VIDIOC_STREAMOFF(r1, 0xc0205647, &(0x7f0000000100)) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:event_device_t:s0\x00', 0x24, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) userfaultfd(0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000b00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000340)=""/175) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, 0x0) perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000004c0)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00\"\x00'}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)) rt_sigtimedwait(&(0x7f0000000400), &(0x7f0000000500), &(0x7f0000000480), 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xa40, 0x0) syz_open_dev$vcsn(0x0, 0x6, 0x0) mq_unlink(&(0x7f00000005c0)='bctf0\x00\x00\x00\x00\x00\x00\"\x00') openat$nullb(0xffffffffffffff9c, 0x0, 0x802, 0x0) finit_module(r3, &(0x7f0000000740)='nodevkeyringsecurity\x00', 0x1) 16:42:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xf, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff}, [@jmp={0x5, 0xffffffff, 0x7, 0xf, 0xf, 0x0, 0x4}, @exit, @jmp={0x5, 0x4, 0x0, 0xf, 0x0, 0xffffffffffffffe0, 0x4}, @jmp={0x5, 0x6, 0x7, 0x0, 0x9, 0x8, 0xfffffffffffffff1}, @exit, @alu={0x0, 0x3, 0xd, 0x0, 0x0, 0x100}]}, 0x0, 0x1, 0x8c, &(0x7f0000000100)=""/140, 0x41f00, 0x679ac0b9ff4eafee, [], 0x0, 0x7}, 0x48) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x5) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240), 0x10) getresgid(0x0, 0x0, 0x0) getgroups(0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1}, 0x100) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) recvmmsg(r0, &(0x7f00000086c0), 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') 16:42:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000b40)="0a4a61b5dbf9d8968cff9fb0cfd5195c3b61b44ef00b306ea35f8ddb4aeb8e3fea4597d6bb4bc94418563c5c0bc08d17ec891a9fc847c45e9f15335334e46153118ef8fd208139f46deb12fe9d8de4affc7fc86de30f340d75363e6c4374b8034a970714478ae91d4bacf453eb10cc03a74d5616b16a6d82fac298c64c9042291f02756c51038c06d2f5c0e2523d73263093c75628932b26285706fcefbda7dbd47c5323a548cf4d04932a1058bfc2b4744cf4f0e3a52d35420da8f31c4af20185ff94b59b7fff0a8733418dda11a928e91327b0fb285d80f25442738bfe50028d9865a1a9482c9bcd6e413b0d44e4ba9d30fd1859d93479134ca8") ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000080)) write$binfmt_aout(r0, &(0x7f0000000140)={{0x108, 0x34e, 0x9, 0x1a7, 0x1b3, 0x1, 0x112, 0x1}, "ac9ef7d4a7244ba31a7af0e3e9886c933d289f1c22f75b27a50f8f345bd172925e33be3fdccf7fb8683e57d87299ca3c8db6fb8a363346463fa20b743309cf2781fb8ad162c130b4b99c2763d9a0e5a2fb624b2123c1190410d8af7f41840456dd04491d4b90e2adf4bc4c756b93c209815795ad6c4a2046f5b49a9d487746accbc0b91370da1a6412434ca5f364127363c9dcfd44b4d1d72d96bd83458b619a7faaffca97735c603ae3a633f98eb7fd7ab61304c80a0f59d1590bcdc30afc06613d88e668e76f19cf3147f19a63958a8aedce8048", [[], [], [], [], [], [], [], [], []]}, 0x9f5) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:49 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:49 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x102}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:49 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2602, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000140)=0x4) [ 2000.395366] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 16:42:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x43, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000080)={0x0, 0x80000}) fremovexattr(r0, &(0x7f0000000180)=@random={'trusted.', '/dev/ptmx\x00'}) ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000140)={r2}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2000.457060] CPU: 1 PID: 31694 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2000.464210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2000.473562] Call Trace: [ 2000.476158] dump_stack+0x172/0x1f0 [ 2000.479803] dump_header+0x10f/0xb6c [ 2000.483532] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2000.488668] ? ___ratelimit+0x60/0x595 [ 2000.492558] ? do_raw_spin_unlock+0x57/0x270 [ 2000.496977] oom_kill_process.cold+0x10/0x6f5 [ 2000.501485] ? task_will_free_mem+0x139/0x6e0 [ 2000.506007] out_of_memory+0x79a/0x1280 [ 2000.509994] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2000.515113] ? oom_killer_disable+0x280/0x280 [ 2000.519615] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2000.524738] mem_cgroup_out_of_memory+0x99/0xe0 [ 2000.529412] ? memcg_memory_event+0x40/0x40 [ 2000.533750] ? _raw_spin_unlock+0x2d/0x50 [ 2000.537900] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2000.543011] try_charge+0xfec/0x1570 [ 2000.546738] ? find_held_lock+0x35/0x130 [ 2000.550812] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2000.550832] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2000.550847] ? find_held_lock+0x35/0x130 [ 2000.550865] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2000.550891] memcg_kmem_charge_memcg+0x7c/0x130 [ 2000.550912] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2000.550934] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2000.550952] memcg_kmem_charge+0x13b/0x340 [ 2000.550973] __alloc_pages_nodemask+0x437/0x710 [ 2000.550993] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2000.551011] ? ___might_sleep+0x163/0x280 [ 2000.551029] ? copyin+0xb5/0x100 16:42:50 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x103}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2000.551046] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2000.551064] alloc_pages_current+0x107/0x210 [ 2000.551081] pipe_write+0xa65/0xfb0 [ 2000.551121] __vfs_write+0x613/0x8e0 [ 2000.565056] ? kernel_read+0x120/0x120 [ 2000.565071] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2000.565102] ? rw_verify_area+0x118/0x360 [ 2000.636022] vfs_write+0x20c/0x580 [ 2000.639589] ksys_write+0xea/0x1f0 [ 2000.643137] ? __ia32_sys_read+0xb0/0xb0 [ 2000.647213] ? do_syscall_64+0x26/0x610 [ 2000.651199] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2000.656572] ? do_syscall_64+0x26/0x610 [ 2000.660563] __x64_sys_write+0x73/0xb0 [ 2000.664464] do_syscall_64+0x103/0x610 [ 2000.668360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2000.668373] RIP: 0033:0x457e39 [ 2000.668388] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2000.668396] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2000.668409] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2000.668417] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2000.668425] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2000.668433] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2000.668441] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2000.735660] memory: usage 307192kB, limit 307200kB, failcnt 1155 [ 2000.762464] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2000.782937] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2000.802493] Memory cgroup stats for /syz5: cache:23076KB rss:259504KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282588KB inactive_file:0KB active_file:0KB unevictable:0KB 16:42:50 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:50 executing program 3: getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000180)={{{@in=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@loopback}}, &(0x7f0000000280)=0xe8) stat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = accept4(0xffffffffffffff9c, &(0x7f00000002c0)=@hci, &(0x7f0000000340)=0x80, 0x80800) setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f0000000400)={0x7ff, 0x400, 0xaf7}, 0xc) mount$9p_virtio(&(0x7f0000000000)='trusted\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x800, &(0x7f0000000380)={'trans=virtio,', {[{@cache_mmap='cache=mmap'}, {@dfltuid={'dfltuid', 0x3d, r0}}, {@dfltgid={'dfltgid', 0x3d, r1}}], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@smackfstransmute={'smackfstransmute'}}]}}) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000500)=0x100000000000080b) ioctl$KDADDIO(r3, 0x400455c8, 0x2) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)) 16:42:50 executing program 1: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x401) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x730000}, 0x200000}) mprotect(&(0x7f0000818000/0x1000)=nil, 0x1000, 0x0) [ 2000.945170] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31682,uid=0 [ 2001.032420] Memory cgroup out of memory: Kill process 31682 (syz-executor5) score 1152 or sacrifice child [ 2001.078459] Killed process 31694 (syz-executor5) total-vm:72844kB, anon-rss:14976kB, file-rss:35820kB, shmem-rss:0kB 16:42:51 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0x10000, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000180)=0x1, 0x4) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000002c0)={0x0, 0x5, 0x1, {0x1, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd]}}}) gettid() ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f00000001c0)={0x200, 0x8, 0x1000}) ioctl$VIDIOC_STREAMOFF(r1, 0xc0205647, &(0x7f0000000100)) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:event_device_t:s0\x00', 0x24, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) userfaultfd(0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000b00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000340)=""/175) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, 0x0) perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000004c0)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00\"\x00'}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)) rt_sigtimedwait(&(0x7f0000000400), &(0x7f0000000500), &(0x7f0000000480), 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xa40, 0x0) syz_open_dev$vcsn(0x0, 0x6, 0x0) mq_unlink(&(0x7f00000005c0)='bctf0\x00\x00\x00\x00\x00\x00\"\x00') openat$nullb(0xffffffffffffff9c, 0x0, 0x802, 0x0) finit_module(r3, &(0x7f0000000740)='nodevkeyringsecurity\x00', 0x1) 16:42:51 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x104}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xa) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f00000000c0), &(0x7f0000000140)=0x4) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) [ 2001.149462] oom_reaper: reaped process 31694 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB 16:42:51 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:51 executing program 1: syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) pwritev(r0, &(0x7f0000001500)=[{&(0x7f0000000140)="bd708d4908ec4e00082dc895ad1783d23d7e3d7ef089edecfc2aabfe3b1a485226c17e3b8e60a98f6ea7ce44c3417ef280d167f8288a2b991501cc0459fa7cec3907cf82311738a99fd94553a3cdaf31057dee9689047a2fb7f59f12062f4191cb6137411318ec05ec9cc9e1c1f49514b215f393058dbe1d4da419afef96f88e72e52ae30258c8eb12f1c9733d471e1975b87655ee1ea59c1316f9692bf5bd8eb35ad3fec55c7ae662f3386546101a6d6a9d28845a3db706d336b8e165100505d6a3f22616aa58f73e67bc3bca16446baa6f703f2924a4c6ef4141c2eb9704f374b92d487b19add7848037d5c0c8b38dc7f6bc187b7f560381c66866db3d2008515ed94dc9fb4bd53dc0145def1c7ade05cc177b88f9558f8b81e0c1f9daaf716792bfb4501bffa72765d004f49ce758c453b2fbe8bb7def79ed310268f308dc50e50f4ceb985ae91f3489b6518efd8c9a1e0c2fe537923b501265e2db6bc0ccbaa7759fedea01042be65ca0fe1df44ec016e4677cff2705f8e6747d21ca2fd0a5f0f2b47a864b838d463d8715f046e6be2cce7dbd0ce26edd30b134cf5ebea30beac141dbb0ea883d888f44fac0425758115eb8dd5412d742004075f70f2c284cb618cc252cdf67cd971582d74d359319093ade6c08f9b1fa6514c030c4888775ae5b02def342fadd0530c35948b797704aea5e9c38249a14f909a01459b7fe92a6082a827ebf62ab0a6db6b76cc7ce0a94cf56707e2d099d5c4038a1d5c75599aa763c15c7b55644735bcd9e043c40eeb4e57be1354a3d6b712748b5f4ca7872338704b71ece031dd3858a67d314699d44d4d61dac897307cefb7e9bff51bbfd2768141c33379a6819a813fa5f3dfe4bf7256529dad6fe2ed6e598bb476f1b0f3e5173c7268e96adc62a37bfa0bcafa20de81b3fa5206184594a978292dc80ee8dafff95f5b68148228455017e90c321f9804b4555e0a17edd9a96743c520db8905371d0ca59fe740ce202698d23de3e3f491d5ae34a2d0ce7470518d0dca87844ec3c3735f30ba3c4d951074fdefd3fec044a21848f5511d76e5cb917d66af14449afbb161f878d4d5f4fb02fc6219cbb2a62683a85929964ebd3c6bc719e71fcbae500c8766c715a970a4ee64071c509e9a061b98da59785364664a2f7b0fa1bfd60958f0ccfbea346e8116982916e2f4b03830d214fca863961c887db66c777919ed26981c6341b2ceb9a16dd578814a2f00e72c3c31b48dba2eea9d0a5900aac75802882fe64ffdad934a29f336fc13a3a2f45160883dec8922ac77c0d94b159d4b4998e3f950d0f9b267f1e769efabc953728310794ae0560c0c14a4a6b96996d3547590b88da7e99b3698a12249df7cf70f8d051e5e88903cc985dc9cf31f3c4a4a666d7734a6e5cf55eb69ad547c2aa4919a3d03c54f8a8b0c6f3e9e8012de0fb0b0cccdda01c691cfc6e2e7c50fc2704cdee6287cec2565fdc5813d7b588508f47a2522aafe6c220fc4f8ba7acda27edf97a71d1851ac8cfd66db620200cc893a4b36aabc7498f8f1b3968fbe47a9999ba2921c9c8435b41c8681538775ace814270cd59373cf0cd9056e5fa96cd011dff731f227554cdc0616b7701ff51b7b7c4c80737771679a62ae9bf5976868dabcb66ed6f8b4790ceff1b1266f6c5f158fd4933db086930653f301951698877803d0d960e908bab9b773a1c9d070fd9c86ec29a213dc1ffbffdbf964291fbc2480b4588e26d7339e0228499507510bff6ff8e7d180f2048a3894800d7b84d3369c407ea31bee1f1eed2dfa4278447589fff9becf3c0a9f926408914e2684c7335dbac8aaa783791a56e0a26becfc1cdf25ecc626e69d12ce382bb965221d2e233d974ae3a71b4ff92fca4c8d094e8115ce1051d35aad72218add4ada2256a2d4d22f9c542192303a765862bac459435afb941b76e2818f38b08e904d063d9c20806d50932450a03ac3f2ec8e1b57ccdca936be479ba80a2b300d33080eb9fb3704469608d6dbe7a1c9ddae3da57d71b1cb89b2491b67459fa50918a41b2fa49fe7a4d13b9156a31b840a5f891e3075be0020442b23a7c25c179cfc23140f71d4c8b32dee2fcdfafa88fa250a0ee077cebcb0aa987bd47a8dc7f56f45a8baf3f050d08125ce0a14b101f96dcb1308c01ccf8039cf7415a07700d497d9ee4197e80d1072f9af82069bb718bf5ab7cd681ba8fe734652812eafa2f812ec4b69f32c5c3b0b14bf86d9ec5414c8ac746e577899ab0e7f9a9cdaa5e4997790f923e322b00b241712d5387e90b96bcaecf05653859efd7665f8340001594027ba96c99029e1bc986307e77cfe31bc1b958b36809aa59ffb818082bfffccbd674bcdc69c744053d6994834f7920b6f4508cb4335724af1428d6fd4d965506d6c855f071d546d964ecd412b5216265ca019b807b8c6f48a74bf60638c20e26a08f5ee5245b532127b706083c872cf0d0c182f8afe215926955f97685d9924ffcc7277cb24851b87935cf4e15a7f792bdea207c083d4e40e41bc511068a4039e8453aa80d3fda8e112d83ecf57fab29e784adbee2ec436b286c5bf7df667b07cd86a73e1f8d0017caa2d861f20c7fc9d2a3d47695325441c8c06b4010270d41234315794e3b9185e2a6da9abb7c3dedbffe56ebdd32c6eca5021a2779c772207925fa433b41e5e49a4f9df029af0a3c53d13d775ff7cf008a33585c62fa8b7a6ee28c3ae7417d5993706d189b28a4c49b6a5cce394bcc623ae840b79cfd4dce5919bbba015651eaf22e4cdaa4b21c81b31b5d8aa02a17fe478d04c79dbe0b66352dda5d898261787aec56f9b277f1d608550b2cb0b8c7379be237a9bb3c5a5d71bc613669f44c751fd713749223b4752a539e42996ae3764a30a92848663982d36fe5697b838a62faf985f7c9473039cacb4d96880f441c414ca9a9ad6f4e6e5a277ccb0a6d1f214e244c0ba06f08cca8bb8d2329ea97aa9f88ea803e726273235d53147ba23b669da962b65130bdeaf353cf1646463e2e7d2300e20ac9c5bb8ca317d46baf39f6869e2284e3eb5268cbf5fb7bfdca291a4ac26287ea593138010970703d22a8814c82a0f621a3461542b4c703c482f265523c3d1776e4bf1dd32ea88ff939fd0ed3683bc7a0a7940a7c291f21f35b46285051b28ddaba471ffd5c88f68d3f45e085780c7c9780d9cc208ee1436733db603192f581f9af43c74bc43275f4f4bd04a12f658622dcf34eaefe70948d8ea4619ef6d5610ae8298b3e7f431018df4347621e425f49aacc04836ff060f5eacb31aef0ffbdb9d86dd0c829b071f1dc316bd34754e630d95f1f30dd202bae1f008877479bd1e532bf0593cf38406b7aa311df6ed600283504205e43d95c52cae31f8262ba68419169a62f2efbdc5621d5505c000ff661b6f2ad403a61fac1ae1a6163e29502ea5ef220ee72341b08fee2f4bc23245594692203dcd58006a391637042b7c3b11d2fe56958572e163e5507d40b2cd6f994b3d27e1c2a1986c1c026a310ee90b58f13c70e2f766c5a62d83fe078ee41db3de4f79af03bd3e7ee5c40cf14ddd46e7622fa48afadc9c884e48d6fd09eab90aa9d73de31a7936cc0c056f7ede1e6018370aa4d6869b871ebde789690ebd179142769dda69b09e43a30de8bd467e6df1d551102315ecd79e35663451e04eab235aaaf7526d3556129b814cc4d0bf00f228b36d0db9113891ffa9520608bbb2ef49aa8e9583212d1aa4ff0ed4189961f6662b8d88f43ad54dfdc2cdd19075984b071ca34717dc484ec9a3d169c05a9bc65af244dd4bc056c68e0d06886afed3672f32b9bdc7c965d059fa8817ca6a362c7f7dd466030eafba9def8001aa46d14e1db19d8bd286d755d7d8384f80b0fe1c2596e5e2234fe8535fab6ac41327273a0e27b93042af269258cf28aa3da762c356e1df8a461ab110a96de8c52b4d3f612bd383cfd77b08d4a774adfab0eb621756abb470dd9368ca5bece2a6028a987a9187a2776888aabcc3107c9e84279ac345b4667392e92962380116303e0e37d60f722319013a134adbeb794d81386e3617871fa3a59484955e6bcb5fcb39212ec16d9e5cf4b26a117c45b341735ecc5161e25e6689c422bb1ee96530b83e9e0c933663b4880a4a33fab0edace18c4125c1e42935d22eeb5601d05115ef1ecda96c4cf542af5e8b38c686947af2180d36831f8be6a14bc02d8a9b188ef52a7cc98cc173c8a3a8c3cc58cfe7a62d50dafa64a814906b905c49632cedf8407027097b507ae98842ec0334f5b1a8ed7355dd293026a053846fb670780afadc72f0a965772f9ce24674fa26d0720431565f126f72691932b8defe3524c560c82084ad547e8d7712760f84ccb61de18f0dd399a7126a99ee2e2ed840c117fb72a1eb6912cf637a20d1680f3634f2541d84f5aa05a40d1df59dc26193a2d883383a43080d557a2a2cdc5090aacdeaa97e3b516829763424e87bd117f905aeb1fe8af00ed80fbcc8271807c5b8f796bbbf2630735db35989a15f988faa2f02ddfb8cbf9bc0b936966b383186d74ea531d4e010e65cd95aae63e7e08ae2189c9d26a4f756d101a51f17de56751c997f21186710d2e50a5a77f378f6c19f26a1781bc59bd21717ef3c6ca3ef15ed4496be52ec46720bc03db6b9ef096a104b7e2c97c0da750fd2edfe69c964c9a1088fc56512af702749ed32ab920102d9b6e21c4b12946cd3fcfe4b901a0eb6d67d644621b63cba443a50b0b6fac95f20378a3118b647e1b15042ad4904c08797696b4592d575325ae259b984e1e2017d1efa2da15ce6117d8973d488fe7279d641ad996e9a4199b3c1c647cd95a6bc8d9d73fd2406a5e2efdbed9cbd93389428659432e9894e45b34e735fa1408a4fd6cf37c4c9f6fc3ff570dc6ab3b4aa746b136c941659b2d722e05cec3affcd9ff2a2ae606af61ed253fb264f60cdf96cc0955a0ffbf30669492f782ed33a89655e81da376fb663b41958ced2724dbce1828cc383046ceb5db6304dc16b57f9f0f64e6a75cd1085a2cef112ed053527cff0b4b66034a4f75d949bc99f3a39e6ff54c98784ffd1dc3c419b0280db6f6e59d2c15d0f6d260d0914f88d59ebfc5371d3b465b4c648cfb80abf23d8f3a30e0e44e1d077a46e836111e800a621a8bb40ff926447c8938edab97a8f4c0009dc18d1ef133b73f07f4583e6a2b68d67fca79e9ba275b9f34796083138d8bdcd1a7362ab8f030b07904d054a65cbcadc6b7955406116d4c4f2510526c8a431195fb084d9135549cf9101e3f29ec20886164e274396a4ce6961c02c9d1a79c88b90786ded4c1c9bbc5e484898100ecb31e5f2727f57489aebf1de68f5e79f46eb00326ce54d895d9039c16772e260321acd5700956acf1fb408bc16fcd6b8f9acded14f9b703f65de06e27c199f86c4f5c009e88d41ed153c0bd85f39aad16d80af0398c3eaafec10b4c1469c12f609c230fd70743978c508f814110434fa0dcb0240b67a72c8910cbacb883875edc80d0d1e49c30e78387ee393440fd67a6f96626c498f67c95a6803a61496ad2ade011cb5cfc3fb6e4e186d4342822232c09c1ec314f2e1c43bf6ad8bd068f1ffd3871c3abafcdc97b942f951ad47e7aec08b6402e2c085f3fc4a074d436ed04d86231acccf7ef6b4a23fd10e8b57c727c07afffc8fd4ed054f1ff31581e2e4d80f7f381e15d1da702341af3e143634cda1f3c61e6816a230d1d921b52cec4598efc12ad70194aa178059c02f4243dd962", 0x1000}, {&(0x7f0000001140)="86a7d297128d29b2b9c63e901a8c74cd173ee0bdb2574b06adda2690054ce62809f328d4dd01b9544f7c7688e1be6f5fd8562fb4a565fc4ce2a057e9543b6a3b38a44073de5b066be545ec59041f7bc088f10e03fe926af79bc9b158b12efdd0dc2f033331d3fdc882f1d9f00a45685c725c114579b26a445412727889a3c5aef772cd368844b11823bdfec1e3f240df2878aa7a80cfbaea84b0441f592d185611c8b6471063cb40b39bdee19578bdc539547084e877b24b0c7c2aad057623bfcabe2aa7ab5118564f52e1e549fbd228e98324a96f886b60b56cacba29519e2aab994e4d577b38ea48879f1ffaa0d7d2b5ec92", 0xf3}, {&(0x7f0000001240)="43a36ebe58086b24f71afa014e9f3d7115bb421d105e62c3b2ab68c0121f7da9a92b7c8a6eda18d393faabec00aa79783bd08f2fdb124323ab0d4ffe68b2829d1fa0e3aef66bf691c2952e2d2fc58ea90113c310c75b0a0010db448e", 0x5c}, {&(0x7f00000012c0)="1ee6c7dab2b07bf3d20d90ba3ff50561df0092b935c21ea70d2e9c58b14ed487f19083bc1d9ef0c91535a1e9b1070f0684ff7fae1642d214acb39db63b0a598718c6f328660c9e9e93174c47cfa5348a4b7b726e0b0e209f2afefcf341b03acfff9dff81b00285dafb9f815e2fd006", 0x6f}, {&(0x7f0000001340)="1495764fd88d164280bb0a740e8832254c7f71760eef0ae80478179f6769d9612967458ba9f29b1549d97863c9e2871053bfc7028c28b1e005ffbe4cd29c0fd018d95bc3316a9cd0c412e96d99c23a82fd71be908c6611c37ba8b69166107ddb024aabd8eed10c557558c99302de946c1d13f37cb5328085918eb92176cf14b9726ea8088468093f32af78cea7ca2babf53801ea29a9d3f49782172663bf98d1a08e1943cb0868a024ce9afda85cace5ae6c", 0xb2}, {&(0x7f0000001400)="6a8d36389081852bd64146e00033a580af39750ef81965ac7403d1e12005ff960e7fe8ec42f7aee8b58d83ab3815c010be1a549f3e56d3a3c7f543173c2063c04e9dfadb2cf675e10dcdc71ff05ba10dca435811de6f754ab896ad072608efd87c53c539f38841fd533a4a49097d33590030ea107c2392203723c4e5d9ab64e5d60bf226128fc0742dadc7c4ee9ea89705e5761a5a7042354a4f5bdd950309c8a78e5c9b823d9019ebda91d15052a4d988383aacfecd6001ef7cde916ef76502407036000ea617", 0xc7}, {&(0x7f0000000000)="7fb4a4b212775609533a7e219191d213b82730c7b073a9", 0x17}, {&(0x7f0000000080)="34fe180b19dfe6ed12485f4ced5c7e5c589436a40c69c44e2bfcf35c9e9c624c11ce457720987d75dd47f209ea169b8536f83308c9f5e2298f", 0x39}], 0x8, 0x0) [ 2001.564660] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2001.611445] CPU: 1 PID: 31749 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2001.618611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2001.627975] Call Trace: [ 2001.630584] dump_stack+0x172/0x1f0 [ 2001.634229] dump_header+0x10f/0xb6c [ 2001.637951] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2001.643065] ? ___ratelimit+0x60/0x595 [ 2001.646961] ? do_raw_spin_unlock+0x57/0x270 [ 2001.651383] oom_kill_process.cold+0x10/0x6f5 [ 2001.655893] ? task_will_free_mem+0x139/0x6e0 [ 2001.660413] out_of_memory+0x79a/0x1280 [ 2001.664398] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2001.669511] ? oom_killer_disable+0x280/0x280 [ 2001.674008] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2001.679122] mem_cgroup_out_of_memory+0x99/0xe0 [ 2001.683792] ? memcg_memory_event+0x40/0x40 [ 2001.688145] ? _raw_spin_unlock+0x2d/0x50 [ 2001.692296] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2001.697405] try_charge+0xfec/0x1570 [ 2001.701119] ? find_held_lock+0x35/0x130 [ 2001.705182] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2001.710026] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2001.714868] ? find_held_lock+0x35/0x130 [ 2001.718935] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2001.723787] memcg_kmem_charge_memcg+0x7c/0x130 [ 2001.728458] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2001.732961] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2001.737807] memcg_kmem_charge+0x13b/0x340 [ 2001.742053] __alloc_pages_nodemask+0x437/0x710 [ 2001.746728] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2001.751746] ? ___might_sleep+0x163/0x280 [ 2001.755899] ? copyin+0xb5/0x100 [ 2001.759289] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2001.764844] alloc_pages_current+0x107/0x210 [ 2001.769263] pipe_write+0xa65/0xfb0 [ 2001.772899] __vfs_write+0x613/0x8e0 [ 2001.776621] ? kernel_read+0x120/0x120 [ 2001.780516] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2001.786072] ? rw_verify_area+0x118/0x360 [ 2001.790224] vfs_write+0x20c/0x580 [ 2001.793764] ksys_write+0xea/0x1f0 [ 2001.797305] ? __ia32_sys_read+0xb0/0xb0 [ 2001.801374] ? do_syscall_64+0x26/0x610 [ 2001.805353] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2001.810718] ? do_syscall_64+0x26/0x610 [ 2001.814698] __x64_sys_write+0x73/0xb0 [ 2001.818589] do_syscall_64+0x103/0x610 [ 2001.822484] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2001.827669] RIP: 0033:0x457e39 [ 2001.830862] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2001.849762] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) r1 = dup3(r0, r0, 0x80000) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000140)) [ 2001.857471] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2001.864732] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2001.871994] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2001.879254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2001.886519] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2002.000061] memory: usage 307200kB, limit 307200kB, failcnt 1250 [ 2002.006574] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2002.018941] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2002.048964] Memory cgroup stats for /syz5: cache:23076KB rss:259496KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282524KB inactive_file:4KB active_file:0KB unevictable:0KB 16:42:52 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x105}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 2002.163844] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31746,uid=0 16:42:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x6f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2002.207581] Memory cgroup out of memory: Kill process 31746 (syz-executor5) score 1151 or sacrifice child [ 2002.236339] Killed process 31752 (syz-executor5) total-vm:72712kB, anon-rss:14968kB, file-rss:35748kB, shmem-rss:0kB [ 2002.305886] oom_reaper: reaped process 31752 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:40kB 16:42:52 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(0xffffffffffffffff) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x840, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000140)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000000080)=0xe8) ioctl$SIOCAX25DELUID(r1, 0x89e2, &(0x7f0000000240)={0x3, @default, r2}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:42:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x800000000000001) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x8000, 0x0) ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000140)={0x17, 0x8, &(0x7f0000000080)="e568c2c99074caac"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:42:52 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) write$binfmt_aout(r0, &(0x7f0000000080)={{0x10b, 0x79, 0x6, 0x32a, 0x4f, 0x5725d82f, 0x29c, 0x5}, "c3dff7641c6310688e893d8707c361636ae95072ca65fa85c60cf27a84ee2651266f152738259cce5a750189a12bd6da0b67cd2c4d5ec38f63a381015b9fd2e6c085a5ce53a2b5b9a16a11a4e8b49ec491ce79640958a24441b00dfe6adf741bb6f35155e28cfb6070063f8ca0641e171d98f618640e507e7e47be78ba64e694320cd437b80153e6602202", [[]]}, 0x1ab) 16:42:52 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2002.851160] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2002.923670] CPU: 1 PID: 31798 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2002.930835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2002.940182] Call Trace: [ 2002.942781] dump_stack+0x172/0x1f0 [ 2002.946424] dump_header+0x10f/0xb6c [ 2002.950146] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2002.955257] ? ___ratelimit+0x60/0x595 [ 2002.959154] ? do_raw_spin_unlock+0x57/0x270 [ 2002.963580] oom_kill_process.cold+0x10/0x6f5 [ 2002.968095] ? task_will_free_mem+0x139/0x6e0 16:42:52 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x106}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2002.972619] out_of_memory+0x79a/0x1280 [ 2002.976615] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2002.981744] ? oom_killer_disable+0x280/0x280 [ 2002.986257] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2002.986284] mem_cgroup_out_of_memory+0x99/0xe0 [ 2002.986301] ? memcg_memory_event+0x40/0x40 [ 2002.986333] ? _raw_spin_unlock+0x2d/0x50 [ 2002.996124] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2002.996140] try_charge+0xfec/0x1570 [ 2002.996155] ? find_held_lock+0x35/0x130 [ 2002.996177] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2002.996196] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2002.996211] ? find_held_lock+0x35/0x130 [ 2003.031246] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2003.036111] memcg_kmem_charge_memcg+0x7c/0x130 [ 2003.040791] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2003.045296] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2003.050154] memcg_kmem_charge+0x13b/0x340 [ 2003.054415] __alloc_pages_nodemask+0x437/0x710 [ 2003.059094] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2003.064120] ? ___might_sleep+0x163/0x280 [ 2003.068282] ? copyin+0xb5/0x100 [ 2003.071659] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2003.077205] alloc_pages_current+0x107/0x210 [ 2003.081627] pipe_write+0xa65/0xfb0 [ 2003.085272] __vfs_write+0x613/0x8e0 [ 2003.088989] ? kernel_read+0x120/0x120 [ 2003.092882] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2003.098450] ? rw_verify_area+0x118/0x360 [ 2003.102610] vfs_write+0x20c/0x580 [ 2003.106190] ksys_write+0xea/0x1f0 [ 2003.109755] ? __ia32_sys_read+0xb0/0xb0 [ 2003.113839] ? do_syscall_64+0x26/0x610 [ 2003.117819] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2003.123188] ? do_syscall_64+0x26/0x610 [ 2003.127170] __x64_sys_write+0x73/0xb0 [ 2003.131061] do_syscall_64+0x103/0x610 [ 2003.134953] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2003.140136] RIP: 0033:0x457e39 [ 2003.143337] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2003.162241] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:42:53 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x70}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2003.169947] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2003.177211] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2003.184477] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2003.191741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2003.199006] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:42:53 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) write$binfmt_aout(r0, &(0x7f0000000080)={{0x10b, 0x79, 0x6, 0x32a, 0x4f, 0x5725d82f, 0x29c, 0x5}, "c3dff7641c6310688e893d8707c361636ae95072ca65fa85c60cf27a84ee2651266f152738259cce5a750189a12bd6da0b67cd2c4d5ec38f63a381015b9fd2e6c085a5ce53a2b5b9a16a11a4e8b49ec491ce79640958a24441b00dfe6adf741bb6f35155e28cfb6070063f8ca0641e171d98f618640e507e7e47be78ba64e694320cd437b80153e6602202", [[]]}, 0x1ab) [ 2003.220929] memory: usage 307200kB, limit 307200kB, failcnt 1309 [ 2003.232996] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2003.250624] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2003.274486] Memory cgroup stats for /syz5: cache:23076KB rss:259512KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282532KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2003.314994] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31792,uid=0 [ 2003.331042] Memory cgroup out of memory: Kill process 31792 (syz-executor5) score 1152 or sacrifice child [ 2003.345119] Killed process 31792 (syz-executor5) total-vm:72844kB, anon-rss:14908kB, file-rss:34880kB, shmem-rss:0kB [ 2003.367169] oom_reaper: reaped process 31792 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:42:53 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) write$binfmt_aout(r0, &(0x7f0000000080)={{0x10b, 0x79, 0x6, 0x32a, 0x4f, 0x5725d82f, 0x29c, 0x5}, "c3dff7641c6310688e893d8707c361636ae95072ca65fa85c60cf27a84ee2651266f152738259cce5a750189a12bd6da0b67cd2c4d5ec38f63a381015b9fd2e6c085a5ce53a2b5b9a16a11a4e8b49ec491ce79640958a24441b00dfe6adf741bb6f35155e28cfb6070063f8ca0641e171d98f618640e507e7e47be78ba64e694320cd437b80153e6602202", [[]]}, 0x1ab) 16:42:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:42:53 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x71}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:53 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:42:53 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x107}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:42:53 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) [ 2003.966504] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2003.993011] CPU: 1 PID: 31842 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2004.000153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2004.009500] Call Trace: [ 2004.012099] dump_stack+0x172/0x1f0 [ 2004.015743] dump_header+0x10f/0xb6c [ 2004.019472] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2004.024584] ? ___ratelimit+0x60/0x595 [ 2004.028473] ? do_raw_spin_unlock+0x57/0x270 [ 2004.032924] oom_kill_process.cold+0x10/0x6f5 [ 2004.037426] ? task_will_free_mem+0x139/0x6e0 [ 2004.041937] out_of_memory+0x79a/0x1280 [ 2004.045922] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2004.051031] ? oom_killer_disable+0x280/0x280 [ 2004.055526] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2004.060647] mem_cgroup_out_of_memory+0x99/0xe0 [ 2004.065339] ? memcg_memory_event+0x40/0x40 [ 2004.069675] ? _raw_spin_unlock+0x2d/0x50 [ 2004.073827] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2004.078946] try_charge+0xfec/0x1570 [ 2004.082666] ? find_held_lock+0x35/0x130 [ 2004.086742] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2004.091595] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2004.096459] ? find_held_lock+0x35/0x130 [ 2004.100538] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2004.105409] memcg_kmem_charge_memcg+0x7c/0x130 [ 2004.110094] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2004.114614] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2004.119476] memcg_kmem_charge+0x13b/0x340 [ 2004.123727] __alloc_pages_nodemask+0x437/0x710 [ 2004.128414] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2004.133456] ? ___might_sleep+0x163/0x280 [ 2004.137618] ? copyin+0xb5/0x100 [ 2004.137638] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2004.137661] alloc_pages_current+0x107/0x210 [ 2004.137681] pipe_write+0xa65/0xfb0 [ 2004.146612] __vfs_write+0x613/0x8e0 [ 2004.146630] ? kernel_read+0x120/0x120 [ 2004.146645] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2004.146671] ? rw_verify_area+0x118/0x360 [ 2004.171951] vfs_write+0x20c/0x580 [ 2004.175505] ksys_write+0xea/0x1f0 [ 2004.179045] ? __ia32_sys_read+0xb0/0xb0 [ 2004.183126] ? do_syscall_64+0x26/0x610 [ 2004.187085] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2004.192439] ? do_syscall_64+0x26/0x610 [ 2004.196451] __x64_sys_write+0x73/0xb0 [ 2004.200357] do_syscall_64+0x103/0x610 [ 2004.204246] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2004.209428] RIP: 0033:0x457e39 [ 2004.212615] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2004.231499] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2004.239191] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2004.246443] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2004.253703] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2004.260968] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2004.268224] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2004.282135] memory: usage 307200kB, limit 307200kB, failcnt 1381 [ 2004.288487] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2004.295341] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2004.301632] Memory cgroup stats for /syz5: cache:23076KB rss:259504KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282524KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2004.324158] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31838,uid=0 [ 2004.338841] Memory cgroup out of memory: Kill process 31838 (syz-executor5) score 1152 or sacrifice child [ 2004.348794] Killed process 31838 (syz-executor5) total-vm:72712kB, anon-rss:14904kB, file-rss:34880kB, shmem-rss:4kB [ 2004.366358] oom_reaper: reaped process 31838 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:4kB [ 2004.668187] Bluetooth: hci0: command 0x1003 tx timeout [ 2004.673616] Bluetooth: hci0: sending frame failed (-49) [ 2005.468308] Bluetooth: hci1: command 0x1003 tx timeout [ 2005.473736] Bluetooth: hci1: sending frame failed (-49) [ 2006.748382] Bluetooth: hci0: command 0x1001 tx timeout [ 2006.753860] Bluetooth: hci0: sending frame failed (-49) [ 2007.548302] Bluetooth: hci1: command 0x1001 tx timeout [ 2007.553723] Bluetooth: hci1: sending frame failed (-49) [ 2008.828233] Bluetooth: hci0: command 0x1009 tx timeout [ 2009.628235] Bluetooth: hci1: command 0x1009 tx timeout 16:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8, 0x101000) ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000140)={0x3, 0xa, 0x5, "c9da50a546d6faa0589d56ba10787270f9728e6a3e7ba73f3a28360f52f8cbf32ea1a32b9182f3f81b107a243623a297da469bdd57aca3d5c65db0d8", 0xa, "ebc568f311bb15a4d0230c8cb5906859fd24896fa8293f586f031c826751d2987b06a550a47e1c0acfa81f016b4f96dc110add8bb7de44a0f6e8b7d9", 0x8}) 16:43:03 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:03 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:43:03 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x72}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:03 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x108}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:03 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') 16:43:03 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:03 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) 16:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) 16:43:03 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) unshare(0x8020400) 16:43:03 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) preadv(r0, &(0x7f0000000480), 0x1000000000000160, 0x38) [ 2013.894564] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2013.923130] CPU: 1 PID: 31876 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2013.930256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2013.939606] Call Trace: [ 2013.942203] dump_stack+0x172/0x1f0 [ 2013.945845] dump_header+0x10f/0xb6c [ 2013.949572] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2013.954684] ? ___ratelimit+0x60/0x595 [ 2013.958581] ? do_raw_spin_unlock+0x57/0x270 [ 2013.963001] oom_kill_process.cold+0x10/0x6f5 [ 2013.967510] ? task_will_free_mem+0x139/0x6e0 [ 2013.972031] out_of_memory+0x79a/0x1280 [ 2013.976050] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2013.981182] ? oom_killer_disable+0x280/0x280 [ 2013.985683] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2013.990827] mem_cgroup_out_of_memory+0x99/0xe0 [ 2013.995511] ? memcg_memory_event+0x40/0x40 [ 2013.999841] ? _raw_spin_unlock+0x2d/0x50 [ 2014.003991] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2014.009099] try_charge+0xfec/0x1570 [ 2014.012827] ? find_held_lock+0x35/0x130 [ 2014.016894] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2014.021744] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2014.026587] ? find_held_lock+0x35/0x130 [ 2014.030649] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2014.035504] memcg_kmem_charge_memcg+0x7c/0x130 [ 2014.040185] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2014.044680] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2014.049521] memcg_kmem_charge+0x13b/0x340 [ 2014.053790] __alloc_pages_nodemask+0x437/0x710 [ 2014.058466] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2014.063487] ? ___might_sleep+0x163/0x280 [ 2014.067633] ? copyin+0xb5/0x100 [ 2014.071003] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2014.076547] alloc_pages_current+0x107/0x210 [ 2014.080961] pipe_write+0xa65/0xfb0 [ 2014.084601] __vfs_write+0x613/0x8e0 [ 2014.088317] ? kernel_read+0x120/0x120 [ 2014.092212] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2014.097776] ? rw_verify_area+0x118/0x360 [ 2014.101925] vfs_write+0x20c/0x580 [ 2014.105483] ksys_write+0xea/0x1f0 [ 2014.109021] ? __ia32_sys_read+0xb0/0xb0 [ 2014.113085] ? do_syscall_64+0x26/0x610 [ 2014.117059] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2014.122420] ? do_syscall_64+0x26/0x610 [ 2014.126402] __x64_sys_write+0x73/0xb0 [ 2014.130291] do_syscall_64+0x103/0x610 [ 2014.134178] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2014.139380] RIP: 0033:0x457e39 [ 2014.142576] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2014.161476] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2014.169180] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2014.176445] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2014.183706] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2014.190971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2014.198234] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2014.210073] memory: usage 307200kB, limit 307200kB, failcnt 1447 16:43:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) socket$inet_tcp(0x2, 0x1, 0x0) [ 2014.248628] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 16:43:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x73}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2014.320298] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2014.333812] Memory cgroup stats for /syz5: cache:23076KB rss:259628KB rss_huge:247808KB shmem:23076KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282716KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2014.417419] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31865,uid=0 [ 2014.454052] Memory cgroup out of memory: Kill process 31865 (syz-executor5) score 1153 or sacrifice child 16:43:04 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:04 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) unshare(0x8020400) 16:43:04 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e23, @broadcast}, {0x6, @local}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 'team_slave_0\x00'}) 16:43:04 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x109}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x4, 0x4}]}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x28000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000004040)={'nr0\x00', 0x0}) bind$xdp(r1, &(0x7f00000040c0)={0x2c, 0x5, r2, 0x1e}, 0x10) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000180)={@local, @empty, @dev={0xfe, 0x80, [], 0x1d}, 0xffffffffffffffff, 0x6, 0x1384a62c, 0x100, 0x1a, 0x40, r2}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x103ff, 0x3, 0x5000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KDADDIO(r0, 0x400455c8, 0x4000000002) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000240)={0x8, 0x20000000000000, 0x202, 0x2, 0x7fffffff, 0x3, 0x3, 0x1, 0x0}, &(0x7f0000000280)=0x20) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000002c0)={r3, 0x1000, "a5314f56461991f4fd760a3deb25b8fe8787a1beb7bbe4814f0a3ef2becab1a30f92bce61c08a47fe8937a6d86345131fb8715a14d85d9ea57267c0fd9e1f9fda150c33441269652f128dd47ef6dbe9ecdb85b0b67afeb3d6be81763c90d40adbb26a59360219eee0c7827176ca72f4ff5207734962a6571e7398ab31e1c33febd50a6786fcd3c30fea7e040c7d698dba8f1def27b7d886504fbb848b14989b43175613897c335f19307ed9eccbb1e0c16786ee45984686597928172f666063b679c1236664decc95e32c37e8d1f82cb8fa89a2f73220c9b968a99b2e7c2effdeb6e8b6cbb6941d95480c1902c346009cf2f5a7cc1d675eeda6ed9c458eabf5d9a56eac8c7e92891b0cc544848fd2e0439683969c6dc3ad50244cc895f5898f3498bc0bda62153190d6ccd6488c7a84c39d62efed350b49ba338ae9f772ecaa2c7ea6afdea341f840329b9dc8572bd563b51f69facb7d356791e185e68dd17ec17f87b97504fc9945f5ebd5ea651e86045bbaa579e1aa3a8f853237026e6e72fb1d14eea5eb5ae38994ef8caa26b89a9e44dba6fd3d720c0f848a88713b05d0d763e2a8891b55e773aaa6cdbe43b020e71d0352f402b9f1ea28912d1fe9af6682d8ca2abaa94ecafb46b3a39167856b6a9f96e393843f2b68560b57977175db16e81e699ba586672c8229b38ce864df0aa67839ac840ce9e7675ef7d16db73e304c99d1be3ad9301104639092ba031f943406efc2850ee17d95d0646ee69658ccd7e9a44a1b8daaceba80728afd169894a9f5ea1f991f73be4759a9b68aa87652c7094b3f79ac2440a693d63e005c6d99d3bb504c79c91ae0c2fc1f6d6ffc063878aa83db93dabd1cd845c038420db9e74b8b7335335d0199f9d507c2957f4f8f302a1c66042998b3b73c0aaa47717e3b6c6729b6f38a0065e155dd2ab9b692bfaa881fc966a2a11e8d59097f4d14e2bc5d24a92377df3c960520d35e824e8be3516639551de19ab97caa07e792de9ec89a5c038d61006d4e93f1f5956497713074f72de067474f15e66a07d4f10f205a24c73611743be6a6d806b4c81583a7e650c9f1a5dfe3262a56313bb3834e78a5c72adf79f4b122a9492b82f7031dc98965576d44914194d4a9cdc93667134f43467ad0d67ad547136845aeeeb9ece54f8d60b1a0a3a6b4bbba606c7cfc8b3579486ec56896d899cb2e32d964d9f63602f87037dedef2e427a60780af30403facbc1f46e1af312ad16990dbb5b1c14252a34765d54a64fde866d01d844d2a42ece2100751715de3cc4e91338d86f19dfcd20c45dd08ebda42f17f2e34469f1a47df0472db36ac0a3300134f8750cbe662441699ae1011252271eb0b386d1842e7adf6e02b0f48712ffba3ac665605c9abdd78f1fee85489f23e109c1c5e0f35c61c1bf45b626346c3906edb32dad1d6943cdd4051675bbf814da5b4f888466ac4e9b3ce046fc1dd5ebb83412552f9d1516fe1e588b8cfbc796cfcccfa8c6e88592048eae183ccb9fadff1653abc422a2751a016865cd1f1c93d2bd2974388e79bc7b70d45ad9d9e1c0aa241da243acb82032a2d0031c6f9ae3eced58367f99a6a19d842ccddc07079f80a767745890d17865069527f5a0fd561dc2bc8dc5a65fc488d670ef4be2345421086a82cb37d19f63d4f80fd959e8a6014df33e9f49b71a83248bfa613dc9d4f10dc8e204cc792f252e006b5e3b8e278c04b91951ab321edb75bcd0b21ab2ef779bd90b7bc977311ca5cf454980c286bf65df3e7c4413613073fe588f8ba6b480b3b55d2f0bed04e2bd55b0e0381c42c99de2857cd9e33b8d5f0c82093e1c4a210f447471429bc3b2318dbe60a8b49f8c37ad3f3f1b26bad736f5689161e406b528221920daefd404e394238c2d29054d7c66649dc9c5efe97c18ac23388d9dff1f3f81afb6f4865b96cdd28d3b7f44d4665d528acd082ace29421b1647032c9c1c5d8a121830fc1772ce41e62a51a37b140ed8a94dc53826726d437b66d682b10cad5b5b1a9e35cfa3e1aa5a979dda5ae8d7323622cc578cb95e6599760ccbd3979b93a2ff783e1e00127b28a3b72a4cfc00cde6fe973a249448f47e0c5228354860d52e76d5669539c9632090a11ff150dfabafa997993191bde4238644ac99f83e4f575b1234258d448d1533bbbea764f81e4fd388de4b1071c07184691e76c212ee43e2fd25a528400d945c663afbd59615f9a0bd7b31b4e1824572a76eda539c0e9cdad9fe49f7257ab13184c61077ee030c7c3bb1944a9abb57f8672ff301a91482070d93c4ee928e671c4c67f94ea7c3e85b058fc33cdccaef62273778e6bb8cef9fe4064926b5ce16ddddd3f86bc4247297ab358ac68b0a0c86d751bacfbfd2fb4bc2df3a8ed83b6298faa93fda81e5e9d5d61aa6a3feba833b5748ff778a1adeee43fffa5cbc7ad43359f8b92ccd1a2d48a116c24bcdef832f4338d1b370595eb777fc40babc3d947c6270eaf2d5267c8d3a5e3d0528154554e5c2275bd3abe38049fa6e29a1963e0b2c46f98c37dd980f769558b187a5cade07adcb7046fdeac803ae0c4c7bcffbffacf62230dc63997500d89a61f9f228464bded6d5e012de71d1d92100fa2b0208f867d4ba911852b03b0972484fb40658e6057ac6d41d0ef9801d6ee9fa7af4743a30cdd58625ed65439bf2d0709ccd83666e773dc31806831fb7c050fa3c73a302b46e2626fba8165abb3d3e8f4730fae493fb1b84e4fe616baf181fe91738368c25cd20345c9cc13bab5c533bfb73f035f9c87e5b319cde5c32b073758bf6027f2cae5cca15e8e61911293c77d2c2d85ff51416b6e0335d45b889908db419d4d3bf4cdf8c19a623f09e6faefd37a46bfe137d984e31401bc309011eb082ace32f40aaff8d09ceafd8d5b4cc8f3a0d4ad700de951fd9dd114d95966b2caf49820954a9cc3d2dfc820328425440fadc4e27e13e83060ada6fdc961264c51983c9663c2fb5818fbb760a026adee51db147b5915f120ae97464e46096b6d564e8c2168d6972e523f197d7cc2ee0a96bff5d92b1f3dfc4c907ea8ae8c332de05f933be61430e52bcb8c3ff506ca2d240af1a12dc070b35c3d58214a3b263b94178b4c1f50aea1e9060391200f9b2db41109f657f267734b664aa54ff9aefe1a217bf572f486f42438da16e1f6e8d3e65ed1e3af8126ae9b9b5cced6338de0b8eb0a0ab5861d83a2877de92d07f149b993bf1258d8f0bb2876568032b2d47e960d09e143eeefe7e3807163569adffd934bd042c2eb8351a6bf811aed2317147646e6642902cacaf4d227e2810e1645bb0df8dbada071a259ce5747f43e2fe92d5763fbe12d413a9829714cd199b3a790b6d698c8e98026064100571792c0c752329de8daf1e97efa2f8eafa3d121e5ca043f06fe2fdb070cfecf445e318aab0a56bab53b5e2cf435d3f08c3254abd25064c441294372320312d899c205166cdd549a782e69798238773108b86ec0117c0995eba3bbbde072d8ae15781e9f32dcfb64bd03355ac9d211ca74546cf0a8bae267e2ecf6c0b8748c7ac592e6f69cab108efd2a81e396592cf0f872aa1c7253b899433a773e5bd398ae38eabef692cd3d0c716f3adc3684e49a0145f7e68435d500698dcbd49301a166349e6dd238bcf373d30db8b824a02521222d70ea944093cce5c57a7e28ce3aa6737b1a16e197484b24d07ba9434cbc0d612eef2e036374075533bab2245ea9e5b1ece374bbd26ee9da9368d250c2f14e9da2545bb47826d01de6b443d70cdb4468091a93fcda5234c4419ae3bde6c52ef1d883859a48cf3928d9239e8d91ecc1b9fd6890fd6a9d0b381414ab8b3dca7388c07fe37847f1cfe39e2f9a18297ec5871223cc2660082afec24aea002f8c461ad8661935f2d2d49fdc3131976a50ca78f0979ae1084e2e5e071ddbfc7400cc6fdc6d142a979cc1bccdab353fc3a14e4b23a8d5b099ef04a893e9192761e739ce3875dcbaa3c7336473d6be17accf89ea0ae4f5f0b5b1da835e04cff8dbdbc8482b7741b8878ee71354346743bffce3f755bb61a37f4aae826be30e20a03c23c37b6c63d085465aa3fdc136c1c9a34c4013f36db4007d655b3413a295a4c00d4c4ccce10807b2b1bcb616ca8910440c3bc0b968d1fb5e8b0910b17f48b924bdc5761f504efac33dd274c33d3d8c3e1d132ff87cb2e1acbb2a562a5e26a71329a353a11031b44125c411943ab1dc3e118b2b913735aae5daaad5779e9447b82e79583409862aaf0f191e9d41e70eeed0a45c6301139cad880ffdf925677b5aed0ccd9c69fb55dc9f4791794fdf0f5caa8e64f2d9e18f3214e026373d7db704ba06a9e3ca51ba2fdaa85451d99bf00ffcb1ecd7b8b9a618843699ce9090297743ee46fb9da0e31da4b77a2ebd348556a15b3f2213ecd9068c11a547dab070b0e566a1722dc55c089de909aa4ed1b94e751e7271ff211d81b7c9eeda07bbb653b49247fa77a39900d6e31718b6a4371af4abaa1ef59e0b7b95cf756e3b6abe317639acab4da965c83450739eda4d835fa828ef9cf0f78735f80e5e1e0689f9899f3c025e0be036f901fee5084ebcc08cc51696c86ce290ae1bb93cf3f50da31acbb3df7745af5c8af3c15f295e9b6f8c102783ec20e3e85f7340b3f25b28bc3dd0a927e1fd49e2d5d651238c76c7444d14da655e99c4885104b36c4cf47d9972e57afe586b11e35f15a30fb05f56fc8c8bdc2a761a3a59d51e9ce33e61f928462ad518061dbb8c7aa86077cb660ae0f3e03475e1eca5ff116babc5461b314541b67db8435cab899ac359bcea87ae61befc190f7722c7a460a131c222d1a0b8f31cad945f3ca2f840e63b90ace1a48b303dbf873dfb3d55638434e7d711928fff532012fbd77d2cf28ee9f3dcb1eb67a238cbe51e5ecce4145aa03381bf8a79a7232395436d763de1e9e5cf84efc02d35c9b33f60020c5d9c44360287adf37cddc911d387d064a5525ac1cff77d0551bf469c7d4849410de7941472de6207c01d419636e42b1bb72631e813e13fd766c94100a1a4a4eef6ae003c7b81b32dea7de0688b75904e15ae251647a6fec0bbab0e010c358e05f7bdf9fb1a9e44970f1af5e400340c34d968fe3d2a351570e7f8ea87381919aa69148aa659ad32e165cdf0bdd0dfdd32729e690d1505252a8defd02b708234dbdd9e8ae980ea583ea32bb5a60cd9d8ece78f08f5839bbec1b0b5a509855d18d2cb7c87700a313d1b2bcf1e84bb24eeee4b0a1b0e53a51ba6e9315a825226d8a083b9042431ce8d22ac5d08da3e12d3aac571fd545a725378d8feb5a5a594647af7f5abd8cfd7409623d1d801adb703ab1d347f5b5ec93bd50e71797320c915ebd03b11c0300b622b46c7e8f337cae1bf19324807a34d1be5577846312327dbb251bf2480061a7b395105f5435ead84dbd7f89ce544ca4e83babf948730e86820ec2167620a4ca491eb876eed8851d4ea80fb7f59147939b4132f4289c03127f4944cb9a23f856dd1aec8a2126935630c803f75be22d074872e7aa8561c6aa455937741c55a1982bead735ade73dba4182af3419aa9e04154bb3ef7e02c170432b2061bfc33f594d717db8abd0f9308a55d73ecff3b603c1e0f0c03946697caddffb6a5d0447ed650e8afbf12d5aed2524b4702c10eb97cfee19876185150da880b66a3bf772c231c7be5ac5a04d2375ccbee213c75a18bcbd661815f3fa8e4690ea1696732605bcbd461a19c6ef83642de6f25159cf1f6d9dd8f83de1"}, &(0x7f0000001300)=0x1008) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2014.494272] Killed process 31876 (syz-executor5) total-vm:72712kB, anon-rss:15232kB, file-rss:35816kB, shmem-rss:0kB [ 2014.575623] oom_reaper: reaped process 31876 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 16:43:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x74}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:04 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) unshare(0x8020400) 16:43:04 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00') 16:43:04 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$nfc_llcp(r0, &(0x7f0000000140)={0x27, 0x0, 0x1, 0x2, 0x7f, 0x607, "3d1780f115d0d7346f337698741f6513213ec25d192d2c2150fe237767109d164b5796dfb5cef1ad634cd937f5cc49affd953b70e1459aa806bf14fd60e6ef", 0x3}, 0x60) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f00000000c0)=0x80000000, 0x4) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf) ioctl$SIOCAX25GETINFO(r1, 0x89ed, &(0x7f00000001c0)) ioctl$KDADDIO(r2, 0x400455c8, 0x2) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)) 16:43:04 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x75}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:04 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) [ 2015.045975] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2015.078333] CPU: 1 PID: 31930 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2015.085480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2015.094828] Call Trace: [ 2015.097428] dump_stack+0x172/0x1f0 [ 2015.101070] dump_header+0x10f/0xb6c [ 2015.104795] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2015.109905] ? ___ratelimit+0x60/0x595 [ 2015.113801] ? do_raw_spin_unlock+0x57/0x270 [ 2015.118220] oom_kill_process.cold+0x10/0x6f5 [ 2015.122727] ? task_will_free_mem+0x139/0x6e0 [ 2015.127234] out_of_memory+0x79a/0x1280 [ 2015.131217] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2015.136335] ? oom_killer_disable+0x280/0x280 [ 2015.140839] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2015.145964] mem_cgroup_out_of_memory+0x99/0xe0 [ 2015.150645] ? memcg_memory_event+0x40/0x40 [ 2015.155019] ? _raw_spin_unlock+0x2d/0x50 [ 2015.159204] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2015.164378] try_charge+0xfec/0x1570 [ 2015.168109] ? find_held_lock+0x35/0x130 [ 2015.172182] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2015.177027] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2015.181868] ? find_held_lock+0x35/0x130 [ 2015.185942] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2015.190796] memcg_kmem_charge_memcg+0x7c/0x130 [ 2015.195467] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2015.199970] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2015.204831] memcg_kmem_charge+0x13b/0x340 [ 2015.209093] __alloc_pages_nodemask+0x437/0x710 [ 2015.213770] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2015.218793] ? ___might_sleep+0x163/0x280 [ 2015.222964] ? copyin+0xb5/0x100 [ 2015.226358] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2015.231905] alloc_pages_current+0x107/0x210 [ 2015.236341] pipe_write+0xa65/0xfb0 [ 2015.239988] __vfs_write+0x613/0x8e0 [ 2015.243709] ? kernel_read+0x120/0x120 [ 2015.247599] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2015.247629] ? rw_verify_area+0x118/0x360 [ 2015.257293] vfs_write+0x20c/0x580 [ 2015.257314] ksys_write+0xea/0x1f0 [ 2015.257343] ? __ia32_sys_read+0xb0/0xb0 [ 2015.257363] ? do_syscall_64+0x26/0x610 [ 2015.257382] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2015.277831] ? do_syscall_64+0x26/0x610 [ 2015.281828] __x64_sys_write+0x73/0xb0 [ 2015.285819] do_syscall_64+0x103/0x610 [ 2015.289724] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2015.294935] RIP: 0033:0x457e39 [ 2015.298127] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2015.317028] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2015.324735] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2015.332004] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2015.339286] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2015.346548] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2015.353816] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2015.376872] memory: usage 307200kB, limit 307200kB, failcnt 1547 [ 2015.383231] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2015.390133] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2015.396989] Memory cgroup stats for /syz5: cache:23076KB rss:259516KB rss_huge:247808KB shmem:23076KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:282652KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2015.424495] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31926,uid=0 16:43:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x76}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:05 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:05 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:05 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x10a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2015.439220] Memory cgroup out of memory: Kill process 31926 (syz-executor5) score 1152 or sacrifice child [ 2015.455157] Killed process 31926 (syz-executor5) total-vm:72712kB, anon-rss:15172kB, file-rss:34816kB, shmem-rss:0kB [ 2015.474796] oom_reaper: reaped process 31926 (syz-executor5), now anon-rss:0kB, file-rss:34776kB, shmem-rss:0kB 16:43:05 executing program 3: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x400000, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000180)=@generic={0x3, 0x4, 0x8001}) r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x100, 0x10000) ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000140)=0x20001) fchdir(r2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)) 16:43:05 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = getgid() setgid(r1) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:05 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) unshare(0x8020400) 16:43:05 executing program 1: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:05 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x10b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2016.045762] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2016.089224] CPU: 0 PID: 31994 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2016.096371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2016.105731] Call Trace: [ 2016.108339] dump_stack+0x172/0x1f0 [ 2016.111993] dump_header+0x10f/0xb6c [ 2016.115750] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2016.120870] ? ___ratelimit+0x60/0x595 [ 2016.124758] ? do_raw_spin_unlock+0x57/0x270 [ 2016.129191] oom_kill_process.cold+0x10/0x6f5 [ 2016.133692] ? task_will_free_mem+0x139/0x6e0 [ 2016.138195] out_of_memory+0x79a/0x1280 [ 2016.142175] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2016.147279] ? oom_killer_disable+0x280/0x280 [ 2016.151777] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2016.156891] mem_cgroup_out_of_memory+0x99/0xe0 [ 2016.161567] ? memcg_memory_event+0x40/0x40 [ 2016.165901] ? _raw_spin_unlock+0x2d/0x50 [ 2016.170051] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2016.175173] try_charge+0xfec/0x1570 [ 2016.178888] ? find_held_lock+0x35/0x130 [ 2016.183003] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2016.187845] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2016.192718] ? find_held_lock+0x35/0x130 [ 2016.196879] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2016.201735] memcg_kmem_charge_memcg+0x7c/0x130 [ 2016.206402] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2016.210905] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2016.215750] memcg_kmem_charge+0x13b/0x340 [ 2016.219988] __alloc_pages_nodemask+0x437/0x710 [ 2016.224660] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2016.229677] ? ___might_sleep+0x163/0x280 [ 2016.233827] ? copyin+0xb5/0x100 [ 2016.237192] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2016.242765] alloc_pages_current+0x107/0x210 [ 2016.247181] pipe_write+0xa65/0xfb0 [ 2016.250821] __vfs_write+0x613/0x8e0 [ 2016.254539] ? kernel_read+0x120/0x120 [ 2016.258429] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2016.263998] ? rw_verify_area+0x118/0x360 [ 2016.268165] vfs_write+0x20c/0x580 [ 2016.271707] ksys_write+0xea/0x1f0 [ 2016.275259] ? __ia32_sys_read+0xb0/0xb0 [ 2016.279335] ? do_syscall_64+0x26/0x610 [ 2016.283307] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2016.288672] ? do_syscall_64+0x26/0x610 [ 2016.292661] __x64_sys_write+0x73/0xb0 [ 2016.296565] do_syscall_64+0x103/0x610 [ 2016.300458] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2016.305647] RIP: 0033:0x457e39 [ 2016.308838] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2016.327735] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2016.335440] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2016.342720] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2016.349995] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2016.357274] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2016.364541] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2016.401250] memory: usage 307200kB, limit 307200kB, failcnt 1603 [ 2016.407587] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2016.421631] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2016.427899] Memory cgroup stats for /syz5: cache:23076KB rss:259644KB rss_huge:247808KB shmem:23076KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:282660KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2016.453466] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=31980,uid=0 [ 2016.468585] Memory cgroup out of memory: Kill process 31980 (syz-executor5) score 1153 or sacrifice child [ 2016.478771] Killed process 31994 (syz-executor5) total-vm:72844kB, anon-rss:15240kB, file-rss:35820kB, shmem-rss:0kB 16:43:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:06 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) unshare(0x8020400) 16:43:06 executing program 1: unshare(0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8, 0x1) ioctl$BLKALIGNOFF(r1, 0x127a, &(0x7f0000000080)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$UI_DEV_DESTROY(r1, 0x5502) 16:43:06 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x77}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:06 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x10c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2016.494950] oom_reaper: reaped process 31994 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB 16:43:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:06 executing program 1: unshare(0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:06 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) unshare(0x8020000) unshare(0x8020400) 16:43:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x2080, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:06 executing program 1: unshare(0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:06 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x78}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x40, 0x6, 0xff, 0x0, 0x9, 0x7fffffff, 0x4, 0x0, 0x400, 0x0, 0x4, 0x5}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:06 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:06 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x10d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2017.009170] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2017.085031] CPU: 1 PID: 32048 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2017.092173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2017.101540] Call Trace: [ 2017.104164] dump_stack+0x172/0x1f0 [ 2017.107812] dump_header+0x10f/0xb6c [ 2017.111540] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2017.116646] ? ___ratelimit+0x60/0x595 [ 2017.120544] ? do_raw_spin_unlock+0x57/0x270 [ 2017.124966] oom_kill_process.cold+0x10/0x6f5 [ 2017.129473] ? task_will_free_mem+0x139/0x6e0 [ 2017.133975] out_of_memory+0x79a/0x1280 [ 2017.137974] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2017.143086] ? oom_killer_disable+0x280/0x280 [ 2017.147582] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2017.152695] mem_cgroup_out_of_memory+0x99/0xe0 [ 2017.157372] ? memcg_memory_event+0x40/0x40 [ 2017.161710] ? _raw_spin_unlock+0x2d/0x50 [ 2017.165864] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2017.170983] try_charge+0xfec/0x1570 [ 2017.174732] ? find_held_lock+0x35/0x130 [ 2017.178800] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2017.183664] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2017.188523] ? find_held_lock+0x35/0x130 [ 2017.192590] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2017.197449] memcg_kmem_charge_memcg+0x7c/0x130 [ 2017.202127] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2017.206637] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2017.211489] memcg_kmem_charge+0x13b/0x340 [ 2017.215737] __alloc_pages_nodemask+0x437/0x710 [ 2017.220419] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2017.225442] ? ___might_sleep+0x163/0x280 [ 2017.229607] ? copyin+0xb5/0x100 [ 2017.232980] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2017.238530] alloc_pages_current+0x107/0x210 [ 2017.242953] pipe_write+0xa65/0xfb0 [ 2017.246600] __vfs_write+0x613/0x8e0 [ 2017.250321] ? kernel_read+0x120/0x120 [ 2017.254244] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2017.259818] ? rw_verify_area+0x118/0x360 [ 2017.263972] vfs_write+0x20c/0x580 [ 2017.267533] ksys_write+0xea/0x1f0 [ 2017.271101] ? __ia32_sys_read+0xb0/0xb0 [ 2017.275170] ? do_syscall_64+0x26/0x610 [ 2017.279151] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2017.284517] ? do_syscall_64+0x26/0x610 [ 2017.288499] __x64_sys_write+0x73/0xb0 [ 2017.292400] do_syscall_64+0x103/0x610 [ 2017.296303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2017.301498] RIP: 0033:0x457e39 [ 2017.304689] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2017.323586] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2017.331307] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2017.338620] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2017.345883] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2017.353148] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2017.360408] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2017.376744] memory: usage 307200kB, limit 307200kB, failcnt 1694 [ 2017.384775] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2017.400976] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2017.407192] Memory cgroup stats for /syz5: cache:23076KB rss:259316KB rss_huge:247808KB shmem:23076KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:282388KB inactive_file:0KB active_file:0KB unevictable:0KB 16:43:07 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:07 executing program 1: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x0) [ 2017.435400] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=29518,uid=0 [ 2017.462723] Memory cgroup out of memory: Kill process 29518 (syz-executor5) score 1133 or sacrifice child 16:43:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000000)={0x2, 0x5, 0xfffffffffffffffc}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000140)=0x11, 0x4) [ 2017.505776] Killed process 29518 (syz-executor5) total-vm:72448kB, anon-rss:8336kB, file-rss:35800kB, shmem-rss:0kB 16:43:07 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, 0x0, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:07 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x10e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:07 executing program 1: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x0) 16:43:07 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:07 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x79}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x200000, 0x0) setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000080)=0x7, 0x4) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:07 executing program 1: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x0) 16:43:07 executing program 0: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:07 executing program 1: r0 = socket$packet(0x11, 0x40800000000003, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendto$inet6(r0, &(0x7f00000000c0)="030300000300600000000000fff5", 0xe, 0x0, 0x0, 0x0) 16:43:07 executing program 0: unshare(0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000080)={0x0, 0x200}) [ 2018.057180] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2018.098594] CPU: 0 PID: 32091 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2018.105774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2018.115134] Call Trace: [ 2018.117730] dump_stack+0x172/0x1f0 [ 2018.121378] dump_header+0x10f/0xb6c [ 2018.125114] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2018.130224] ? ___ratelimit+0x60/0x595 [ 2018.134120] ? do_raw_spin_unlock+0x57/0x270 [ 2018.138541] oom_kill_process.cold+0x10/0x6f5 [ 2018.143046] ? task_will_free_mem+0x139/0x6e0 [ 2018.147554] out_of_memory+0x79a/0x1280 [ 2018.151536] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2018.156646] ? oom_killer_disable+0x280/0x280 [ 2018.161158] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2018.166287] mem_cgroup_out_of_memory+0x99/0xe0 [ 2018.170964] ? memcg_memory_event+0x40/0x40 [ 2018.175296] ? _raw_spin_unlock+0x2d/0x50 [ 2018.179473] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2018.184575] try_charge+0xfec/0x1570 [ 2018.188291] ? find_held_lock+0x35/0x130 [ 2018.192370] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2018.197218] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2018.202064] ? find_held_lock+0x35/0x130 [ 2018.206125] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2018.210995] memcg_kmem_charge_memcg+0x7c/0x130 [ 2018.215671] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2018.220175] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2018.225024] memcg_kmem_charge+0x13b/0x340 [ 2018.229268] __alloc_pages_nodemask+0x437/0x710 [ 2018.233943] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2018.238962] ? ___might_sleep+0x163/0x280 [ 2018.243112] ? copyin+0xb5/0x100 [ 2018.246481] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2018.252027] alloc_pages_current+0x107/0x210 [ 2018.256447] pipe_write+0xa65/0xfb0 [ 2018.260091] __vfs_write+0x613/0x8e0 [ 2018.263812] ? kernel_read+0x120/0x120 [ 2018.267706] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2018.273267] ? rw_verify_area+0x118/0x360 [ 2018.277427] vfs_write+0x20c/0x580 [ 2018.280969] ksys_write+0xea/0x1f0 [ 2018.280985] ? __ia32_sys_read+0xb0/0xb0 [ 2018.281004] ? do_syscall_64+0x26/0x610 [ 2018.281018] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2018.281032] ? do_syscall_64+0x26/0x610 [ 2018.281051] __x64_sys_write+0x73/0xb0 [ 2018.281067] do_syscall_64+0x103/0x610 [ 2018.281083] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2018.281096] RIP: 0033:0x457e39 [ 2018.318043] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2018.336950] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:43:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x7a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2018.344663] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2018.351935] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2018.359204] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2018.366473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2018.373742] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2018.394964] memory: usage 307200kB, limit 307200kB, failcnt 1768 [ 2018.401359] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2018.408637] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2018.414952] Memory cgroup stats for /syz5: cache:23076KB rss:259484KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:282524KB inactive_file:4KB active_file:0KB unevictable:0KB 16:43:08 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, 0x0, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2018.445912] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32089,uid=0 [ 2018.460720] Memory cgroup out of memory: Kill process 32089 (syz-executor5) score 1152 or sacrifice child [ 2018.471587] Killed process 32089 (syz-executor5) total-vm:72712kB, anon-rss:14908kB, file-rss:34880kB, shmem-rss:0kB [ 2018.489355] oom_reaper: reaped process 32089 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 16:43:08 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x10f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:08 executing program 0: unshare(0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:08 executing program 3: syz_init_net_socket$netrom(0x6, 0x5, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xf, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff}, [@jmp={0x5, 0xffffffff, 0x0, 0x0, 0xf, 0x0, 0x4}, @exit, @jmp={0x5, 0x4, 0x0, 0xf, 0x0, 0xffffffffffffffe0, 0x4}, @generic={0x0, 0x3, 0x2, 0x3, 0xfffffffffffffffe}, @alu={0x7, 0x3, 0xd, 0xf, 0xb, 0x100, 0xfffffffffffffff0}]}, 0x0, 0x1, 0x0, 0x0, 0x41f00, 0x679ac0b9ff4eafee, [], 0x0, 0x7}, 0x48) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x5) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, 0x0, 0x0) getresgid(0x0, 0x0, 0x0) getgroups(0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1}, 0x100) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) recvmmsg(r0, &(0x7f00000086c0), 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') 16:43:08 executing program 0: unshare(0x0) msgget$private(0x0, 0x0) unshare(0x8020400) 16:43:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) 16:43:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x7b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:08 executing program 0: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x0) [ 2018.876383] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2018.901055] CPU: 0 PID: 32140 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2018.908176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2018.917528] Call Trace: [ 2018.920124] dump_stack+0x172/0x1f0 [ 2018.923768] dump_header+0x10f/0xb6c [ 2018.927491] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2018.932600] ? ___ratelimit+0x60/0x595 [ 2018.936493] ? do_raw_spin_unlock+0x57/0x270 [ 2018.940912] oom_kill_process.cold+0x10/0x6f5 [ 2018.945416] ? task_will_free_mem+0x139/0x6e0 [ 2018.949932] out_of_memory+0x79a/0x1280 [ 2018.953921] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2018.959036] ? oom_killer_disable+0x280/0x280 [ 2018.963541] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2018.968662] mem_cgroup_out_of_memory+0x99/0xe0 16:43:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x7c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2018.973351] ? memcg_memory_event+0x40/0x40 [ 2018.977688] ? _raw_spin_unlock+0x2d/0x50 [ 2018.981872] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2018.986984] try_charge+0xfec/0x1570 [ 2018.990778] ? find_held_lock+0x35/0x130 [ 2018.994858] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2018.994876] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2018.994890] ? find_held_lock+0x35/0x130 [ 2018.994906] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2019.008635] memcg_kmem_charge_memcg+0x7c/0x130 [ 2019.018114] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2019.022630] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2019.027486] memcg_kmem_charge+0x13b/0x340 [ 2019.031735] __alloc_pages_nodemask+0x437/0x710 [ 2019.036416] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2019.041456] ? ___might_sleep+0x163/0x280 [ 2019.045615] ? copyin+0xb5/0x100 [ 2019.048988] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2019.054535] alloc_pages_current+0x107/0x210 [ 2019.058959] pipe_write+0xa65/0xfb0 [ 2019.062608] __vfs_write+0x613/0x8e0 [ 2019.066326] ? kernel_read+0x120/0x120 [ 2019.070230] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2019.075788] ? rw_verify_area+0x118/0x360 [ 2019.079978] vfs_write+0x20c/0x580 [ 2019.083536] ksys_write+0xea/0x1f0 [ 2019.087085] ? __ia32_sys_read+0xb0/0xb0 [ 2019.091151] ? do_syscall_64+0x26/0x610 [ 2019.095128] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2019.100497] ? do_syscall_64+0x26/0x610 [ 2019.104485] __x64_sys_write+0x73/0xb0 [ 2019.108376] do_syscall_64+0x103/0x610 [ 2019.112268] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2019.117459] RIP: 0033:0x457e39 [ 2019.120654] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2019.139549] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2019.147254] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2019.154526] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2019.161789] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2019.169059] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2019.176324] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2019.203635] memory: usage 307200kB, limit 307200kB, failcnt 1823 [ 2019.210110] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2019.217139] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 16:43:09 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x110}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:09 executing program 0: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x0) [ 2019.223727] Memory cgroup stats for /syz5: cache:23076KB rss:259476KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:282532KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2019.261067] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32131,uid=0 [ 2019.374422] Memory cgroup out of memory: Kill process 32131 (syz-executor5) score 1152 or sacrifice child [ 2019.417749] Killed process 32133 (syz-executor5) total-vm:72844kB, anon-rss:14976kB, file-rss:35820kB, shmem-rss:0kB [ 2019.464190] oom_reaper: reaped process 32133 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB 16:43:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, 0x0, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000001140)='/dev/audio\x00', 0x80400, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f00000011c0)=""/232) ioctl$KDADDIO(r0, 0x400455c8, 0x3) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$RTC_VL_CLR(r1, 0x7014) ioctl$DRM_IOCTL_VERSION(r2, 0xc0406400, &(0x7f0000001180)={0x2, 0xc4, 0x2, 0x29, &(0x7f0000000080)=""/41, 0x1000, &(0x7f0000000140)=""/4096, 0x0, &(0x7f0000001140)}) 16:43:09 executing program 0: unshare(0x8020000) msgget$private(0x0, 0x0) unshare(0x0) 16:43:09 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xf, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff}, [@jmp={0x5, 0xffffffff, 0x0, 0x0, 0xf, 0x0, 0x4}, @exit, @jmp={0x5, 0x4, 0x0, 0xf, 0x0, 0xffffffffffffffe0, 0x4}, @generic={0x0, 0x3, 0x2, 0x3, 0xfffffffffffffffe}, @alu={0x7, 0x3, 0xd, 0xf, 0xb, 0x100, 0xfffffffffffffff0}]}, 0x0, 0x1, 0x0, 0x0, 0x41f00, 0x679ac0b9ff4eafee, [], 0x0, 0x7}, 0x48) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x5) r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, 0x0, 0x0) getresgid(0x0, 0x0, 0x0) getgroups(0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1}, 0x100) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) recvmmsg(r0, &(0x7f00000086c0), 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') 16:43:09 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x7d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x20000, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f00000001c0)=""/45, &(0x7f0000000200)=0x2d) r2 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2) ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205649, &(0x7f0000000180)={0xfffffff, 0x5ad, 0x2, [], &(0x7f0000000140)={0x990afe, 0x5, [], @p_u32=&(0x7f0000000080)=0x81}}) 16:43:09 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000340)=0x7) 16:43:09 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x111}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2019.753235] sp0: Synchronizing with TNC [ 2019.805046] sp0: Synchronizing with TNC 16:43:09 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x800) write$P9_RLERRORu(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="170000000701000a002f6465762f70746d7800070000004faa0bda4824529700e4f8b5b45869623e242ba229679e5e301e56fe1b0d5762d256bc65ef7d0c8b44a76f8e52eee9b94fddcf29c54c9872caa0af48ad63e564836e717a3f8d4f7c3cddc747cde9e843513c455509cce2830fa3dbb41947c6a6b58ab842d4f8c5e48a463fc6b85aced9f5553f7bfd60e5e026e24e114b8a28f1cde07ed4defb29ca0ce240fed6d58312153b22639ec31371dc7b857862c3e9b5ffec73016e318cd1b1c264bc4abb04634d4b9d7424045a771d07fb"], 0x17) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000140)={0x1, r1}) getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f0000000080), &(0x7f0000000280)=0x4) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) prctl$PR_MCE_KILL(0x21, 0x1, 0x0) [ 2020.051757] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2020.148596] CPU: 1 PID: 32203 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2020.155758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2020.155765] Call Trace: [ 2020.155790] dump_stack+0x172/0x1f0 [ 2020.155815] dump_header+0x10f/0xb6c [ 2020.155834] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2020.155851] ? ___ratelimit+0x60/0x595 [ 2020.155867] ? do_raw_spin_unlock+0x57/0x270 [ 2020.155888] oom_kill_process.cold+0x10/0x6f5 [ 2020.193274] ? task_will_free_mem+0x139/0x6e0 [ 2020.197788] out_of_memory+0x79a/0x1280 [ 2020.201774] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2020.206892] ? oom_killer_disable+0x280/0x280 [ 2020.211411] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2020.216533] mem_cgroup_out_of_memory+0x99/0xe0 [ 2020.221213] ? memcg_memory_event+0x40/0x40 [ 2020.225550] ? _raw_spin_unlock+0x2d/0x50 [ 2020.229705] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2020.234812] try_charge+0xfec/0x1570 [ 2020.234828] ? find_held_lock+0x35/0x130 [ 2020.234850] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2020.234868] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2020.234884] ? find_held_lock+0x35/0x130 [ 2020.256368] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2020.261231] memcg_kmem_charge_memcg+0x7c/0x130 [ 2020.265912] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2020.270429] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2020.275283] memcg_kmem_charge+0x13b/0x340 [ 2020.279527] __alloc_pages_nodemask+0x437/0x710 [ 2020.279548] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2020.279566] ? ___might_sleep+0x163/0x280 [ 2020.279585] ? copyin+0xb5/0x100 [ 2020.279604] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2020.279625] alloc_pages_current+0x107/0x210 [ 2020.296788] pipe_write+0xa65/0xfb0 [ 2020.296819] __vfs_write+0x613/0x8e0 [ 2020.296837] ? kernel_read+0x120/0x120 [ 2020.296853] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2020.323518] ? rw_verify_area+0x118/0x360 [ 2020.327681] vfs_write+0x20c/0x580 [ 2020.331232] ksys_write+0xea/0x1f0 [ 2020.334787] ? __ia32_sys_read+0xb0/0xb0 [ 2020.338861] ? do_syscall_64+0x26/0x610 [ 2020.342841] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2020.342857] ? do_syscall_64+0x26/0x610 [ 2020.342875] __x64_sys_write+0x73/0xb0 [ 2020.356082] do_syscall_64+0x103/0x610 [ 2020.360021] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2020.365216] RIP: 0033:0x457e39 [ 2020.368415] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2020.387318] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2020.387343] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2020.387353] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2020.387362] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2020.387371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2020.387380] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:43:10 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'tgr128\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendto(r1, &(0x7f00005c8f58), 0xeffdffff, 0x0, 0x0, 0x0) [ 2020.513212] sp0: Synchronizing with TNC 16:43:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f00000002c0)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) read(r0, &(0x7f00000001c0)=""/231, 0xe7) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x8000, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000140)={{0x2, 0x4e21, @multicast1}, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 'caif0\x00'}) ioctl$KDADDIO(r1, 0x4b34, 0x6) [ 2020.721570] memory: usage 307136kB, limit 307200kB, failcnt 1890 [ 2020.768489] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2020.820895] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2020.888248] Memory cgroup stats for /syz5: cache:23076KB rss:259496KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:282532KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2020.909235] sp0: Synchronizing with TNC [ 2021.198810] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32191,uid=0 [ 2021.518307] Memory cgroup out of memory: Kill process 32191 (syz-executor5) score 1152 or sacrifice child [ 2021.553444] Killed process 32203 (syz-executor5) total-vm:72844kB, anon-rss:14976kB, file-rss:35820kB, shmem-rss:0kB [ 2022.252323] oom_reaper: reaped process 32203 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB 16:43:12 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:12 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x112}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x7e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = syz_open_dev$dmmidi(&(0x7f00000002c0)='/dev/dmmidi#\x00', 0x7, 0x101040) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000300)={0x1, 0xb, 0x1}) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/policy\x00', 0x0, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000280)) ioctl$KDADDIO(r0, 0x4b34, 0xfffffffeffffffff) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000340)="4d968979e9ce1c3cccbec84349b0f71641e21bcab34ce3f60d8847bb400975bbec0251b16a803c96b9ad075ff10948b6e0ce722e9477b19cfe63ad04efc7eb9277beccb03833105f84c004c1d5506019d99fb5e180e5c317bbda83746d70f438dcc53601b7a8279f3498f6cd3a16e066ecf81409725dd9f77b4e81785c998f2bf25a4eecbcb0e81b45fe7da18c71f868ff63c715237ebbb7370147d7707371b375864f09af3220d9cb143d6957e9f4c805afc8f5901813237631d54c7b7d53351033c1f619db01847372cf137151d74f7f6bcd33ff6e9573a214") r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x501002, 0x0) accept4$unix(r3, &(0x7f0000000140), &(0x7f0000000080)=0x6e, 0x80800) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$RNDADDENTROPY(r3, 0x40085203, &(0x7f00000001c0)={0x1, 0x6b, "a08e702839ea82e870e180e9a9dfb3f94151fbdca5b94d51188f0002250e057afbb4af04100c3ca13288f74d647fa9c390472e5b1d23c83e4dfaa8a1fbdee338ac5f00d7f901d7a7eb496bdadea03cfb255d2317434b0babd413afd62a9361277622dc18083708cf4c987c"}) 16:43:12 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'tgr128\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendto(r1, &(0x7f00005c8f58), 0xeffdffff, 0x0, 0x0, 0x0) [ 2022.446693] sp0: Synchronizing with TNC 16:43:12 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:12 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300), 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:12 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') ioctl$TCSETA(r1, 0x5406, &(0x7f0000000280)={0x1, 0x0, 0xa9a, 0x4, 0x8, 0x9c, 0x6a68, 0xa3a, 0x1, 0xfff}) sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x480802}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r2, 0x631, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2710}, @IPVS_CMD_ATTR_DEST={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) setsockopt$inet6_tcp_int(r1, 0x6, 0xf, &(0x7f0000000240)=0x1, 0x4) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2023.033749] sp0: Synchronizing with TNC 16:43:13 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000012c0)=0x12) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) io_setup(0x6, &(0x7f0000000000)=0x0) finit_module(r0, &(0x7f0000001280)='/dev/ptmx\x00', 0x2) io_submit(r1, 0x2, &(0x7f0000001240)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x3f, r0, &(0x7f0000000140)="98ac5c365df7318a98db008dc5568e65338fae1657c757f6923e2229f12d8afb808e6071b16549ed6740802e36021642cc6ffb18beb8c8dba16a7457dac1f92cca5ed2eba1ae54fa3c979f3308ebe4138b25cceaf2e10a7ce3714739ac9fe675d07dcfd84bf80518d460d58c92b1013e0273ad7ebd493f93d66ced750588d5b3662835abd614f9376a3f133f0cd9e5c261994175866bb2c753b0b59cdae6c8d10f705d52320c0183880900b6bc344296f0bae12b9a9e8154f861218215c22e131902ee2c9ab8afe5452fdba80309f4f701b329a4dd238dde1712c3c74903fefdd361300ebcf53219b35c7dd128bee077deb6e85d7ca768cfa7f74bf8aa881bcee58246708cf57caa5900b82a68160f453cd089226c5eafdab1370f98839290a5459a7ba72a613ab5cf8ab970aa6a89248bab80babf9d22f9d683867eabd88e873b356f5fdfd4db469659a2759eb2316c9d7ed3593bab5d871a1662b4717143ce08542b7cb2e872229007e7790ff81b64c9058d02994111e11959d3475ca623531652f3184cf149ad284a0e020f317a3a847a22f9b76576b236614bd8c6fc4dc74340e04f6b5479f87b2b35de5f739f3c69dfeb09becec4315575e6f37478bff752e11f1520450b7bf16dad954fbaf6251b93b9f04fb4fa998301c4b4d36aa763787fe2879786f28ad839eaf7208c946d8c03be19bb4dfde65950edeff935a8c00c73c60cf502838d246b44cbdd0da9067b2f01356b2558b57879bd06dd57a20783dd5cfc44cb392be5ca79b3a5761d3bf585e54246cd62fa343d0573615a5cad952a5a77ea5b35bac00d294dc42a5df7f40c0b835aa46ac443e63e441773faca19f9b430516d35f6621aa3270a00d6765db76b82440ade0461b230d9a699f49bf229773e68e22f79219a870a4973e8f0c3116ab1d114ccea189da1e9c3085d44985765c4a70c5fb249d59554c4aa0fd9ed102bd23175d05c69c364e17d46e870b939b73601c4e699912b0279a575b7c26b0060dd5e5fd8e2e7dfe3b31d256d5c4d513e8f0548eb64d89740d08eb92c08fcbaf568f3494e463a8dd5c4dee85ea4ddea55f025bcd186f05907aa233ccb987bed9f61aa76567cef46ed5a8e0c21c308695c9bed1a0b9de55421c10fd14ea3baad813920d2aa503ea892c2b6a374f19d2594a13879e61656b20f2e3242d23b637d87d71e522bddb20c06d4d5dff8427a3a7d9879d64ec3c5fc11a75b27b9369ba31c208f0147e72e72b327ba9aa51c11d85f95e37ec0ae8f1b22da432fbe7f4672e437db8adc05fca81933e2d8fa242532704a85ad5a6344bb133f9bf575fbc26bb1a07005937ac9ac8906c50779182d188ddebba3986163513c73d999aab276463c507813a500f365725f1fc8c9cd145e19accea70d012cf5e1f3e5985ff1d6704af6f57bfb21c6247007ccdb807049dc0a60bc6d42c9716f6b35377e25c883c9f314bfeaed27fcd64d7b22e2331e7a9a03bfa7b6f248e99ddb3c1484323c56c15aab50e8b48f9fa909f52bb635c7239c3519bf125c838a28a0b24f4a1100f55b3e4fef355f406644a10863db03deae2a897dd9a1df4f48f7d7e3e27fe573727c70e9bdd28bc73c8202effefe2e3c13f79f60ecc82c2cb2a725599ed8d69aa2f61ba5634679f5ec958f8435a0dd53aaa1e9ce9311449c1325f5dd5d3fd0ef3031b6caeeef719e4982002bb396bf8ff5769c020da6fbf6956dd494079c7ed6cf989bd1e999a8f913942ae20dcd349cdbee85a433a88cc79a7b6fbcd208b88cde7f0feac19b92269fcedea4fc43ddf7493c35f102552e45f75b7834b1dcb46e8075af3bd68dc9ac8dd651e97c20eede023b00f4d9a5847f52fe50f3f1d9a49e1edb78611f7f98d927cd50f96182e17f8d95515ff43b4c8d26df7a97ae58bf3181180529620e59971160ed7e9badeeefea4a4c640cc0bc4f9a6deec4452f747ecc4d8c33f3301dcf96365165f00342eeddce175e04c96f711b5e4311c14ca1e9ea9530bf3396196bd5446adcfc12ca73c03798531e4a5dd0a7fbc3c1c708db41d131780821beeef6a919facbbd55824b2aaec930a13db3379a5b295b526ccc5a3211972b03558d2a6848948f2eacb98fae2e2e7e50a9483715366f6e12cb4d7b0fc025612e0fad886fb3ae5295cc2cddbf4fc995971cfed6e1b30d7a99713e9f63fadda5f795cff7f181623e3b2af4e2860e536adf6eef2dfdc9492b8326d264253e8b79087ea677e5c45d6fbbbaa7b9fc378847092c81c5cf08c03691c174b8f0d78b47dbef5d12b196e747732fc8090e8b79c296a5d8ca077d9625fcc07672b8dd5f0b4ff9e8b826e8e811a7784dee19d00d33e9e678076c727266ea223f99b0377a6846b8580e1a25536fc8f613c5861faef0d28f19a49475f6b9270e12bfcffe8688897e8ac3144804279ccbe78a6c5aae51aa010e37ed80fddc4ba3c9f4c79a9787022d05efb99c4a285a81a9e051d17283f430813fd28ea2326804475b86c9d492c5c99e34cca4baa50ef01ff71df98fb87273acc1ae65910c9165bc5d0e7619b88509ba4859e1dec11059003416fffcea4bf28b6464c61569dbb901c47b21df3d04876802c228ac57f9b7c3ae52abe2be21944641f255813078744685390c2249e29c532193adadbc796eb9bdf525c98d9c0935556e2acb9823289d497ebdc74f50605165a158661245eb9f78adb9d238b1d3793ab676dbd9eb4c176bca92322cb382bfa0d5bd6bd4e8cca2cd2e02976ea492457fee95bc02c8872895de8c4911fe2b272a0481f4916716fdfd091c63924945ce2431030d49571049b4d8f88ea282c8d0a56d3fe6eee08d91a6c2dff89c50729e214efdae0c74fc6b94768191a51a0d9b56833c6a9e44327807931f1df3dc229a4630906582ade931f0299502b077616955daa8314e6213b1e60cd8a7bbf6384055a3833d312eddb33345ae2a003fd91df4adf85644169449aff3aaa030e64cbf7d383196be224633d36f780c10cecf1cb5f5a1a716fca55206d402a2b965e17334d4a128472eb70e1cb7d2cbc0236b0126d6d06806c3180a2458d127a7be3f8e4f2eea83e939184fc5b63832dab7574a5fff14e69694920514a352d93b5934488fa995f3fd965c8592a5ba49725e01a5f715d5dc2f3291903621574edfb6d6f62ea79aa6f152dd88b6da6928b28c31fdf50c1a15b4c2a4ff6384e52b7889fbcf3d17e0a5d0101f2742de3c473e55a981b946a26d760288c1f1b32472633534b230cc7af692ac57f1480619a7a77266e6ae8f34b8024d95739d4ad8e7acb2869857d5d8857cf12c077881a45fa9e8fc28faf1eeab97b2d7be0405b7321f30c118f0834f2bbe495df0d079c83c65f985818c21f3d6a4af413e50cdfe317f847a90cb1b86ae387cb903617ceebb27c32029cc16b26238a02fec251cb4bd17b3afd065edec3a43c0c5dd8645370e2c2f27425078da417ca1fdc6a27099f7536ffd993db480445f0bdb183e21c59bbbd8ac55db3d57526c6b4f197ab86f48e57c93571421e06e0058cfdb0ef3e9a79f40083b97870eadecdcf156356fada2d985066bb46ce8f40001da10c9f5b612defb499ba5fa83b58e9db3ed564475abebd19b28704e02a435fe2a1e9f7dfd35708f5c5eb6b1c00c5da8aa54fb6569acf1ec408b17b29c7e0f1397494b95d97b6974822b0597bbc6650a83d2ca577a40b01c871d76f7a0fa20931e6b3486965d4d2dcc179c2dedee70f1c16583ef97bb188894ccb11d8776848ee03167e6d0afa8e0edcf6b744cd5114c2da00f3923aab2600475cd5053e39016546231d347b5fcf0d1a47d5e433050d80a75d031e667f578eea57a810e9964c3d5d1351b7da9c5238cb28edf5b9741045de1ec41c37f019d4be12a7c659e8024796cd14c832f6b507dba2de58ae7321862f333e01b9066dfce576a820bf8e6042cb60c6ea1885931d0656bc9527e889306eeb41bcef26c1343d8453aee804bea224592108de80aed77923e462a32d6c68f613ff7ccdceb47858a065158b15e3b30602f658d1b3922ea359831c75141b412facd31c152046444bf42e63d8cd78531c5b0079fb896599d4063186517fda8550f1f58f8fa9281dffce31723809bc8e20a6b9d973e2d7f6e425be6d58ac319017d7c40cd7c612e7845a443f9c8c63d54a521b399cd92ae88fe66bcfbeb9668d45967e90666e5bd09c127cd8a0279aec8daee986d4c617bfa7bc76e58b348a602269f344cfc2d3fb357ce148d9413fb07be5edbfdeb4321c618f7dcdf9e3faf119f8886099be31b21e2a81a1fcda8f8f5e9396bef48bf8d211ecf45c4889ae4cacf27a566f5f756ca0e19ec0eb18a64ab450f79b78aca18691e159c8d5aeb9b049dfe015872649e448bb41eb52a8aa6a29d55289f6c1df4831d1215ff458e4f9166cfdd0767a0408e9fa28026c8521bc5dcf084439f4d4d00e9bac59bcb2a8a72870926b28b8a31820e8f66bd9a1528c7f58d1d8e698aeedf96aea4238028451cde6fd44a892b6e0b85f5f864e49e5b634d1356bb36f1e45a7edc600a5ed24a0f1efd9bf449ea1accfff607b61b7eb4d409dffe465393b2d5a6ee15bbfaf33b144cca855486d4f547ab984fe4dc4129d86a0c6fe3f5dc1b0f1ecb1aea9ee0409b16f88285af4b479694684ac070b493124272d03b068cb4bf9e41eb4b70a6b26dc61a1fd3e5c1ad329ca0dedf294b70b500eaa44f2c18840959ed758350b6e7459787d3f9b92815f9939b7a3b0d7f6507d6ea8231c4c3e15972703e06e843ed9ad57e71b9054beb4bed9f1d0ee549ba069ed57166609871a5f969f4ffae5b590979f8bf76afb391254524a846e7b64dcf0597970ebd7901c3c054ba999461a58906ec59fa7ab01079e6e7075681bc58a64c43fcf083ab15a4a3b7bd49a599b056307ed4a8c09b35a49c6519ede1e4040fc0259d548aa3885b2f185b1eb3c4d4c4f461d8f9d9d472afb9bd119557c2d5457fe962c382064238a3916dd9a8f643a655aad9eb45235561b362c4e3b1db35e6bdca9150185ed445fd50633557d989ec7a2c793621c49676e76ccbeec41f6f8c5b5f886b3461bb29f90bf99228cf4d96543436a07d6cccdbd76e7a09964bbda6a47384be3cdbef2df0707b187abd9004905cf31d15e0e4c4018c900caee039d7d4406eb978926c0a1b3364a5a9ca148a2d443b675db6637fbfe578a68913069f19f3b04a41c81caf3be2b1033282bbeacd07f00a735bbd8d78df0ae4243b0343de2f8bc5176e342d8bfce64ce4d14dbf762a4a6391c339b54624dd869cc05e8d46b5c274f60d9b1f5e6200e5186b568b19e6d828dfbb2696ea96d6f634dc8bc95111ef4283c7b4095d5de092bd9cdfb4b55433ebeff011c82e9bf65277035991baac6610dc297ed33e146c23b6fbeb54e358bedb3a322ad43b05077fb40cad92cc7872cccad3993d65fc27c6e10033bb57e1b40e402aa866c148f0d5d451a8b8a2c3182b7c997beaa7f25818ead7e7d49e26f8340a837183963b30eccd0ecfd3776098faaacaa08306edd800b2604d00f1f313547a26c509abf9128df0197f1474d1946780e1bfbd6c3568c85d71589e26ecec697256c2af4bb51dbf83978a91d44f38b5cd54b530fdb6e6f22811d5d9c150e8901002b922cda80acc959fd7ec94e890aafc0269321e3b238ce1f5cad785062c71278733e14306a8e79b653b5b23b1f596a1e07fe6eba52f6a58d96592b6aa0b6af393419bf065b3624f16432cf7b144b7960595b47fece49cec28598a0f8f", 0x1000, 0x4, 0x0, 0x2}, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x3, 0x5, r0, &(0x7f0000001140)="24bb4488d0a2f4a5714ba13d8353fa77927f88b746b2a4b9a5361582634cf82f2298cc18f8fd627baf5d4fd1fb2e4c6bd609f41fbda49e30761092dfc96fd4f97188c557fb4afff097b9be404087efd1db9c1f21eda95f7a5f48b5364fbe14a48c3a5c3eafd449aa7112d34cbd972be73eff141a17fd11abab29446184b31fc7ce977d149c1aeec86d4e95b219b6bd8ec294d261e8a919", 0x97, 0x8, 0x0, 0x0, 0xffffffffffffff9c}]) dup3(r0, r0, 0x80000) 16:43:13 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x82}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) [ 2023.379973] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2023.476468] CPU: 1 PID: 32330 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2023.483625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2023.492981] Call Trace: [ 2023.495589] dump_stack+0x172/0x1f0 [ 2023.499237] dump_header+0x10f/0xb6c [ 2023.502965] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2023.508081] ? ___ratelimit+0x60/0x595 [ 2023.511982] ? do_raw_spin_unlock+0x57/0x270 [ 2023.516402] oom_kill_process.cold+0x10/0x6f5 [ 2023.520915] ? task_will_free_mem+0x139/0x6e0 [ 2023.525438] out_of_memory+0x79a/0x1280 [ 2023.529431] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2023.534546] ? oom_killer_disable+0x280/0x280 [ 2023.539049] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2023.544170] mem_cgroup_out_of_memory+0x99/0xe0 [ 2023.548849] ? memcg_memory_event+0x40/0x40 [ 2023.553190] ? _raw_spin_unlock+0x2d/0x50 [ 2023.557359] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2023.562472] try_charge+0xfec/0x1570 [ 2023.566190] ? find_held_lock+0x35/0x130 [ 2023.570270] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2023.575138] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2023.580001] ? find_held_lock+0x35/0x130 [ 2023.584090] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2023.588962] memcg_kmem_charge_memcg+0x7c/0x130 [ 2023.593641] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2023.598153] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2023.603009] memcg_kmem_charge+0x13b/0x340 [ 2023.607260] __alloc_pages_nodemask+0x437/0x710 [ 2023.612093] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2023.617124] ? ___might_sleep+0x163/0x280 [ 2023.621279] ? copyin+0xb5/0x100 [ 2023.624657] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2023.624682] alloc_pages_current+0x107/0x210 [ 2023.624702] pipe_write+0xa65/0xfb0 [ 2023.638265] __vfs_write+0x613/0x8e0 [ 2023.641995] ? kernel_read+0x120/0x120 [ 2023.645890] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2023.651459] ? rw_verify_area+0x118/0x360 [ 2023.655616] vfs_write+0x20c/0x580 [ 2023.659167] ksys_write+0xea/0x1f0 [ 2023.662720] ? __ia32_sys_read+0xb0/0xb0 [ 2023.666797] ? do_syscall_64+0x26/0x610 [ 2023.670781] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2023.676152] ? do_syscall_64+0x26/0x610 [ 2023.676175] __x64_sys_write+0x73/0xb0 [ 2023.676193] do_syscall_64+0x103/0x610 [ 2023.676210] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2023.693109] RIP: 0033:0x457e39 [ 2023.696311] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2023.715222] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2023.715238] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2023.715247] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2023.715256] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2023.715265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2023.715274] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2023.839770] sp0: Synchronizing with TNC 16:43:14 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x113}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001900)={[{@shortname_mixed='shortname=mixed'}]}) 16:43:14 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x10000000000000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1a) ioctl$KDADDIO(r0, 0x400455c8, 0x6) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f00000001c0)="cf5222b4e3e7f5135546e1b0db0a4f1c686bfb07d8a59427264a92e7ef829a9c25a9b2a9c88b8b86cda53943b98f8c04df73a0fd5d0bb043bdb30574db79269473e9c7c272bd628d587da5831797bc9d52dc448a14899f735e9c1007047a608c04d0b7a0c2c4fcf4f6519761d6eeac4f376489830028d6fcefb6230ae0b5adb6e51aee50b39ca64ce7137b87c31718363620a4958e75f51f61da9d2d8484") getsockopt$inet_dccp_buf(r0, 0x21, 0xc, &(0x7f0000000280)=""/4096, &(0x7f0000000040)=0x1000) r1 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x0, 0x2) bind$vsock_stream(r1, &(0x7f0000000180)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xfe48, 0xa74a, 0x9, 0x80, 0x14, 0x403ea19e, 0x1, 0x6, 0x1, 0x9d}) 16:43:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x83}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) [ 2024.178559] FAT-fs (loop1): bogus number of reserved sectors 16:43:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) [ 2024.289307] FAT-fs (loop1): Can't find a valid FAT filesystem [ 2024.419945] FAT-fs (loop1): bogus number of reserved sectors [ 2024.449090] memory: usage 306872kB, limit 307200kB, failcnt 1973 [ 2024.455281] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2024.493475] FAT-fs (loop1): Can't find a valid FAT filesystem [ 2024.519057] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2024.560523] Memory cgroup stats for /syz5: cache:23076KB rss:259244KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:282376KB inactive_file:0KB active_file:4KB unevictable:0KB [ 2024.697575] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=28972,uid=0 [ 2024.791891] Memory cgroup out of memory: Kill process 28972 (syz-executor5) score 1133 or sacrifice child [ 2024.841655] Killed process 28972 (syz-executor5) total-vm:72448kB, anon-rss:8336kB, file-rss:35796kB, shmem-rss:0kB [ 2024.901992] oom_reaper: reaped process 28972 (syz-executor5), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 16:43:14 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x84}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:14 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:14 executing program 1: clone(0x41fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000002c0)) ptrace(0x10, r0) ptrace$setsig(0x4203, r0, 0x0, 0x0) 16:43:14 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x114}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:15 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)) 16:43:15 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x10) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:15 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)) 16:43:15 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2a0002, 0x0) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000080)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)) 16:43:15 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)) 16:43:15 executing program 3: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x10000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) r2 = accept4(0xffffffffffffff9c, &(0x7f0000000140)=@sco, &(0x7f0000000000)=0x80, 0x80800) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}}}, &(0x7f0000000080)=0xe8) ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f00000002c0)={r3, 0x80, 0xff, 0xffff, 0x20, 0x3, 0x7}) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x1) ioctl$KDADDIO(r1, 0x400455c8, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)) r4 = syz_open_dev$mice(&(0x7f0000002480)='/dev/input/mice\x00', 0x0, 0x20000) ioctl$SIOCX25SSUBSCRIP(r4, 0x89e1, &(0x7f00000024c0)={'veth1\x00', 0x5c, 0x6}) getsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, &(0x7f0000000300), &(0x7f0000000340)=0x4) [ 2025.695105] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2025.771373] CPU: 0 PID: 32439 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2025.778627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2025.787984] Call Trace: [ 2025.790589] dump_stack+0x172/0x1f0 [ 2025.794236] dump_header+0x10f/0xb6c [ 2025.797962] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2025.803074] ? ___ratelimit+0x60/0x595 [ 2025.806974] ? do_raw_spin_unlock+0x57/0x270 [ 2025.811395] oom_kill_process.cold+0x10/0x6f5 [ 2025.815911] ? task_will_free_mem+0x139/0x6e0 [ 2025.820432] out_of_memory+0x79a/0x1280 [ 2025.824433] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2025.829549] ? oom_killer_disable+0x280/0x280 [ 2025.834051] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2025.839173] mem_cgroup_out_of_memory+0x99/0xe0 [ 2025.843853] ? memcg_memory_event+0x40/0x40 [ 2025.848192] ? _raw_spin_unlock+0x2d/0x50 [ 2025.852355] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2025.857476] try_charge+0xfec/0x1570 [ 2025.861201] ? find_held_lock+0x35/0x130 [ 2025.865278] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2025.870131] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2025.874978] ? find_held_lock+0x35/0x130 [ 2025.879052] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2025.883906] memcg_kmem_charge_memcg+0x7c/0x130 [ 2025.888579] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2025.893084] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2025.897938] memcg_kmem_charge+0x13b/0x340 [ 2025.902184] __alloc_pages_nodemask+0x437/0x710 [ 2025.906870] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2025.911900] ? ___might_sleep+0x163/0x280 [ 2025.916055] ? copyin+0xb5/0x100 [ 2025.919471] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2025.925029] alloc_pages_current+0x107/0x210 [ 2025.929455] pipe_write+0xa65/0xfb0 [ 2025.933107] __vfs_write+0x613/0x8e0 [ 2025.936833] ? kernel_read+0x120/0x120 [ 2025.940727] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2025.946295] ? rw_verify_area+0x118/0x360 [ 2025.950455] vfs_write+0x20c/0x580 [ 2025.954009] ksys_write+0xea/0x1f0 [ 2025.957560] ? __ia32_sys_read+0xb0/0xb0 [ 2025.961634] ? do_syscall_64+0x26/0x610 [ 2025.965616] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2025.970986] ? do_syscall_64+0x26/0x610 [ 2025.974979] __x64_sys_write+0x73/0xb0 [ 2025.978882] do_syscall_64+0x103/0x610 [ 2025.982785] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2025.987980] RIP: 0033:0x457e39 [ 2025.991178] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2026.010097] RSP: 002b:00007fb6e8191c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2026.017821] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2026.025099] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2026.032379] RBP: 000000000073c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 2026.039653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81926d4 [ 2026.046928] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2026.069545] memory: usage 307128kB, limit 307200kB, failcnt 2035 [ 2026.089171] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2026.100002] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2026.130308] Memory cgroup stats for /syz5: cache:23076KB rss:260180KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:283152KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2026.152716] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32425,uid=0 [ 2026.167366] Memory cgroup out of memory: Kill process 32425 (syz-executor5) score 1140 or sacrifice child 16:43:16 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) [ 2026.177212] Killed process 32434 (syz-executor5) total-vm:72844kB, anon-rss:11416kB, file-rss:35828kB, shmem-rss:0kB [ 2026.193211] oom_reaper: reaped process 32434 (syz-executor5), now anon-rss:0kB, file-rss:34868kB, shmem-rss:40kB 16:43:16 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x85}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:16 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x115}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:16 executing program 1: 16:43:16 executing program 1: 16:43:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:16 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x8) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x9) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x34b, 0x480) write$P9_ROPEN(r1, &(0x7f0000000140)={0x18, 0x71, 0x2, {{0x2, 0x1}, 0x800}}, 0x18) 16:43:16 executing program 1: 16:43:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:16 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x80, 0x7, 0x4, 0x40, 0x6, 0x0, 0xcaf, 0x2, 0x3, 0xffffffffffffffff, 0x100000001, 0x5}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) getsockopt$inet_int(r1, 0x0, 0x16, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f00000001c0)=""/223) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2026.665319] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2026.689650] CPU: 0 PID: 32490 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2026.696797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2026.706152] Call Trace: [ 2026.708747] dump_stack+0x172/0x1f0 [ 2026.712386] dump_header+0x10f/0xb6c [ 2026.716117] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2026.721223] ? ___ratelimit+0x60/0x595 [ 2026.725124] ? do_raw_spin_unlock+0x57/0x270 [ 2026.729540] oom_kill_process.cold+0x10/0x6f5 [ 2026.734040] ? task_will_free_mem+0x139/0x6e0 [ 2026.738540] out_of_memory+0x79a/0x1280 [ 2026.742624] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2026.747729] ? oom_killer_disable+0x280/0x280 [ 2026.752222] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2026.757342] mem_cgroup_out_of_memory+0x99/0xe0 [ 2026.762011] ? memcg_memory_event+0x40/0x40 [ 2026.766352] ? _raw_spin_unlock+0x2d/0x50 [ 2026.770502] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2026.775603] try_charge+0xfec/0x1570 [ 2026.779313] ? find_held_lock+0x35/0x130 [ 2026.783388] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2026.788235] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2026.793079] ? find_held_lock+0x35/0x130 [ 2026.797139] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2026.801997] memcg_kmem_charge_memcg+0x7c/0x130 [ 2026.806663] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2026.811178] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2026.816023] memcg_kmem_charge+0x13b/0x340 [ 2026.820265] __alloc_pages_nodemask+0x437/0x710 [ 2026.824958] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2026.829979] ? ___might_sleep+0x163/0x280 [ 2026.834132] ? copyin+0xb5/0x100 [ 2026.837503] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2026.843049] alloc_pages_current+0x107/0x210 [ 2026.847468] pipe_write+0xa65/0xfb0 [ 2026.851110] __vfs_write+0x613/0x8e0 [ 2026.854825] ? kernel_read+0x120/0x120 [ 2026.858709] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2026.864263] ? rw_verify_area+0x118/0x360 [ 2026.868411] vfs_write+0x20c/0x580 [ 2026.871958] ksys_write+0xea/0x1f0 [ 2026.875503] ? __ia32_sys_read+0xb0/0xb0 [ 2026.879567] ? do_syscall_64+0x26/0x610 [ 2026.883540] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2026.888905] ? do_syscall_64+0x26/0x610 [ 2026.892881] __x64_sys_write+0x73/0xb0 [ 2026.896766] do_syscall_64+0x103/0x610 [ 2026.900657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2026.905845] RIP: 0033:0x457e39 [ 2026.909037] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2026.927937] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2026.935643] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2026.942920] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2026.950189] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2026.957458] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2026.964722] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2026.979486] memory: usage 307200kB, limit 307200kB, failcnt 2113 [ 2026.987674] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2026.994980] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2027.001837] Memory cgroup stats for /syz5: cache:23076KB rss:260136KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:283216KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2027.025371] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32469,uid=0 [ 2027.040223] Memory cgroup out of memory: Kill process 32469 (syz-executor5) score 1140 or sacrifice child [ 2027.054510] Killed process 32469 (syz-executor5) total-vm:72844kB, anon-rss:11416kB, file-rss:35816kB, shmem-rss:0kB [ 2027.072351] oom_reaper: reaped process 32469 (syz-executor5), now anon-rss:0kB, file-rss:34868kB, shmem-rss:40kB 16:43:17 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:17 executing program 1: 16:43:17 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x116}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:17 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x86}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:17 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8001, 0x0) ioctl$TIOCSBRK(r0, 0x5427) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x12) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x1) 16:43:17 executing program 1: 16:43:17 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:17 executing program 1: 16:43:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x2}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000000)={0x5, 0xfffffffffffffc03, 0x4}) 16:43:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:17 executing program 1: [ 2027.725761] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 16:43:17 executing program 1: [ 2027.791974] CPU: 1 PID: 32566 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2027.799122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2027.808475] Call Trace: [ 2027.811079] dump_stack+0x172/0x1f0 [ 2027.814722] dump_header+0x10f/0xb6c [ 2027.818445] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2027.823553] ? ___ratelimit+0x60/0x595 [ 2027.827447] ? do_raw_spin_unlock+0x57/0x270 [ 2027.831868] oom_kill_process.cold+0x10/0x6f5 [ 2027.836386] ? task_will_free_mem+0x139/0x6e0 [ 2027.840896] out_of_memory+0x79a/0x1280 [ 2027.844891] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2027.850010] ? oom_killer_disable+0x280/0x280 [ 2027.854511] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2027.859634] mem_cgroup_out_of_memory+0x99/0xe0 [ 2027.864310] ? memcg_memory_event+0x40/0x40 [ 2027.868662] ? _raw_spin_unlock+0x2d/0x50 [ 2027.872813] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2027.877919] try_charge+0xfec/0x1570 [ 2027.881648] ? find_held_lock+0x35/0x130 [ 2027.885726] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2027.890583] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2027.895435] ? find_held_lock+0x35/0x130 [ 2027.899507] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2027.904379] memcg_kmem_charge_memcg+0x7c/0x130 [ 2027.909056] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2027.913566] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2027.918420] memcg_kmem_charge+0x13b/0x340 [ 2027.922674] __alloc_pages_nodemask+0x437/0x710 [ 2027.927371] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2027.932397] ? ___might_sleep+0x163/0x280 [ 2027.936556] ? copyin+0xb5/0x100 [ 2027.939944] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2027.945504] alloc_pages_current+0x107/0x210 [ 2027.949934] pipe_write+0xa65/0xfb0 [ 2027.953590] __vfs_write+0x613/0x8e0 [ 2027.957317] ? kernel_read+0x120/0x120 [ 2027.961222] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2027.966785] ? rw_verify_area+0x118/0x360 [ 2027.970954] vfs_write+0x20c/0x580 [ 2027.974506] ksys_write+0xea/0x1f0 [ 2027.978058] ? __ia32_sys_read+0xb0/0xb0 [ 2027.982135] ? do_syscall_64+0x26/0x610 [ 2027.986120] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2027.991491] ? do_syscall_64+0x26/0x610 [ 2027.995483] __x64_sys_write+0x73/0xb0 [ 2027.999386] do_syscall_64+0x103/0x610 [ 2028.003289] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2028.008482] RIP: 0033:0x457e39 [ 2028.011683] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2028.030590] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2028.038308] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2028.045592] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2028.052866] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2028.060171] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2028.067445] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:43:18 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x117}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:18 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x2, 0x800) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000200)=[@in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e20, 0xffffffffffffff81, @loopback, 0x5}, @in6={0xa, 0x4e23, 0x5, @mcast2, 0x1}, @in6={0xa, 0x4e20, 0xfff, @empty, 0xff}, @in={0x2, 0x4e20, @multicast2}], 0x84) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x20000) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x100010, r2, 0x0) ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f0000000080)=0x9) write$selinux_access(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7761746368646f675f6465766963655f743a7315202f7573722f6c69622f74656c6570617468792f6d697373696f6e2d636f6e74726f6c2d3520303030303030303030303030303030303230343700"], 0x61) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:18 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x87}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:18 executing program 1: [ 2028.234358] audit: type=1400 audit(1549471398.154:156): avc: denied { map } for pid=32585 comm="syz-executor3" path="/dev/input/mice" dev="devtmpfs" ino=16135 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mouse_device_t:s0 tclass=chr_file permissive=1 [ 2028.408684] memory: usage 307104kB, limit 307200kB, failcnt 2191 [ 2028.418592] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2028.458951] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2028.488519] Memory cgroup stats for /syz5: cache:23076KB rss:260000KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:132KB swap:0KB inactive_anon:112KB active_anon:283012KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2028.610351] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32032,uid=0 [ 2028.672383] Memory cgroup out of memory: Kill process 32032 (syz-executor5) score 1133 or sacrifice child [ 2028.716451] Killed process 32032 (syz-executor5) total-vm:72448kB, anon-rss:8336kB, file-rss:35796kB, shmem-rss:0kB 16:43:19 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000080)=0xc) tkill(r1, 0x19) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:19 executing program 1: 16:43:19 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x118}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:19 executing program 1: 16:43:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x88}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:19 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x101002, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:19 executing program 1: 16:43:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:19 executing program 1: [ 2029.802777] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2029.814443] CPU: 1 PID: 32645 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2029.821536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2029.830879] Call Trace: [ 2029.833456] dump_stack+0x172/0x1f0 [ 2029.837075] dump_header+0x10f/0xb6c [ 2029.840778] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2029.845865] ? ___ratelimit+0x60/0x595 [ 2029.849736] ? do_raw_spin_unlock+0x57/0x270 [ 2029.854135] oom_kill_process.cold+0x10/0x6f5 [ 2029.858618] ? task_will_free_mem+0x139/0x6e0 [ 2029.863099] out_of_memory+0x79a/0x1280 [ 2029.867060] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2029.872162] ? oom_killer_disable+0x280/0x280 [ 2029.876650] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2029.881745] mem_cgroup_out_of_memory+0x99/0xe0 [ 2029.886400] ? memcg_memory_event+0x40/0x40 [ 2029.890709] ? _raw_spin_unlock+0x2d/0x50 [ 2029.894840] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2029.899953] try_charge+0xfec/0x1570 [ 2029.903661] ? find_held_lock+0x35/0x130 [ 2029.907723] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2029.912566] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2029.917392] ? find_held_lock+0x35/0x130 [ 2029.921438] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2029.926272] memcg_kmem_charge_memcg+0x7c/0x130 [ 2029.930942] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2029.935441] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2029.940272] memcg_kmem_charge+0x13b/0x340 [ 2029.944519] __alloc_pages_nodemask+0x437/0x710 [ 2029.949186] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2029.954190] ? ___might_sleep+0x163/0x280 [ 2029.958324] ? copyin+0xb5/0x100 [ 2029.961687] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2029.967214] alloc_pages_current+0x107/0x210 [ 2029.971610] pipe_write+0xa65/0xfb0 [ 2029.975227] __vfs_write+0x613/0x8e0 [ 2029.978934] ? kernel_read+0x120/0x120 [ 2029.982813] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2029.988351] ? rw_verify_area+0x118/0x360 [ 2029.992487] vfs_write+0x20c/0x580 [ 2029.996029] ksys_write+0xea/0x1f0 [ 2029.999562] ? __ia32_sys_read+0xb0/0xb0 [ 2030.003640] ? do_syscall_64+0x26/0x610 [ 2030.007610] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2030.012966] ? do_syscall_64+0x26/0x610 [ 2030.016924] __x64_sys_write+0x73/0xb0 [ 2030.020811] do_syscall_64+0x103/0x610 [ 2030.024693] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2030.029868] RIP: 0033:0x457e39 [ 2030.033053] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2030.051951] RSP: 002b:00007fb6e8170c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2030.059683] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2030.066938] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000006 [ 2030.074190] RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 [ 2030.081450] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81716d4 [ 2030.088712] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2030.103311] memory: usage 307200kB, limit 307200kB, failcnt 2253 [ 2030.109999] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2030.117268] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2030.123514] Memory cgroup stats for /syz5: cache:23076KB rss:260092KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283224KB inactive_file:4KB active_file:0KB unevictable:0KB 16:43:20 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:20 executing program 3: r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x2000) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000080)={0x3, 0x3ff}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)) 16:43:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)) 16:43:20 executing program 1: 16:43:20 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x119}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x89}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2030.145699] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32613,uid=0 [ 2030.160264] Memory cgroup out of memory: Kill process 32613 (syz-executor5) score 1147 or sacrifice child [ 2030.170162] Killed process 32613 (syz-executor5) total-vm:72976kB, anon-rss:13392kB, file-rss:34880kB, shmem-rss:0kB [ 2030.185502] oom_reaper: reaped process 32613 (syz-executor5), now anon-rss:0kB, file-rss:34848kB, shmem-rss:40kB 16:43:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)) 16:43:20 executing program 1: 16:43:20 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080)="ef77cb3218cbb713add2039912a5566125bc732396a056b12e336d7f53b5733f4e"}, 0x20) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000300)='gre0\x00') ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x400000000003) [ 2030.382608] sp0: Synchronizing with TNC 16:43:20 executing program 1: 16:43:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)) 16:43:20 executing program 1: [ 2030.621258] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2030.666150] sp0: Synchronizing with TNC [ 2030.753367] CPU: 0 PID: 32663 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2030.760525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2030.769878] Call Trace: [ 2030.772474] dump_stack+0x172/0x1f0 [ 2030.776146] dump_header+0x10f/0xb6c [ 2030.779869] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2030.784976] ? ___ratelimit+0x60/0x595 [ 2030.788871] ? do_raw_spin_unlock+0x57/0x270 [ 2030.793288] oom_kill_process.cold+0x10/0x6f5 [ 2030.797789] ? task_will_free_mem+0x139/0x6e0 [ 2030.802305] out_of_memory+0x79a/0x1280 [ 2030.806297] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2030.811407] ? oom_killer_disable+0x280/0x280 [ 2030.815910] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2030.821026] mem_cgroup_out_of_memory+0x99/0xe0 [ 2030.825700] ? memcg_memory_event+0x40/0x40 [ 2030.830031] ? _raw_spin_unlock+0x2d/0x50 [ 2030.834179] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2030.839280] try_charge+0xfec/0x1570 [ 2030.839294] ? find_held_lock+0x35/0x130 [ 2030.839315] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2030.839332] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2030.839357] ? find_held_lock+0x35/0x130 [ 2030.839374] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2030.839396] memcg_kmem_charge_memcg+0x7c/0x130 [ 2030.870374] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2030.874876] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2030.879724] memcg_kmem_charge+0x13b/0x340 [ 2030.879759] __alloc_pages_nodemask+0x437/0x710 [ 2030.879778] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2030.879793] ? ___might_sleep+0x163/0x280 [ 2030.879826] ? copyin+0xb5/0x100 [ 2030.879843] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2030.879867] alloc_pages_current+0x107/0x210 [ 2030.911487] pipe_write+0xa65/0xfb0 [ 2030.915134] __vfs_write+0x613/0x8e0 [ 2030.918857] ? kernel_read+0x120/0x120 [ 2030.922743] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2030.922776] ? rw_verify_area+0x118/0x360 [ 2030.932474] vfs_write+0x20c/0x580 [ 2030.936025] ksys_write+0xea/0x1f0 [ 2030.939570] ? __ia32_sys_read+0xb0/0xb0 [ 2030.943637] ? do_syscall_64+0x26/0x610 [ 2030.947614] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2030.952983] ? do_syscall_64+0x26/0x610 [ 2030.956969] __x64_sys_write+0x73/0xb0 [ 2030.960864] do_syscall_64+0x103/0x610 [ 2030.964758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2030.969947] RIP: 0033:0x457e39 [ 2030.973144] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2030.992043] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2030.992057] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2030.992080] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2030.992088] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2030.992096] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2030.992105] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2031.146553] memory: usage 307136kB, limit 307200kB, failcnt 2327 [ 2031.168581] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2031.209564] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2031.215924] Memory cgroup stats for /syz5: cache:23076KB rss:260132KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283208KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2031.538128] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32659,uid=0 [ 2031.578139] Memory cgroup out of memory: Kill process 32659 (syz-executor5) score 1147 or sacrifice child [ 2031.588018] Killed process 32663 (syz-executor5) total-vm:72712kB, anon-rss:13452kB, file-rss:35816kB, shmem-rss:0kB 16:43:21 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:21 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 16:43:21 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x11a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:21 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x8a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:21 executing program 1: 16:43:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)) [ 2031.634937] oom_reaper: reaped process 32663 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 16:43:21 executing program 1: [ 2031.756728] sp0: Synchronizing with TNC 16:43:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) stat(0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) r3 = gettid() process_vm_writev(r3, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x38d}], 0x1f4, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x306, 0x0) close(r0) ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f00000000c0)) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r4, 0xc02c5341, &(0x7f0000003980)) r5 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0xfffffffffffffb3f, 0x420000) r6 = accept4$unix(0xffffffffffffffff, &(0x7f0000006740), &(0x7f00000067c0)=0x6e, 0x80000) sendmmsg(r4, &(0x7f0000008900)=[{{&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r5, 0x4, 0x2, 0x0, 0x1, {0xa, 0x4e22, 0x62a4, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7fff}}}, 0x80, &(0x7f0000002380)=[{&(0x7f0000000200)="74f85545be4d31fa998d8152b97e6619ffffe20a264d955b76eba91c6e9640e869792dd71e9da622790d0041828cdbc3078b4dab5a02b10fe60dfbc1df5cc5b3bd46bc2f4f1a53a8c2c71950fe22e663ceb6edc831029263626381030090571bd1f9369e74d8776573e79caedd44819bdfa10ccc4e7a75aec076e0b3751d98a1c54df330cbb6f1bc914ba3202485d3e18c222a6b13c465860a734c47dca22990e1b6bf830fb40d676839dbd29e8b0f2e89917b5568cce2237f205d109f3d258edb38987f113a254932bc5c57c5fe67693682b618f9a51c78e7f91743a5bcefdc9243c5c18c665aa84639643a398ec255b769e82e95598933c5eada7d07226db095236c39934c2156f9c30c5f0689627c5f957994f349c98148dcb1da2befda32942bb8cddf211f78feb9a8304ffd27543933c1c0184cc8789465aa77ccd877a9b4fb27bce3b50f4c27099ce561a97a74768445d8195f9caeffc84cc5b45d4c562db8c85bd63e5d2739d521663df3d34d282d581303a92aad2895357567d2b243c04605e4a4849edf52b747526752062aa03ad509c3b100bb986ac806f0172bec2f211dd0aade3e47f2d5f5c2fcc1f561d3b34d2e7453dd63597d9680157f2283e5d8ffc4a33f6c4ee8ed037e30e4d41cfb1526684656f283a801755e9cb7a66df0f83df79ef76df385536690f76e6031c002953caf09383a0127a758bc2f39a72c2e8b5f128f3a013738074886cdd77115c8537efb4acfed248caf5816a347459f73cd9e045de6b0fb272efa5df42f8b89208623df5a3a291e347d30c89ecf43c273dd6782f7b1d9a91881cd1f7208db21b67f34c3f8538eef84236270601eee6dccc904254b5a353c801b06431a764c5610c2eea96b9ad413e2f290fd7ddc3cc6550477b1a9cba4bb28d7b7024295b9ce0df160e7569385ec4e7926ae2d06c4705d6a2524165ac282b2bac729d77afaa31de94fd23d41a1ab74d9f65353ddc65b0a51c206ecb8504af62b73c5971b0125f1a54e3f19ed2dc4c8a1789bc8869969ef45f11f381384cf4c2199e4709833901a6450bb047d7767d19b433220ff41e77f86a4f0bc71a173dcf945e4cb5dc339a884f42bf5b2b9229549a785ac5bb2aaad4764b9209302aa81e475567d0d7ec7568bc74421d6cda9126bd4b64cd1c1cf4ee113893a028062826eb6be8bf486adaba173c00c2b76c4839589f08d239dfe8def1280e54e4d51fbe429ebd2dd7d84e661bc4eefcda212ed5a47f51e4d0b770edda210c8e3988dbb12418e24d2157087151cc37922600965a0a38f79ec49b5f6c9d515f6a2bb8e8933dad029a27d48b6368484c0c5598acf776f25752ea8b26b78bf8d2f647a76cdda16ea26a005f3b31e556b319ae0e67f6b924577dadb472ad64ad2ddf83fe40c1b08cba2f326d43ff809a31ff3abee975211b1105cc854adeb0e2efa4c704d5c9497042782d3f435adfbf7cd1fcb1f0a5c0fc5064f439c386c273398439ba72513798c5ac857c8d0168ebbaba43c031fdf802cfcebfd76044d29beb2155b2110a26342177e91c4648b901dc27403a809da2ae5f83321b5390ab402fa0d62afcbcb1c56c7fe3865520ceb5c50d372d90153facd32177cf05285661a349fc8c940e7b83b25a9d62cfe32bdfc4af101cc0aecdbe05d6894884eef98147453cb788b33bf1697550d00342b8dcd6985913fb1eba33bee180f4a11ba5cd0def601daa6d5bb899cc184b87559212a2703785d685dd794c662665bf82ad0fe37d55509bd366dd5db31a9e8398bbea06663e58d5d32ca36d16664843f641c20fee1765ea95f7be92c0affe53dfcbd4b6f9bf7e42653e7ebe1eddddd46f8b4e8b01e69c14a7e22a7e00874344186ab4021c50863489eae4212f332460ec235c7ce30738824b9c3f0c5307b18da55092d3b2a7c2dbc53d484425966114b097b4c8e63e8dfa24fbef643bb6cc9392d36a9b5b42ff7f97351c8b27aa9e5adb6c50cf0527df3bd76a978dab1dfd27b19ca87f10248da35159e050de778250d11bbf7feca54843bc1ab66d4e4153f2ac1afa440eb174e0d14244c3935549bf047ab731bb6d78c23dbd776186c9df6abce094b9d8108ef35edcbd9d7a7399396186aea0ec091336faaebfc66dbd3ee7115ed4a2197dfbaa960c6e7c124e6a0b20ea0b44322f16fc03803f3d84eae1abac3e9dde5586c45d61884f117d4bc6b5efd8aedb0ea11c5be3d3d0d8ce7e091fc9b63e5829104e92dddc49982bb4f9f0b8c59893960aa147f5169513539c8713f176654bb7a1e0bda366ad44d8d842903e983037aac78d9c15358fc06154e9bbe4601496b5a82f23cb114c5458657a5366061ceed505b540a72ffab900a427afc3c7271b02c569dd33ea2a663d827e420a5d77d9c4d23597d9857b6839facddb09d2e7d6c02725e5e65a7a39af6994e4adec4aab1a39be31a296beb4b719aa6a7dba4fc468e90d8e01ea80a8d955cef7b11e83deb664b49d7ee29f083aed338c55314b4dc108d9c204b8a4964fb6421dd0929629dec106aee69765d3dcf241bcb40dc0a3ad461a35b6473f20ce798c0d51693c8d3e732121a91a220b39b8c31c58028b2f028477a2296d10470f342d9bbcc9a9bbbd79bc1209bb39fcb2ba4882ac92dbfec1fee084749873bb79abd07d65c37643532d8c86b561f96de4d73c226c035f39e71909f2ca83f3ae9e4f39493732eb167d51ccd715e59f5cdb9bb992be1a18294f5b4a3f3b9b5119fc251503c310440a124b57b56972f67d6dff0023929d313a7187adfac521c9a0fe9b0f7e62ceabde154e214ad1d5bea5f07bfd27c80887a5fe19a94576bf11e66f457485d6ce7944fc3824d4e8a9782bb6d67d8084699da3f3341805e76f336d7fcd3e149804b137f3094c85ecbb25f2d7a3b8ee28dad6a4db53b1e7e12b5b092916a146276b4f8c11161857e33da8b5ea9dd448ede613149dcd66800e66b79c8ed2e22492f6b3672825cb6240e9237e043e1b3eea916bb339a924422e68374c3b1cb5797cb7e70e1de8faf404a3c5f8a66b477cac03a1cbca277aee0ef48366b9ab8d2bfb0aee6ddb0374fdc6ab6cb21ca75ef30f759b0436cbf49aa35f8dbb11c58c626856bdae33e0933f55c0aea4b67349068a386c0bbc0308fb2c16b7cf55b08f3ecbd2d4dbf20f13b33054e23af5d856f3de775561764471fc6c2e2a170b6acf532de4f76cbba36a50656178228a96f5385cfde98c1a560568cf131fb5ae352887ee0c33527628dbe18b62c76d583d9847e78feb716f18ef32e056f4c55c6c9856da7385f0de8995547eafe01212d3712f00673fa8751e941a4263d6821ba985956761c4c979425ae5629d6ee279c25f3765ee34747001f7d02af58f6334464bfbd180bb4a7430580ae9944c044e8cc969874d5b8444381ea13b43c494722268a8d5e880d04efb492408310fbd2f7cc7d53e7629f0e242b5ae5ad6f26bf63a431bbcb931487de2edfe55dd4c30655a58390534458fad147507d7c97c284086e0aed9f07bcf294889be6d25849ca681d2eb421b0ccbf50bf1ee4723f3807a2f219e26b99dd2c3431b87e1fb7af5b2b50d8d7d460e36b805e295fbb68b64579f9ab8589107fbd7621b7edbb5907da4ae68cb151f36b4ea1413a1035503b60867abfb06935e00bf8063c1089efce5314984506f6219740a87cf0c1390865f67976957fd89ac2bd099e38cb3ba9f8d68893a0a0ef515b80d91484244960adeafb7d6f74c1726277dcc87d48b40e85716ed3474c6a82586ae36284936449d752affd2f0d4c6c96c9a5c9001dee409af22567b469ef8fd2eadb57b578acfdd8e9011a16acbe1ed5216bdb506877e54f6aa11792dad286c6af1a2351c668d29875d2ad3d4e0ec425378980879bbadc2128398038cb27bcc45e6a43698b2e09c3e4833bddde62078e7df69f9b889b3e60037d9123103b1cdd4aeb7edcee76fa69ccb3f2765d43ae432275b453856aa6b31d790a624e0b49cb3fed06d37859384e63e23ed249df9fb38b3fdd743f5e580099e5f5b7a725bf4d445317cdfef32b5f85000acb24556cec52764d8346d8bc310e65ccfb645d705c671e5f2b29fc3604dc28101180632578be0d972d3a51c03631c47ffce77379895406cff682b701634b3af441ef84c98f410339a96e92656b058ac1ed358047f3e7b3e76d275b5761558a7fbe2b853c27661089aede4f9a24750ef59075900565d540e8ddffc06e1894ce60d4aae6872e0ab49ad1ea0b291781426946b123c70869b973943cd70323444fc40e965335c0b413fd83ec9b2adbbab0018ec5410116b2a8508448f7c1fdc4a7ae4deea450a3bb78cb633ac23a01bf723782caa19ba81469c631d01d2c2bbc8b84f70156c73b5fc789eca5d1a302b78110f2f4faab5e034a5dc2e77e9760a28cfed8234103ec81760b95ecb6a3868bd5d8e29f8438d86db0a0ad3fae8f01aa0811528474dc2ed288d64de68204114fc2b4c26274ce73190047a8628b8d20bcab842f651d5485815a42e08072855578e480fb38101c0a37bdf3fae377f75ce47b1f40c5d04205fd86ebb3a9d0542de9e82a1fae7ce1bd007b94aef83ffc8520f27d6a52e7f27d429ebe31920d46df876816ac3f2d3ef1126c382e3534e27bc67e7176931eba90ae32b991827c71f549ac032dfe26261f9b0cc8752fe97413ddd5c7ae4ce31723828df8b9fb2d472b9fdc398920756a00bedfca92cc0d5bb0d46caf85918ec7d23195f061ebac3f55653cc44f1ebd1b25a6a230141bae948785f25eef55fc882854a3e6e65d26df9add34af0f143f1e4dd7ff52f90ce720703a7d4c36254ec85a4e21042617e562ac7bb46a605dce401c1cd85c4ea71ed168f38d95fea101285ab3f7758707bb8b2605b2632b54256a99d8992741d3abd20b5583b0a450a5fd6e8185403ad39fa805c1b176839d362caa235db115b0e0d43055faf9ab82d3f49fca98a9cfffb8762d499fee65ddcb704783119540e8937092197caa053109bc7ff44b16a7c09b9fe705876ca7f7da11a24396a0e0edd9ddc77fc86a2fb23a4e8c2f25baa7c4ca0ee922d2653c3e5149ec636b6bf87a6a45dbfaffb1e46fa7a475b558b0b59df524ddf33db361a95896308ba5292c39eed084a5294b5ba3547ecf39a3261db0458a4f388681243156133ad1a5272ede1f24a4418c829eb365e3dac6a3638dbc47e9dfe2710016d7c1f7ddc31452d44344111f37ffab6bb6250aa0e3a5c5021f4a2088e9048089f84c602ca511b95c069e1b2eb3048b876c5811eb0fe32f14f876325de12e655028897d6a1e21337fe962a1520dd303fbf87a64ff33f9ab9798b5f124f30abd5c2051470e9f12410b5a8cd833d9cdce54823250f2a1c6f216b26ee8e9779977e2164d13f43de845f91eb7f7836324c731773adf0e282f4949b14106c7afaae718ab93f74f08c3d3b2e7c1502edca03cb82431cf8c8b219cfd05c049cd4411acf011ae99b6e2ee87e6e98071ea5b65b4467f63e845634537aba9abe41930a8564981c9731adb01185507255967240034cd08487995c8ca5e235c264bc3807b15a3131e65a1b990352f9a18f8bd4c92f691a49f932972b4763e80839a775cfb4fca29d14ab04214bae0b0b4d2a67b47f4d6858075b5cf8bf71683e539f96262149fc68ba5e9eb62dd3cfc18e66cdb2d648b9ef1e3cb8c22474a654b0e1c07773360c9399680d8904852b6691de4b188085e5e48acfa05149948c6e6b3dee53df9237aeccb288cc908c6c284793e6c273e", 0x1000}, {&(0x7f0000001200)="bb94797e221999c7bcb935daa86568a4e5026cda", 0x14}, {&(0x7f0000001240)="86725cc1a9566aeca032c2e7b193d26b5def9acecb051a839578529e2062859076536349ee17ddf9cd2e8e01f895478188687772c70cac2091052cdc03252485867263e29ad70983cf56a33f95a9dd20150f7b398a3c731f5235dd0133c2d98da10245c2315f844ab8941afa6945d325bef5ebfbfff3a0e93bd01fce9be1af2d51073fa0a756f31ea7a0845368326b263b030b2dfc6c252c98bb465af6b9d635a7897b85e501c704aa656c8c4eef9a83e5f7c9dddb433c4c95cea7e0def78b8f776b461cb2e3ea86d3d97a269d92689dd7f206e9321101abbe74510cbf719fe7e21466e371c4667b8cd8da0cbcde003df4e25b6dd2776751057fdab6acfd0b7b3a1aca8c38d5a0dfcda319fc1772ddaf1baa65667f0676bc33afd2d528bded5e4390c9689c20884cd3871a19903615f4795fcafdc1d12d2a0dc26b7646f2b4ff790ccb9c3af984e7ffa02e5c254cd7668c4d220ecab3839c7b1e5f671248909f7044ec1b764261a4eedec0ff9d30c89ad76f46576e227133e46e7608824f2f5396a95150af457304d281336406478a5a116b37e8f7f0d8bd91c17c856bbe39917fa2280b62ca746ea62e8311b91a15fc806a0af69a8815e66a4c1efcc27e89b27ba3435bd46de8dce0be415c561d780e2aeec7426b7d0dbcd1831b8ee07e421c707d6d4edd089781217343dc03d6f48520db77c8f7108bf12176c43de9f8da192360be88d15d155834d10bfdfef763578a562142c0999fd9764d7ba945692847cc005ced6fdd64be682eb5e76e7184d31122760661c09b7518fc14e42156f89a6db8ccf13b885942e6a23ce9995f8c7cbc3342a5449f6228cc020c09a120765dd9e80fcb6434a024cf3d0610fae5b3ed8f0a12b72191c6f61d417ce16223c13eed3ab8356e4c1b3f61726f6f9ec9d1b8bb0e1c195d5c650409ff5d368a2bcd10cd754dd2c00074a8133501112f49df4fa0fbdcb248d5e9c6a3842fb7d392a7b7fec62d3c561fd3cd7b8447884295a348a7679e424f755623acff8ddd3d064ac916698f6e995f9bb55c55d684c14ca47d207baa6aba0335303d68ce3a96da0c9b0f9b615ccabf1536578d02132c837cc010ed3e99cc0ea9ab27dcb2eaf48987dbc2d172d326aa1f73b3f074183bad06ff39d3e98eff70892333ba3a74580e5866e87806e7cbc73c274df208d0c22293ec7dc9259f69a2da5fc1c158e9e7a5dbc69686bf7a7be57f2fcbe5ff237b7fcf92073e4f8ed2daf1d4d3a2122fcde744f77d5872afd8a9dd9a7e375a0c1777173a9eb73779069c772901cce8b66253c84bc587aa5613e24365a4385b83836292595eef831786439cf0c7739c135abfe94f948d1753f5a97ad8a46484cde79c2d7f27451e9b5ec752b73bf28dc9d871e83af2f9b84e88c37929a4e0649425c8615b344d52865f721c2d77d8db4243fadd242048870c342e71dc5ec1798854acd78d061991fbe4dfa67f82758ac591b636f86354491206b4ea8a6a683809076c98b1c98913de513366f0f7ce7f55977dca767da721c79796f2aa9777963e4a4d9478425f41fdf756b95d9d1230f2c99c3bb74d3b51f7fc7ffb0e31cdbe56e14bfc651db7c980141bbff57d468e448ca4c69c92632cbe6c36995903888981a052bb5619f35fd46f731ff596921c7c62101285f36ba8730260de5dcb3db68116eecf847e072deff6750a0f68b041fda3fabf6b426ebbe84c26686c2ecd8396f80dac785aa74438e4bc9f971a2045e6f0a8da1ab9e07a8de87906b329ab612c93aa2aa4480e1216abeec783280216efbff2d92ed082201286d41a306278ea0a8c224a7e1ffdfbd0e21ef515618e784d1bfc64d6543355e81bb8ad2104cafecc5a35ffde5f029799875dd8978af845760f5136ae1b59f8ad3dece8c345ce5340a13bfbebf22811dccaccc62f1366b12d1957e9a313a3bb0bbc0d8c10eba0255c76455d4ca48bd41e06a62a22ebe3b7b2e06826bf37908bef2b338e72e6f15fc9f293a4006f7cf22b2ff65acc133dfce290f8b8a3ce20da2a9cab9a6ce89f63de9ef6fd8f4e180a1216ddbfa01e24269d26f1b5650b3e81a8d476a4d6f567d3bd7c728cc7a991fd8dc23dfa3b0e41fd517d3d042ad1cd561de2c2561ecf752d5d5e07e379d1f15a81295fa308801261c47f5bf5ef2bf36525f8ee536cbb84859a51524b371d549aa65623c4e2a3fe8b44c97672de0b3650f17a5cf6997ae55b60e9487c8b1b72cfb4b06d6fe8139293d63e436ff2d71751205c00867d77ee8c6a3e70ad6afc6edf581f5a1a5f9c2111963b7f601c347a35450a3ca925f18cee06d9f0e4efbda59fa0ea628c0f867565b713ac3dc0a1ee9edbd2f130958b24ecbf1f791af0494a6edc23912485416546f647bd0a21a7904489c221a1f243aa7c47302470fb020f1dd2815609387f18922c7bdaad4aca9f10079111ebf16ddd7b07e92357d21cd4be96c3946b221c83ab6062430f1f2bd65069c45c97fdc398c39da439931e1d31a2c59001b7edb0ebf18f6e718dd6e47a655ce108bd6e45369477b34ee073f658e25b9a02febb1cfd81289411bd8da6d83ce7cdbe8ff3b02794845276eecc86506f34ad19f410bac0cc4c09c462356b96ffb72eb720999375be268069e7b801e92dfc0e2484af7f8ede4c5d189e7eed1c80652c3a8a7cd7872b9db885fd7f19304a1763ff520ab36ada09033ec63823138eba58988490d98442c0ec128a9dc338872639ab88ba8ed19afc115527364942f7acc80b556a5394a5e83243a8fd49b86c0f568851b458f5d8959f19c8849ebe1adae00e66f4d9a4750871d82752d69fbd16adbb34d7d4258f5b700fe38e63a7c4e9c9520651137c4d9ef306437e9c1e017f601e28aa3bc07a53955cdc613ef85b3e712b6ea08c13ca90866b00dbefef8c7b39a1a8dc926cd4ba6968b4ecb17801b6d13fd8f323f0bbfe9b21d8671fa365ff24c8f99e34ad7912c156a0c09adc6d52f60338c485e71d2b54ec3d3427c5172916d1bfa1abf4393e82755813ab660e26ea62903f330428309ea950bcd387c3d688f11c2d7b63ccf4132b6409b66a21c4745a99cdf00fcac4527fc9e2abf2c73e27c88097236d5b81035c0562b51458e427bf2800a91a3cd96dbec023a4299a1706e26bf18b642ae067925fdc777efe774cffae434146fcb2868309852a3d5e053d6c1ded693e5c89b5af99c840747a9007de51bffbc1e4afd48a002dd9d283e77beed747b75a73945bfe28eb0ee0a7c4a101106c55b808aa780658df705ccbdd947a63edb91f40466a33b6ca7bfff61d8d259216b90d73bddec13bd1c06f0ec54b3d61f577ce501d41aa40043d700c295bbbc5bd36f74a1d4b5475bef13ca2fe53aef1e8b077768b9ce1c322ae8c22f931d43f05d73f6cec8d63e94e6c8ec2a928e91ead3db52dbd415c37f6940f6e909518e4cc540fe81e6a02f8ea5a259fcfde696b538dbd5bd388b4b53578aaaaf5f54861140ce193dbeaea14064be3106708ab6fa78f886799f10b3dad3f258ec751915f4379b602e3666512790dc29661779e0a61ad1b50fff04dbc2c98b8f7b79dc1fdf771acfe489b404c5c01c89bb33b9099df9096bef504fcc14a6fd17e4cf2d0582bdc5c43a6d803fb72a37bf0fe4cf3b669612d4ea7c3408af69d8a36abebfb6e3c922f27b11e91868d6a3815a3d9c1fd673b4969e4cdc2509e788559d817518f7572c46c44248528dd223fef6d488466017eb04be07928b6b4b74d7b1429c24f7dfc7b07fdf79dbdb2113b085c9adab0d171acfad655414f9ac66d4594e901dc419ef8b4c8de1ac35699fa0e93588fb61979cd22aa750ac292c7c77796d3162df03aabe8b0c0c6e8ddfa90d3c1c6b5e90d09461f165142fdc06c5a09fbc998eba3acb8b8064241c8103503fb17b86ebedaa745ab160ecb6ec8e32e870bbc106cfa7077dfa27fba2f671e5ff61f7f1e582064cd2d02a4a1a2017059acc273639143facc6f2bb3c41f66730ae8852f5ec2e490063daa3837e072f1a2f33cfefa36f7b05edfd42bccc5b434fc90741809e8d87beeb8dd61b85ac702e5c91d822a81f9291ff83d6fceef2970fc6cd4c6ef9946d0e559c8424c7037beca03916e59f0bcb9875bc3e6d1072610822a0f8e8db0099d3cc17230ae6838b2075895822df069dfe569d9979112100ad53390d14af75410ef15f6731f1e00c6a6246a4f1e4dec11c4ea6dfeeac9b4cf69c6cb45c4ffde68b137859284e8976a1d89059505bac14c7532ac793a916a4e2e0432e4e7462859d975fa6279375d1fa493912f9d3a13ea8f63151906b6c8ed83fe66742764f9b7cc4b685735efa812c955ec67e1326502f8a817ecb9a7eee581c1b46de30b20cb62666137f1725f8b02d13a168ea23b9b93eaa3104ab1ed3587046adb085ce313005dd021e7f95e6d2cb32d3516005a847a37541ead145b8f9d9905ad1b09128fe714fd3930185ffbef495fa51f1b75a3138b31cb3dbe14b3aec8508424c252ea072e1f0371c8a4b1462e150bfdca4338c5eee004b73bd271c7ab31577f952cb348ca379be72f8b9563ad4be261c069187c33397b9cfc4040b6136deeb620cb9d5ca46496b49e80014a7def8e9442fc5970ae2e234f36fad2727a24df45d72c6d474b88eec8d558d894c2ed33c028e4200da2531526d0d1572e38ec20e6b7b4e10c39d820db997d906519d27da2189ea4a07d0c2e4012ea38e58a1ba151ee3bab220efa5aea7a1449ee7c8a4d5886b8d88468a8a2ff01a86287198aa8d568498046a9f86f7e13951cbc92c07b4703cd5bf3a3dd8a514f18be634b334c8e376527b27cdbf5c0af85b53b5f0c683e5e04defe13c8c259968c69e37578bd6703ac7ce0bec469acb0b0b6a6eac74bba1c72b0cadc5aecc925fca141ba471ff3d64532f1a24f985e7e3db73ae52e5cd878be4cab8639058b11a0870138733b7ba8904f72457686ecd3ba0a434782c6de72da52f81f8a369ddbae032b5a0c7d3e9ddf391ae2dfdc8b87e8022a08fc51d0afb612d721e31900d9df2d0b2494382b1438d336041573342697777c99870a6dd2c878cc7a38c2e99068e757305e977c808050db260f9017d77c08c1eb1f215c133bb1dece8735ec54c8424d2060729481df914e7fcb22da5c214cf5184928e3e853d8e45cc2ff254700181b2307e7df41bb9aa75bfb127af961e11350b3147ef4395dd0ca69959caf940676f0cdef745f2a6645604ab934b8218e3b1e8c075fa29f3f6684ce0f1a99e638bb11c6d0a79d2f730e9afe42e5279329546ff05d204d5ac06945c0fdadba0dda503f934966ea08a661a9c0691eeb0c90d160dd9356f14ba4dba411b445008769d393cca689315de2811722fbff428cf53141650a4782d6a427fae796185ef8b0ae5c5f7ce6fd62ffdc0fbcca498b6f43da5706f5f8952db507707fb16f74674e8ae9873e2a3970241d3010ed616991b36546bff2d979d9f0ff0a495ec711a9ef82e5ca64f9898182fd66bc500a442c5d053a54219a78a1ed34a294f1f3abb45085e1392fdf98ca5f12bc7c9e98a2d86631eda0a9ff7ee55c17b48a3b246532466b2ff20402b99f5b6bca25530fb0f88383003e25762c38afceed0249bbdd1ba8a8c5c76170a923e5e85ff34d22b0b6a3ca7b8d0dd374f92317eb254f91fde6f67487bb7f9485750d3c453a81ad326f493a5da8d1a86ac906b92a6b1900ab54ef06491e4497026e2c62a00ebd65f5b72d539ade86c3fce127bedc04ec21fce3ceb0796158e08db4c747779246155516", 0x1000}, {&(0x7f0000002240)="b938f5a5490e85161548dce913707b4e92829e89e4a0fb7ef76c852a7faa960cb066b1048c6843a767adc80f6dbd0d71c4fd90b9b2f3d3dee6d5e5b013d4f77e379b14b09c58a4e07fbd2aea7138819a737f36d34cd8f14a15c9188a2330e90deca702a71196d94a7f662e008a2f968f841d2980cfc1822644a112a16df3318a514f183d6b7d2af30011a8d8f346a3e373d2a655be862e9a10dda6dc2a11c1f1edaa4ac3810741ab5e189523c8d1c6d2636c4e8f0ea07e12fd9f49f2defa47279b3973cee345d7a5dbd7314239e63a074d1d31d3d00e6704e3a0d222", 0xdc}, {&(0x7f0000002340)="92507ee73642d5b031af29574b2d", 0xe}], 0x5, &(0x7f0000002400)=[{0x30, 0x3a, 0x7, "e913b425383da0d681a63a4d1e0c087540002330677229261f23fd4baab7"}, {0x100, 0x107, 0xffffffff, "74e92dc0450c323c6d0c93533e62b339970ee70d8066a366f054059eff727b0b80675edaeebb75ff33de61c23157fb1d9876af786861abc849992d4c8f88906b146489544971fc843e7fd9ae1a704b17e072cc2ec7e937e0d0c0b3ef7656825e960370cecbcc840cb2bb90efd9fcef4ad899c068e4e7440a55d435f981f8050e4a4842f228c38b03895a2caff3fa20cc42142294c4be49f7bb6d89f9be677b63eb34eb2654084d22047b394a29392c9ef313294f10fcf9ea8829c5bde7782cc34969829ffc694e9f7deecbe256d5f4c0270b1b2a35a47ed2d90deef8eecc273efb1e1686dae70cafe7"}, {0x80, 0x13f, 0x2, "6d6ac41bfbcf8aed0405d4225f80df88d8802ef09e78ece215906053c99732243ae7ee1ce976357935a5e98452c562d323b51860cb5c99342ea55181018b544a11f79eea90f0c2e185348e7da987b25d0aa99a210b2ef5f90484d240dd81aebd2a6fbacad7fc1c6cdb0fd62e9700f03d"}], 0x1b0}, 0x9}, {{&(0x7f00000025c0)=@nfc={0x27, 0x0, 0x0, 0x7}, 0x80, &(0x7f0000003900)=[{&(0x7f0000002640)="c70db794f4773be19721333d3d8ca48eac8b15bcdfa1227454aafbde432478f7469d20894384a5e3bbf56e4c99a95fc3716f6bd57a8844dc5e915443100da1c27c7069a15a4ad31908efb0390d47f47ba7ff8cd3437f3e83a9135cd693bd13f5a1deb5ca523976cd0abe9598d88756a2c6f4f2c15c339339ea611f2f3f1fba64ad56a77112382ca25afb6b0ab8c332a31918e6137f6f86ae2eb8c6c1107c20e35f97790158a30d6aa468f862086e6679870c6156eee17297e6533badc6c102ae84b18320c50ab3ed0e8b3c7a0eb2dd702d42dc027b0b7f1823b94990057d4a8e421168d16e036f0a037a5b7679958755f6dc7d33dd", 0xf5}, {&(0x7f0000002740)="7523e5ff23b1d5481e88c1e0692e307aaaed5ac5f42dee0722139c3f24608b9f6beb6aa539c2ca23675aa58607f78295408272e51624f439ab3613760ca11ba8548ac13bd1a65c1b54614968c5c561dd9cc7753b871b6376f876f161a668951c5bfb1874c511d14fa756f287f410c253a63dd71a208a78817e9b", 0x7a}, {&(0x7f00000027c0)="b625aab930139ee5fa8bd2db101e2ceefa27a66339711b2929a8e42a6a3d1f9ed6829525faf8d5585740206efc6ebb07409791c958ed6a40e2552dd157864628979e2b802b43df6fb855612521cc5a775ae98edf70b88337e934731bee759e1b9494a0f114605fd98f926548ae71cca0f3f7622db31a9d5a9caf6fc929ff85bae539e840a864e0c93ef85b78abf4ddff39df09a81a756601ae0620591627ac7059f11100df7cd86f7ce04c12ccaebe4a525584a4f0beab82ba71884ed7156f5e0413ee705058a07c161532b66c974eca1fb9659f993774dd3b6322abddcf5a00c9c0d5cf0110d9e0f5102a83af0ae6d8e14a2c3d8f385500699f7ddabd12d229178516fea21c1a3f9882bf1e9f25e1a1eb9ae0a0287cad4845befd4147e599b433d68637b77c8229caec2455930b976972ef8a85d533051c4dd2e71ffbd0b23b46c440a4262f812754d8f70c8622d97f9e65a8ea16c41c66c65a1b5517e3288d0a93d3effea0f7a2f14ee2c9c26088d74837ef9c5d1e18220b32ac7e2fc1f13c27a2251af3752b197a800e07422b5828c84fde50380b6c4e30b88067d902e3bf71d0c65ce4c83c28035d8bd1dd37ecb72447009d3c598b8a4cec0d8feecf29c9ca6b793eee81c329cd49b399b6a88472cd0e1768ccc7d236046b0b0e34a075959e992e8884985b26b38482ab6dbd388830446ac32ac70507cffd333e1fee2e466481b518a8357117cb8d07d87f441acaabacc5997087323f34d12ef532153182bd93ef6a62634e54a461125e8aafaa5e1511734dadf3049e8c40e49a46f4b200fe8e4b859d4af816ed9c7a3d1283c4c3fe996a7e7b414f0ca0d55792aaa3698fa4491fd8feb4aa16f298362b7343d122b5b1f70d611ac9214bd6784c07e2fe5e59dd5cea9432766f622ca1a8edebc931d3b86c7e085db50e6ea852668d8954efc6f3d00994187b24a491dda13433793da800b0371467ff255d777979467c53804cc53814fd9c331b1cb134bc00bb701dc02c982c588bdb60d83c12dd983b6369abb54fc0ccac90112e5fe4b70311a0af75a74249feeb9a092dd3de99d21a2e927a42444940023681e71b1000ecde39819ce926a6d654b72c8853dbdeeeeea21ede9a1c16f11104495466889b8d81df503b223388a2d6408ab8c70df02ee5af741febe1755e87d4faafb7c493a42ccc944a2bccdbbdf34b62b66b763850e5acdb4815970d9a9681e88e5ff4f6b78b44542985e94755acfcefd5efda7d110cf805f93be9af8ae443930e6f2b0b589f4b714de363321d9a4ec3424a4b9d789f260ff5135d92ad898509e666b5d9896608f2556edee6cdb07e417fbfe7f5855cc184d17cf0aed70c0af1733f403cdacf539bb73b61953316bf3f4ec830637ef1f797bfe6478ca284a456e0e7435508f1632bb98a0688cb39fbc1caaec7bdbae6d111803b0426123a149d67b8a4bbd1bfd152d97bdf81a3cc8d836ef5aafecf16a703ec152714279a7d84753ced918773616f2df502e8ddc44708b55f75bc3c02167de96aabb721fdfdf30e3b737aad666ddfb889af0b3c638ea3f8e2f5e382d3733115004375102f0a16efbe44f57c6aaf58880eae0794cdd6b5babd54270be80e01e818ef4caaa300a151e84e652dbc6b0e176d8996a28e82d0d4f20a72ff0a9f4aff9969007c16b13c60bd875e203c6225a96092d9d4fc9525de3df85f7cf2f6ad3c7446dc9a78c770dab5eb5a39577f7735c88951c9a12d55c8eb8b481ed92dac791326f6c8aa86226bef711d4e4723ca4f2b644fea579213fe324ed1de5ce12a1f89939aa0475d9f52a750fbf1332379123073198e115f7114e032eb38243f1d171190dd1dd7e7aa35a2b1abb93f33682f8542809f03fa56c1881a86cdeadc0d257db5cf956ed67668991779cedcb18c252cb4a9a3bb072ac6edd44694dbf8e821fcd3ef0e73e476bf08e3e2c1bb540f1a3ba61acac85b9369ca9d33e41f898df2a524a01899162a1c4359e1a8eb394a241ba09223ea2db8695ed87c4adc308af9f8e2e71d768931879886af9fcc9eea75cc7426f3c77868a8d6f6d843cd18ab3a406d2c6f55e52484d334b0eac1471f3226bb9b8997689c60b433fc67325c78b21f7714360c353cc5f4f6e3e8694a7b90dc464491176ec96cb78de9bc755719ddacbe11d96f607879b30bd738e74f3698fe6f614b1f89dc5f399dd558b3b8f4f602de4b259802d3b0551c0cba8bc0f75979a7c3f3dc1635726506309db0d6f24e7711e4044459da3d04dd2277301695972b058008902fa0243057d15f9fee31c82952c6e3b7596ee26ba8a505662ed263017e77bb9bf7526b6a06b2f869be41254150ceb4484dd1d0575c24a6458fb682f48d026560a2cc8a920095e3bf6822b5cfd3c18f20de3cf4dcd986e3b8bce914a8041f4aac1981147d7c088212fdb3eab9428456fede6826edcc7343f325a1b9e94802fa450b9fe2d9fa3f99f9c22f372272663f8939b985ae1a60b9d34073e53bb519a2b9dc092ecf66f6ee87b34914f9ddc25b4253ce86f415ae261f9b00796f85920e6e943fb6721387ca2e948cabdfdb0ada129063924a94d62cd72aeebd7f53a8ec53edcabe3c9e3ae5e738390b7f706f6d7aff8125e3825578c07a261eb2c6fb3c9657570d8cd6bc7f585a351f2bc6a6c866308247752c4805831900613b42e0d843296e4f1456e0ca458346e3f4de9b4ea3452cf51d15bff12bd1eec668c1efd1af9e0e59eadd290f8353b43437c423713bd60b65a10bce71954b8e4f6979767d964ba529c8226e61dca1dde6e79812922f22d989f75f3ec3d72217ef91d30c4db1924732c321b192cc801846de89619b117028e23bbaa32bd243e74bd8b495506c42a2175d2b643cea5d396cc722d3902ceb64a2b57e06c28c7229168820d18ad3aafca57ccc587c3fcad641e79cf5e8f4931813eb23fe48114dc7b2677b64a242aff018c547fc08894fdc0d34938ab4218fb2beb52086a42f62c81651c30186dc436b38b2cd3fcbcfd958d3dcc4a06b9d0fd10b18640ea3cf8ff3338e8c11c651438fbce54b84fcbd780f0240866879da16d9c36c20106c8a3cdcc08bb7d27864d8b891fc4db370c81e2065d74dc6332a89dc13370d545a2519eae039b8cdb4a1dbfb3bbc736b6e60c613b7a2305d2ed6052d10d26e28d490ae05df645e54ae89828d438faa57a7821848593f5f88549a83629f8fe7c7f62283030dd4e0eec13eddfbbae2d09e6293f5f8b71e9a44b52fa8377ff0e30f1cf8d372e270e76d7faaadffe11fbd0118bf405ce2580d76cf683cd0ea72f00f4ca1e084bf89e9963bf49375f10e2bbcf70b4185ea24cdbaeedbfb349f322500cf49fd3518c34e3643912bbe8225ab0e0e587977c2f4141e44daaac95f4e61f35f67d053c8596ed30fffddc6431ea02e3c385b3ad30f99662356b4d6da51bc785b26ab358f56e872bb67a5d51662a606f8a4c4485b30fb254c77e6fd9c1452c673ebef3cd32cd38a5d8b829768e9f38cadb55b3815a6e08034e4232270670578ee8860284efa8308a05744544267b3386d57d792f9be00adf7f4b677ab594f9c837970deb01b2f3137f3a8dd4c7cb8f64b49d6b73bd1f752299749439dc6b14234ad224461309417da00d4d100a25e45ecbed6ba5a7b827a9ca28336f7405d81d83bd730eeb6655a2861b06f940b2382dccdb9266249ea85a8ac1c76b1acb1568f3af38c5d9fb91d27317e1392ca9662eb2c8269fd3b96de622ef5cd73012b6e9b80818f00e3c59ef2eed750462ba7dd32293d113a654f57c7a218f0b1671ce94089000ea14e733ba9d346cc9b214dc401ab03b86923e09d934b1a648a37e94b355b6ddb9a1f32820190e31fb069541e954d43c21898cc3e276c5c8db0ccf7975c3ca88fc6a2b8a6d27874e008bbec023566986269d562fce3b73008c063781fc3a933971eb0907911cfad4874f90cc065a199d5b6fee1625cc1cfbc1459d1121c6434b7f1f49fabf305928400103120a2fac1dae6928ec2eddf2ee5a46eca32d69ac3b61eb9cf31041e30c6c6a2980503f083306f4e3fb9f5acc34ffe7cd21aa460d0c7fa4338acc385a7d758814b13ea8432aaaaf7e36f4dcf68fe0376dab35bbe9f65d9e4a81688102ed7ed3102442ddbdd64e70d5a95062ebfc1c2363bf37f12aefc9a24fc8a4b5b1809fedc2313f5820eea326e096116a408e5ffc1221c0efee01c7bb85a242fbf099c893646f7a4aed330cfae3e765cac5a426d115db38565a00c1b876bdb3e0432a0ac50fb34cfb8777b9e6009dcfc864e4e31c4334728e09c28b951481e63898d476a676971c487f28fc819d6ddf1f8cd495cc7bf7fab54dd6c018a883eeede5837a608e67ec8779c4a5ed275d38f172803ec058820a8032310d4699a2f193234704c57a7388aad2dbc741f66c625ba96db1f163e1b7f73cf344b9f7f76ac9e8910cbb6731d647b170c98f29562430dc8449d0ac47fc10cc994db3f0fbd7021a168a062bcc6713278f9e05c5e45b90c4626184ab2da7f050bcb1b4c6882f7b69e54cce6b918c03839104685aaa43767d1c9b6af32b34ee80e6c89ec8c309295b79ab095230d499068de571296bd53258d7d9db5a4e178253ed313954c306433fca16e14ef8fdcc276db716ade337e56f5e407c93a3bbdcfc619ca119bb2af4353e96f7e8935f32c99054b9aeedc6a7ded187e53b39fcc31638caffa9bd76ed4177eb3b0e554cdef16f504cec8afab4a6c08049d9f42bb700663ec1678474c03f730bed807bd8640668ce537667ee64a3af4d4c4766be1be454b6c05987796d2020bd42cd6a3bc184985322c02db387c5a9e699dc98f8298330900389d8867d691c855cf2a677a83e6af266902fd9d9e0745d66b95926134e897b2b08d6263e9d30dc8b050b5ca03357b1a5a065e2fba059cd09f005e7891ff34547e316e2ade3f2a4a01c31c378093b9646c5bdafffa93bb118a497fcce8f641c300291fcd82fc7aae9ffad2bc568a26e16d2a535f24f4bed7aa086ea18bbf11006df5298f9660f4c02bdd2fbeccbaf987d373b257b82852ab919b9734d44815bea5be1e9b731a774ec54b574d9f61333aed70f883c817859010646aba6efb327c70aa07b4ddea1859ffd26ffb33eca5c3f6f375cd9a5228f4f220309e22681fde2d56c9077492a45c3d353bf3d44d0d6543e3896f631c5fd293ab81f799854a0fbb6bf0ba91b400a64f1c91061ee291db760b2d9f8fd97eceddefd26a9d93bb19c1991c2fd10f549c7ea31f408ef15cb61876b31dfac4f32307cbcf299938801a99d0b3fcb9cad15343bd65da909d9826e9e1757bf223dd340f80852800156ef8732accfca162331ecd50bbb144e1d79e2145e22b14a814c4607979d7c722a5734af02109fe78c1a491c2c8a7db9b0697aa122c91605f16a4f2de2b18cc3843e6140305470f52d9e8cf9fe4289cb2a0285462124328f1b82cf3a6c47c8b7375c8871ed52b7f69859a7f9f412d31496d9d5ba4285daac1f2e1943b903fc14cb7b65ea9a2b82184c1a77d27135d3728b4b9cc09c047f48c11f80fdc026c5660fc07001a515e87e2d010b8e879710e8f8a19d86b163a269ab89e4691d8020d81cfa854bd583197bf9856d69b7613d02979f27f40806669c6e31813e985dd85da5e614e900c861f05981ffaab88e8721f6bad1d75092f5657346e1dd23ffd0d9a9ed0c472484c0cbb78ac5f76fa080fb03bd8fb70c86a03e7399fb460b1f09adc93872c84a8cbfe2171c41516447d0d433c", 0x1000}, {&(0x7f00000037c0)="1fdc0f9a4860a5ef3b59a70ff085c8183c0bd18baa18670f16acac869db041ee0300dacb6463314e6bcd1edd75a0517430943fa29f5827c5621b07b154e2f3da7ef9203e412fa2ed41cced4349db928533bebd9f821ebec3f95cf9bbd48a2911005ae1732f5342145ce7a64de65a78eba434626cdbd644662aa2ce899bea77f89e19750d72e07423a3e76c400cfac3df20f4253ff3b870b58d0befb244c59bca8bf283c0b48b7607", 0xa8}, {&(0x7f0000003880)="ef08a6494947f4f90e23214e4edc5a2b923fa144d80070a37fd82ccb7ca3216dbd2f26190d309ae357fe838baed95de09f7515dcf112d8268b8a569c31e0989bcacafd72179f997a5783b743d4a140e1f692acfddfa1a390f1457990e43fdeb58e5dd6d02ca4d8a7e1ed8c1e0acacbf73f35da663e932f2faec0b998", 0x7c}], 0x5, &(0x7f0000008b00)=ANY=[@ANYBLOB="78000000000000000a010000040000000eea32b4ed00b0aef67b97e634a0443d536700d2a19d2a3dac249ed215e47c72e2e3d2f26a941d68f3daf4edbf17941dd44375fde9dcc6953da1e98e2f5810adba5bfef2273df89a46753bbd8a2ecd251a99ce7c09e3b615435122084c241e82fba7000000000000000100003dcab6182087f400f54f58a669a36e3e83ac76456731b3896471c130a9d5b076bda50086b7334f93f84522ff09913c800a0632fe51bb32fa28993fbb95378752738f901544edb1b1f8d607922f4856349cf544156bb1e7dfb047cad23423aa98bfe161f11245b0c214bc493df27d08605e7097a1c9b2261a3f58e13c0a66c1a829103f2418ccb1fd213b7a4cda5cfb30db500a5e5d08d7659610fa4caf8aa0eaa85b1f3093f547c8fdf37a80a378ee8b9cae9e9366dd9a8c427da71c8e009e65ae187c16161eaa6e7aac9e46f2f1f316bb4388c22dc43b2c5878a20c29cbe81fc8ecab841395884c32ede3d7912f32dbe28b73b7afb76a131a83b0c310ccb25a90c3bf1edf64027b10c17e1f0500000017ee7cb8ff1cc12972fe1623f9976d8d7a012b455c8070cf15a7da7de7dfe9cfc51678ee422a20fed0241cc0c57f380db04ab3701b5a5a8e1baa8cf478aa15de6a3e6075e699767ccd8c753f6289a56aba6389daeb4064"], 0x178}, 0x4}, {{0x0, 0x0, &(0x7f00000050c0)=[{&(0x7f0000003b00)="c094df24eb686a2645fd8646455cc32b49dfc2813e177ab470ecd2a9fa693836df4bee5dee0a2c3193b56f996520a698aa460f710abea88b22c0553ef3a85be04b9928f48abc561211385aafad94c55404b3b82b59f2bdf399e7b2246e95285466faa26ea09a2476e3955e27a76a4c4a5868", 0x72}, {&(0x7f0000003b80)="a0cabb069284e67616847fbfe67e23ddb859e19dba3c7b0a418055dbbbc73a3a6e2c4755887c743f522e5fdbb938bbe976dbabedeb5f87b02b75fff751102b901192fa6691203df2450f53f17234a7bf901eee7b87be319090ab27a86155f4d439cc517ccbeaca99d4044761938cf9bb7b6232dee0a059fa96df828598bc2a57a3cb43c9f1c2369141c544d37a4e0ea35151a7cdfb50315cc1d6c44461310a62978d08f85ae102b8273f961db473dfe931f16fa22f0367c7cfadad33c828b5f32cac", 0xc2}, {&(0x7f0000003c80)="0d7f471f7ba58bd283070b5134e448adee22630e412a5d547dde0ace0e781a5d5c7831a93cb7d4b9048c5c33cf259284247dda86b6b04967f0f1c64603c8e521180b9eecd17dfee2cd9d6df34a9f6c0f24c167811db67d10a1b1de0652999d32f2c3ce7dd0106b20a978eb324434d984d0d3a9db4773743e6a1f9a99bea67e220f091f6f0dd6f00a96c1eea5cedb37580f289e50b6a7f5bb255ac1ffe9002b85ee80dab9a1ea4bc02e07f2f575469d5728e6fa74240fa6be9b635f518b5c7f8d6b40", 0xc2}, {&(0x7f0000003d80)="ffb2198d03f3549745c46c6ab1c22def64d73958e89ae6cff9c35cfbef970ad952db5b7fdc78dc442b4eea4bd418746ac8584b78af0b41aa947bccfaec8690bc5832475eb101261a8fed50f1405a593e09f3e9c6dfdd1b39fb9535cc5b92288002be3c79684674f45376a0a4a1d4f5d48596963b42a4d7e84012652e1fe713bc95fc37c4defcf378967d54bb7d2b44847cc40d53d75c167e6c5fc24d1769c3616850a5052b6d341863d1f7e19f5893d1d5c4234b026aa926de1b8ca83e69d230ad6d17ad0bb9bf10a13bdc49b6736bb9653e1cb65862b861d46ebc3f853f22d0758d73df03131be086bb6701f8c15a0f7da613fa68751e3dcacf19cb673828d3ffc9de7a85da3afc7948df151b6cb9a2e950c2451e15854efdd6e4a95df6d181e1d70be11879b9d54a80828e8c7f423282b4304f5415442dc1f739b5e4a91dbbcb5be544332a6e7488751b25f583661241f0ef72b654cd69e381b0878381209e128341f76a312ec206f6e567281c68edc563ef47dbffd37cedad57a35dc8148bf23a0a76247396468a6f16ccf6ee94c1f05e24ecb80aa80937598ad3029da7ea104e47155e2990fbc6194de5b125abedbfbdcd840ffa7bad33c12d6f1348954aa68ec8b0a7363acfb863400983c51f8379145e097452bd87f5c253e7e7a245e9b8470bba244bac57cee4927da6065dd94d862e24bd0966b47db9ad2bcf75926b7a9d4f8be69bba52164ea0ed75437f9c483e33fe141e98e17a9b57e8348a798f93f4e68433c4e3618656e50c48aeac78779cfc66a21862b900d06e026846202d7e43e237424a8a8bcb181f1faf59cd2d628af749a385b6caf316e05c69997565c45a7ef3650aec132d4feb6149b17084754cdc29915100278663f2d4fe33f6bbc820e3ccbfb844ffcbd8f92cbcd132dde43db2ba82661d2ac2576a025387aaedf337bdd6eedf2438f6884acb2e5cdcb0ddf91527f27a628c90fce5a877d9a6adabfb3635cb83eece23d466cf44081d1ae13dc90a547f1e7ae11e925ff09682b57fb1d93c0567ca5404497ed1132c27c2adc59be3163aca19b69031aae76968c629f38b5a91f122ca85759b4c846247672f9ee852f690c2986ea3f7de5648742d0a5feb3fb7d32f391c57e40e5ca044deceb0aa3fe6eb25b7d043956b4c6a7e2206ea7bff79bdf8e97567d166c3c3569ed3913e4bad6087545ae5e38757d82dcdf640047c23de822f13d22cfbc8223b5eb587a09d08ea59e9e912f948581a33525b812df4a34b264ba808f17e544165796ff97037e104e605f6058dddd5d98dfe38c982e6e4f0dba69fde7c6085b999ecdde2a9732abb4908b9a70fce4c4ffaee341ef18058213c688275630ec5e0c76c109b4312359fffdb7c7b77c39758940f55ecb3ee7eebc5a9eaf7ea884e84577213a49d9247ad7101ad8f1d806ebb163710f5dbf90da73590330475e3d092572783f7789b540d9f558bb3e4ae9519adedf5f84e9088315f7afbaeac7ba376cbed4268686091755b24fc703fccb0a289fc26da6ace8b9343f49b63c03c72a943cca8340e3908e07276a22292a0dc552fd03b231d24e667b39ea3fad259cbd775750b2a3e199bbcbffdca6abb608642b2cf529c0bd361eb4bdf3fcf1e41f60593aaef57e7cf0c0505271b160a5ac5756ee4bc5231b2816c8fb11d16243d37a306ef882f13266c9bbbcebd803ae6f9fb1f5d475cd50e7d16ce7658a408587fbdd36f3a114883d15948c3cb754a6141bc9c8f8cf46702ca799ecbb475a73395ca36784d07a636559b15870055fa3d0ff9714baad07a8b716ce56789f85a4cdc4b6bf331251dcd746f33c68d19adedbc76400223ba2c431e43dbc229f28228b7b3338e2abf02a30fa7ab40988e0e9c11252b4b9e1ba46ec85bc95f6e7a4152f8d86437c2c1be810955acfa84cd0da8a6db6f6cbf348fa02a2aaaf8eb3d6f160324bc5f6f237613b4a80022419bd928a13f057fd5f769f6eccaf6dc54af791801cb20807ffddcf2bf87a31b22d53b6bac74279a956a57618d05ee7a8fed7dcd1e1b134275fa9dde1308c1ea96019d7c166470fd308cac3604eecbcea1e97b03083559d5e5e7f9def9d600b88951ed6073b3102ff06706ebcef8a4f0cbbdf49ea2a7350c89fd2b4906b17f95d041527c0d23c86e42cfee8b263042b5657db580f7a9e64f2e5343a547ba749f0f99c6a79bd639a01122a575efb0d8b63bf02773cd84e2509d66cc62e21e1f583da1b51a814bc2897adeae808ed550963883165d2169983eef3cadec1b395d76ef8bfbb00d0e10742c9ebacb293fe6dffffab0dd3afd03f36337cfe3adca8036abd0eb042fb011b257beb4fe441323fcd0ed167d9f6c2d47e73e57fa6b48eef24d937b2aba8ac7465beacb6885037b3f7ee311ae14ef41d0cea4a35f41007c919c228e5a234dec4e65921f8346c7a765e4685a68548bda7c276fa547f3c4eb95395d4a0245bb04ac71f0bb5ac945b64088a793e366075dff87d83713f1d31fc007d617b914118bf15ebab0adb596629cabf47e8a201412519e55f65a26e2ffff35a063af7b17072dac0362c1bc1631cc4318f146656f4673b159a577cf3774a42b8652692f6a136f44056997dc80e9d3cde5d44be4b7c310902114031ca45d51eb32c1265793b4420f6ac81f5801a1e66f49d8d7fb7901419a4a6b2e3a5d0573f9ace76d547aff26ad907bee27898caa282ef9a3b8633f3c715a61c4a6f054bc8adf8a28a3cab7cc638cac1f5634a75c6d8fe673021fc18a07196bd5be32feff0d8c8bb789845c00055e44ce8aebf867ce0b39917edfad5b72dca6d42c47e9e801be91fca8590ab07490659212e9a14045b2754bcd663c84aa4ee27be16d60d815c31340588da1f369de39c418e04eafae85a435d4275301ecfb99c3b67780f99e497195ee911143de4a8cfb48f1b0a0e9b1a36ce5d5ecec15a6e25b98bccfba1e307964fa759e37dbb745736f74283f611f25f51064769d6d704e70485c16b9141f61e16ead2605e07eac3b335e5ac3cea1b3b8d03de3e296531010d9cda0b08035f173ae3519136440bf5bdf13134164201fb5f137cb9d8d7af35d0c46e1ca4bdd487bee7aedba1b1fdbf099f7868c3fa13dac923b09a7091178c858b3ab97e8683ff4821393ee28c2e49514a512fdfabe6ac6b48c77c038d442f2990b21a438ba1069429091041926dbebe85044bad6183b3069d6a0f2eecb8bd1db00dceed4c0dc30d695ac976e76b6687f5daddfbb2771272f995e70970d3e7bc49571ead13ce0c783c075b9930b7fe08b5ddc6562f9b2c620c80d38b284927fbf3487e9fd33b3e927e9825edcd100aba04efd5762b214df6c5874250f12ca36478f34301679d939069c56d4571d1e0406abf8c2ae93aa82f681ffc55bd6d9d21d325e8f6332502fcfd76b90e6f814cc270a99e4c8717c56e2f5a9cb6d09b78f9253b73fc7b6894e1f05a710a2f611d0def519aeaf1f292d33b28b7ddb2f23f795f64872bf00c8943f477e1812d130d1cafa9a1ae0c0403b6e83542e3894f11ff219190ba9e12cbf41b4b32551b3c3697c26b54ad2315dc8cc81cc035f7bea81dc3c0cce996040dffb21a2047e9bebe105825d497dba34de4f981fb4b0da4b749b7d5cba6b47dffbac8b9a63cedbdcc967bdfd40f60acd5ea6301be8953ae0ac277446de23f4f55b1f2b7981c91817a4686074cc9c737f804f636e2cacbf4ce2190127131b75f26c6c0d4bde0449d7e317953ee2b6baafad60599d43cff1e1d47b86a4970b2029981307c4dd10e7d122c4ced34841079e3504bcc38036c854ac88f6c4b81441d676cb812c8482b27d2603bb93195fedab9ab395a31481f0675a2cf4af2ece110197db59b86bfc876b5656f0ba171373b998d1232a146c22e2099e6aaa1a50d234ef718796b86ef8efd132065b7d2bc8971ef60d5240a04411cfaf5ef000271bac4c43ba3be7233a6c847863c94c70d60cd31b04c8ac15f7644494b11a46b2bdafb6f1e3864877956f5f1aad7a5679d60d9387244bd33810ce76d4886135fa07730fef3835350e7026c8fc6b2e1cf65f245e31c01e674d55e9f2a5454e498d78a35515fcfbdca26328cb3fc6e1e23a8d9d2106cb7de2ec42c59b7888800f1f9681326dd613314e4fd16c3258eb0690bee64a6120407661a26791564bb8d17bf4f1c51f861a9f523674f4fb864e266a292042cf3fa73c964ce9c5b637ebaa923826b1360a6afb329ff56d0525b65dc17893f718da1f1342d5598889b4801d4963a2896f3cb3100d80ee0913384e728bcd2817e41a5204c225878225e9452334b517b6239e1df437b215efc5c90da0205148dffecf3716174631027bc1d5894d396a4c1a991ddb7d45c92e3e2eccfa07f3f81d3a4611bfdd68b5617933b82438a5954e483a499d86fb7a4b9c89d2336658d04091bb3c94b0f9f10205093ac77c363f1f80d4c49d033937ef75038ecb03c257f2ed35b0abb6eed8c3499c814d2a198849ada02e4bbec80b2c5975c87719ecf5286289bea86b2ffbf9e178360ffa85190575daa20a8e7847cff1cb185444fb7540298db3c75f9f198ef62299699b5c968d4f1a1eab856e2f005bf41aa16441e5870bd34d3aec147470f4aabcc27deb11a7ffdcb82ffb14f81e575cfcc125e899a64532bde9d9612d77ffd8f063b46244f499109fd5b63f4c8a3db902a510df4fcb4cc7b39fe59e0c41e374f7dcb222e82339b73b349e829d87f235d9e8fc06d13c7044ae89fd604f6898e9491ccd3be26aa5d1ff80b8cd3ae767d5b0e4eccfc38c5b9b7be9e197ca29a98c8afa4e13a414facca35fce1d7e6a65ce55ab9e89095a244980da94677ecba08f494188b37949d6747e2841254df270c3f3fa2337ad0f6df973665c8d3edfb4baaac37e8dfce46097becd1892f7f7640f942c6f1fe44bc69442f05f786bec154014a6cce8518a3d246a562a876b5955d705d4f6387e9c58cdfc0aee4a09a888db043937e674535e1e049c89bd80a6c9e0b14c81643573c73f5319d262a54e690f2e78b516aeb82d60d210204e5629fd4dfe5a8cd4a51334404d3622a00503c2296395dd369186d5b6c2e53fda0b12679ad2b955461900fe58ca7d0af80b273c7253224c9e9041792455bb09ec6963a0e75cd4eaf552c784f8d5c2a5404f5fd1adf8e49a0486e72a798fb29bf78690f3b62daa4b97f3a3e332e3bba6001ff92c3b58a3e409d624f44124fe1f5d96bcfa6c8a503481d1b390e7345b90f687c72529e72b9fb885f64ab796fa62d6d8da6987ee111b4fcd8ea09d2c6fc70a94fc019fd71163ae3f641f8b31462a9667e0efa30c186824da3ec0eed02144024ab4f6d6242fee7f812b3c8719bbd2f977631d51531e262d0ed6dc1cc770cb84b6621f00efacd29b69ab4d6a49e2921932971a826372742a56d746e12732af3add4c4b97b79ab72362f52d52ecd3a451a060f7ddcbc8d7c3be9d5a22f1aef9b34bffbc245d50a466ed19ddb688c591021662843933780ae545d674370d2e1d3763683b914b10372eeaecd823cd8c02f2cb8d18d35208c4eacfd2aedd187551a8396a04ea93dfcc34bb2d5a1e66813d4487122f052354aab6464668a2ca225e6fc52ea64389578c17ec76848f67ed28cbddee9cd60ed4fb6244e191c6a078922c008167f3823d24bf63c75a44fcfa8c4575facb564b769b6d0863aea065c5aea862076f39e595cce26db0b33e16124692f5bb78e9d147669b8eef25b0ee754811d92b1dc714d2ab23116f6e9beadf", 0x1000}, {&(0x7f0000004d80)="1b71b42d5fcbb7e6303f905ba95afd0647d72f28305ac5b593fcb03751b91a943224506baed235bfbbc22a5cda1eadf9293cfc1702ae4b161cbb5ebf7a6c7a5a15e06d70deb4d9d9b55831d05a2837517f72b2b2e98eb99e733646472e7d736061b639ebd8e5dd411e2c2559ef2c07f58eb67c692f3f5570a48970c3", 0x7c}, {&(0x7f0000004e00)="baa004d6a3e825e634b985259b7079496cc48482286ff33af7bf6bbd5ed40ec7d266160218734ddfdf706e5a520d2d782aaf9b95baa8d881496f5a21783c6f19bdf338959eced4186346f93effa3faac3fa13523fa2f7f7191fca4d29e", 0x5d}, {&(0x7f0000004e80)="655d73f9891a179d95fd98e79aa708ce591ae460157100ec92d9a6bbaa504c20ec43b30bd92f2178b1b20c9a0ab2ea97bf7dbb49c5900d0b1c06bb70d68540c1def5ebe4", 0x44}, {&(0x7f0000004f00)="35047581ccd17b5404ce8a094880592d5460fb42dbe52fd49511177a8f1a3d30bc22f33982cf8aff22dc7a15cf1943791e84271fa21362735ace6c02d6252614e590e4545d78f6695ac0acf86ed4a2fb47d26e7119", 0x55}, {&(0x7f0000004f80)="cc67ed6b814440f3fdf3cac77a1ebd0b9c5d77c46127484e13ff126f0eeb2d738facf0feb8fa335539106bf778ec7b0b71300df7611250a137cbb7943ce65400f9", 0x41}, {&(0x7f0000005000)="ee9d7f92a754f84d7397cae5a883c1decb746a028f45bd645fc03de882be6ea75978a4e5c6b8fa9f6ff4fdf4e9730ba0fd51163103131a8d00d4c372e6bdf6f0f23411d345cd239f47333c7d4da154363648feef84400cf6099597f760928bd406bf61fe166fcaa62036842da2c94d2fd0791473c2e6b7b498df180d49bf4774da90e6", 0x83}], 0xa, &(0x7f0000005180)=[{0x58, 0x117, 0x100000001, "2c908e2362d24d7b3e4e2e422fe5fa604ec3b77a4c6e607aa1a69b2b0780ecca798c958caf3211fd8de4fd641ca6d8ba029499cdf316ac3bf6a3e98284f38b0a19"}, {0x50, 0x105, 0x2, "e53540db2128c858433f681364c50f1fa2b1a189ecf3ad46b13ea76aee6cd2e747e339f72de256f7dcee2c125bf687bcc0ec1dddd4034cde6810cae827"}, {0x48, 0x116, 0x8, "48cbe300d03a86544743f0cfc96cdedc8523b7fd4302c4c74f890db9709ef510748274df0e023b9d95588cab9b0d931db427451884a355"}, {0x68, 0x0, 0x3, "ca394af5ad8f443601c8afce363fd39013139c45a659c892ff3d47b9ea91b209c07f9f4e3fe7e76763a4a78a4b91d38895ea4156819d4d2ef1743ab8bf833e12f4382b99d54d6a0df8f997f4d33df116660a"}, {0x70, 0x11, 0x74, "b5f040fb5966070336df87962d7dbe49fb38b645707efdc8abbd52703304c0b5b0adfd5231f911f4ad14e0c70dff78baf9a54fe8fb56a2dc6d333112f5c7d8b66e7dd702a42a3410c4ae18cb551b85353fff51c711d5ec6edfc3e3f2"}, {0x70, 0x88, 0x7, "87cdd68484170eeabfca02ae514ab8d9ce2e44ca334445fbeb031ea6ef487c9ca4784e74f5d447eb1f0911d6c0c809bf5a340efb41e01846292a2db5e716019bdce2694cd9fc1fa65e4007ac5b102f990b32951103a5a92128"}], 0x238}, 0x8}, {{&(0x7f00000053c0)=@ipx={0x4, 0x80000001, 0x4, "234e7f7311b1", 0xfffffffffffffffc}, 0x80, &(0x7f0000005600)=[{&(0x7f0000005440)="ac35317592ffebef8228aa82b6ae077e1eea41c031cdadfc99cd005655d25360e00d2a6a112d2ef88c9f5d04f9301e9ca7f493387f154df627fc71bd64b4063fbe6176c1ab3e766ceb320094ca21f7dc3e8c7694cb5f70eb630f093ce4731a4869076347c503560fd9cd3dfc47c480e70a6c8e535d450d5192153072c25def4294ea9404eb98a9d567cd75c3f7b81bf376f89a4e11053c36c1fd442b9beb2b76a9", 0xa1}, {&(0x7f0000005500)="e29209da52e7f69d74ef115336fabb430e66bb47dc1c2a251737f42cb8a5f8ec6d900482fea0046407ff3101c67e1265c40a0a966195a159f9913ef526f42f6a45b9", 0x42}, {&(0x7f0000005580)="9679ea9451f98baf42b0c693076193c5ab59aa37c42d0849982d8d764d4e63fceaff31e92e3d8bc9f14db619e8392cc96cfdaf9fcd01d2b769dfee4f7504afc4489b37952862", 0x46}], 0x3, &(0x7f0000005640)=[{0x1010, 0x88, 0x0, "4796ab3adf1c4643d220667db09ace86bd4f373c9b2a00b7f85ef96c67e125eabf180834eb1469264be1356c69e5fa03dd79d68981529d9463d3f441c69c64b1fa58fdb4c0e263d39657942595e8c093eebcbe96a587046992cd9755fc469ad23678a7651846a8f1ac43bf1a1dfdcffcbce594917b5ea5e49a1e50c53aec48afce53e36ce956da24f054d315d3123238b05a573646f4c97ae45a4c53e8753da53175e1c700151f05df3c498e22a44c556b5ca7e288ad00c25eae10ed2f9e42817c093b4041084ce7281408fc36dab0cb63bb0d85f51108f2629c718e2f7c4314295f9e16538d64cd302065c1364c6fcb3db64c281201517512846178a958e6700e539bb4ed1af70e956b07165dce6f6c27642a715e2d9bba5584ee0adc0530aa21dc25d8e8d15c754af74ae9ef908ba8a16d1f8653d5562a57198f320536e65159afcd366a8e7c08a69002edce65f969aa2b779a5cb4769c53aca48a4d91597df7a2c2fe5507fec515d04303412e462f9c586f84a4a5bc3cbc0bb3aa7d2c070be130ffdcfa82c1eca99d755f9f072944f793d4cb7656e52d82366225a8e942a4fb0d4999ca3089ce667d0322bab6eb009de991d53df8b06e17e5797f501fe977f057881e8c16a642a5f0b7ea3f1695e0f66b1a8f763bc390f58fd04fd95304d6e39ab03a3e9b0af460f2a1f48dd081a81b2891a0dcd29fc9923a2afc23cbeec9c5cff4414f0631bbbbcc6ebabf3fd2d105604c266430cabda29ccd9bdb09281aa3ec9133baf65b2931a2d35207c6046294501ab1a1da1f128e323176b35c8d3b476e6ff23ebdb54579cc1d3ef74ed21de7821134aae7e14dcc81503023a2bd41ff556556b6a2f848bdba2955241b1716cc2edf5e2855bef6240e3dabe466190547a48c5a980dcb081ef2781c907830e485b7ba812e981724c09edf3cfb03b9239df54794adda2a7b85165cf70d687c3160b9a4ee21cf9a1b9bfdd3006855882179444faa1be5e95cb1d6ff967d201ba65c85e8037c32fa4161f5b6f2d688c66434d9d803e55160b3e4c8a5a4620c8bb4303ad1f62e0715ef4ead45896aca75b21efdef91b5fbd77f06dbc94ca16f2159266db27def50c98f6acbb99d5902c14eda40a08d2eb017f3d2aa9903758cd48cd6b1718745c3e9bdc6a23102ce4bdb2ec232666e3f05a84f32f4f467c22328cbf1949682f39032c7cadb45c797ddbfe1718237ff4fa1f676b9d497aeff930ee5a529c7c483525d4dcdacc5065a55c639f3f207c72f84cb09ed6ef72c3b700fba73672bdf30ef372221ad247e5277c9899453ed240faba0beb5c28bada1f46c644f1490a34924777d2829a0a98967e674d422b7faf61f94afebdf01152eaf84247ae9c8f44fd822a66764817cc2842bfdd65c61e3863e1fa4ded65555fa00ccbdf708a44f5aca7fe2e946ed4d8da5b086c279d39c27b7d67c6c52cf004055cb129cafd22d896669ee647f5b1a6c8ae711b1af8b3f9395926e8022b5f9b4efe2b8baf5d017c9f1400d83a2f972567962b72686ebaf224fb849af6797bfd350f4f75753d34340decf3a8a5df01733b0edee9ae6d5e688254ced933996050669aec441bda99b30195f9813866f72b727adb2d1375c81bade7c8ef0a0fecdcd5fb85a890da4a9a14e97593b1fe5aa89c9ab5728e3596a9ce535b1ef3fec1bcc2594b10ca687980cf1f96d3f06f3af505f366bbab46a4746416d3538517ec5c5a07db3a2b380df4fb515b9bd288be67c48b4ccc9064461011ae04099e08112f5f369b1b490dd907c9d63df42be125059b42469b33f9c5229844604f9463efbb60ad611406768f46bc1d3727940523856c8774457ec59ee1373c21bc56316d83a8830439699b208718ed6f36437158c817a54179292f8b56829a525d628465b7ee22e92f1f87d1ab7383e06f7f5f10189480312f446e5893f185ed51653aa9187540a135b4c64c53651b5b6b84dd7f008c8b88905e14bd74c480d3142ac8ae4ff8cb4846343bfa244a49c423121a3cd18a88d7a8df07ce3ae4a9ec94d3087a8ceb1949debbf654dfacfadff8d350684f98b06053443a5d73a0268b241d6b4f2425e45db948178ee99a48e3ae1fd58d91a8bda71a6aa7bb0641abe0328b555c7568b022833f4e67451393d01eebd5ed489bf7cfd04a2b5ed3c1d5b18a2cd6cb445c518737d43e3e577a1026e2d99efc7629c7eaa34f7615e130070be517a5581e8daedf12d20e0a9c6351a2a8046e0d85d668506a0f87d38469032b5cab98c0f8c4e384b1f37e15280e70c8f6bc476d4002f69f00cc594a4d28db4ab59c7f63157545ba0c2c7746fefa907c255716d161b6e66bcc3e78bf75bc9c035d96e468be0ea80727ed5f915c98c5590d43b1fe15e6143da0a4ff3e2f1fced4ba9c8e0761d0ca0e4ce6034bcc27e8428273e47ba59bba02e83c0a5ed7246bd4039243b0ceea85047c3dddfd5f0999a7c39b1496c1af0101613f10233cd16327edadfca2538d2e5647f4a531dfefb74fa220d60df9002e22a0b8d5e835986eb2c40dad92bf91d7088a38c3ac1df358a9a1e967dbc147b30d227e88a2926e4d63ac0ac5fb467e050215eb4d7b11329b92ee7dd61d2c99ca7b6f87181e2c3a676b30a0158d6ccc61739967e89f9d6a9707474dd0ae5c4b0b7eb8bbb8a0bd7c6ec05d5a9bf2cdfd740a95875b9ff66a5ff2eecac004cf9cf99b38c1cb587e3b1c4cc266b49a79e4bb2fc5675effd8631bd246deefac80634011204778b623e6fb22cb81a979ec48df435d3876aaa1a3003e5419aca6abf211f942bb4e973d420549a7bd1cfcf0f64cffb7be786dc3f28fc768e101543d5a63155290fb52b1efdcbdc28c49548f8ce74745ad29447d7695963a07eade3cdc64d7355fb2d02679cc5c22aaab62e9125a0cdea70da595206867962465ed2b7ff23a5cc496374c347e8cc70d388bf1b5957c553a0d624cdb51eb7381885793f4251f6ccd9653bccd22ce2e43da5b85dccc5dbaadee6d31c01a8647068d5e29548c41cdc4b6bc51731c21342e19150abdc23352e6ea101add934199fc57022c95d8275a0b9d4cdffd66451a9422ee827e7c1c6d36dc57bbdfddc44130744a60d235153f5d3ae368db8e787def9fe87163e80214ae6ca0b494bfe1df02fef97ce2d7e00fa672c3c38cfdb5dac37cc22bf1ac1e15b9f23d91cdbe3aa0ce9e8ea3e752092e306dfe1a5005ed5e4d49bf52e5618af2b22247eb8738e9f1848a6f4aa3ca97fc44db48544c5b5022c81f4cbef6dab1cd389b8f081ebc4ec0072640fe93153238e905e4d9f0f47bf9d9d534d7b0747e782ab1f540e5ec3227dba3fa3af2c706ab756d4a43a0034f997033dbe4c25a6d0401ff6633740cc4ff0451c35ba40f7d06809613f5a072ee93e4a94ceff06d168a8160d4bfba1cbe0a9bf9da6ccdcaf4b1eb998c8e58314f5c6fe79d803197fe02a786be8f6b9054c2f0a14f885ce9db938554f892233b0e6456cdd106d255de8d17ecd84e0fe2d5c65e8dfc237ce2a0bddd4f2a1d23550d4c7b05bce6f0fd6d676b46692e238fdc70aac83c6f158cd4dfd1127068be0a80a1555908636f0727608d30365136225cbc4df9da12930691d27b68463ed6a9f47baafe76a819e717c062ef8cfb548aaf69df7ebb3ec0f02d6d0bdfc8c10d58640becf417473b92dce0b156c9e759c85d6cfb2e029f3ac5d70f637d73d52d93bece61202377124a0ca3d4b9eab0d9364d47845e60b849a99fccc6e225d00fc02f7f9a673ad5b5a0ee1414262b346e08090309d1d4bce23ab9eb10b8bd192e36d3cb3327fb8ff23a102ecf5dd667d043b4c0d4c78b91b54104bb98fb437ba239ce989d4c271c44aaa48971e286c8aca97214f1b4e7259314139343d43e4b6a3116f3df7388b9e5b04597a7ed59f7b074ff09938d2252cf184778f4a8166694689a7093895abadb21fa1bbc28de4036725bb115afc9eaa8744674ab60a911efbea03c5c266b3e0a951b303f1c2ceaeec889076a947b597ff9f6ce3336b309e91a6572d6919abceadf05e76f3971868f47f9229a6ba7fea944b10d5eaf6129ed3726aaa6ba70f7f0c5c88931ab68fb1e07853358c07ac741ba36417f1d1e370c29691566c10d67930b66c85845ea349c5e902695eb65ddfae7e9d71a09002c38ea01e2e84eb9852150a2d4ad1609a2f5606eaf7f3d52fe56f8e5959c0991866b1fed34f4b0ac5dfc125506baff3eb7787738c2ea60a7db2bb1b1251f95e8273b8b4d66be3e94e782b99e95041883e868283bb2fdb9d05674da723121246bb238ffc16ef1311d63fabd1aeeffb3278206e92b9b11d311a7a4a6c57f60b4caf17b44d6a28ef6a6ac3077015e5183bea904b574feca5849e820bb52e87f5939404ffc04f40d177b6c56dd515204ac54d689c58b004b12f0b039cfbed6f9efa22f911fe95e8ba2cf0705c0b53e3d9500974c39e3649480dd13fe829833f187ea3fa502733021cf7884be597aa9310c1872c1bb834884220fde57c07862a81116f79cf05a7d2abd32a160c7d89b2dd3e059e486470d00fadde45b0860165210fb2736b43edfdfa2b47538539cca4f86ba7acca86761936568f5f78bdf1bf8e0df3e87a7e6d33a25365d8c09d5c55b4ada563f449e474892eb87124c94bf5dc131b22f4bf37edae949c2809509318f079c4bf5edc0a6267cd2c2a4ff78b3da332ed9cbc581c8d738ff564249204761e77d67aafd59c857661c49b0541a45329fdf18da2bb9446253023fa86642fad5c950e9b54f05a8813f7a4a849e4655fa1b12f94f24361e9995ddcbe223db6b0fc82fe891ecd0fefe559d778b4c3550aee6b6e045fc663f8b0fbed7b919b2d7501e62c9082e09ddc4ad28e88ea517bddfe406018d272e69ea2edeeabd5da7d7ac19a7a63f8622f4e8c2bbdbe621c5374a8efdcd911b20fdb781e2deba239191c1bb1c092ecbe797a05a79f62f7ea51bd75dcdc69425bdce32a0cd0bf15e543751e3156b8d17de8cce9003214565d0efce5b67033031377685f2281cd7c51131d5576437228deb62bc3dd790bb762aa53b208e075be322b556d2cadee50a0633a308eaa740f4987c298f041b17f36e4fdd5a1eb8f2e8541806fc4daef35ef92e6db688373115dea70e32a9771a1a97742f317b89d976adf6e99e9364f7af8d360921ad29d27acf57f1ab3d7272a7a34c1fcac99b2d689f5ff5a4f1ddee8caa96e45d8fbba5caeb3087d4f7df830bf23230895eb2c50d2216f540198fb5e0071c6a34ba9fc70837797ceaef08ba6c34a1b74e3948b628e4aea7b7c9b19c9b5002dc5b264a07747fc57e8495e16142678319abfab11ba20c196718ef285f9a17e617ffd08f82277e41e0327f14cc79c10c5878eab26be7950939f13173f92e00fec3bea55b89873e387163e6732537db7352c08eaaeb615dcb0560a31ff458307a3bf59b5abfb344b61acfd8c25ac415ff148247725f37d7c2a16fdc9024edc8c98aa7a04e0d912facaaf2836feb981e46ef9f78a7733494a99048053a0c235c267bcb7d71679a1cd463bc6148547053677937fb68ff6433a690f1018fbb92ff15339d3264987730f6b611eea22208d1dd36b37669d76f1f5d839a049045d606d80b81631401cab5a3466f8a9e2dfc4601377d2df9c40d26d10f4aa6c13c85d74469e726db358727d2f4352f450dd1fbfee9834b7c366db40ac53d6c4efb2429b7918c74f2df157fc0c69ff16ddd7757f7ca2df15db6b0815870bf1d2c7274516d25f01f1a389eec7dcbe5cd1795be555"}, {0x20, 0x103, 0xffffffff, "6b6d9ad2e6ec9ad76d"}, {0xb0, 0x3b, 0x80000000, "c2f706d817756e7cbda10befb77e239fdd48a2db49652a49121f5f5dd9714f1aae08f3517b59ec31f6b250cc9f3ae53c69b356e9740e777d8c0a036c8974709c2d9549a5f73b73e9b46426aa4067063df4c5d87d06d25a51c297329d2cc6f4246254cec9f47f2f3b0e2011b273f83befab78fb6061d902d112ebadd4a3619870b4c8abfb19f41d9d4823dab324f22d4a700748365287c3ccd2978dfd"}], 0x10e0}, 0xfffffffffffffffe}, {{&(0x7f0000006800)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x2, 0x1, 0x0, 0x4, {0xa, 0x4e21, 0x79975f01, @mcast1, 0x200}}}, 0x80, &(0x7f0000006a80)=[{&(0x7f0000006880)="54f72ec50170497b66ca67f8c07a8794e46eebf61a9c5fc9843e1cb43f0ccec59cc2f26fe9794288a4ff6f49145ca4d3477bd7d8919854634a300702cb42d0eb1fc93399cb18a87cd18e0a1048cd264729ca9407a338ff0e60a6859b888b7d62e74355a71ccf23531174be36d640f9043b66c894a3a7663ac7a2f6216df0c567dec145fa65595571d4216f3c5f186f872d6a784255ba31238f28102ab872e3d9664a829f6198dbc88bc67f5058441981acb74cb8d2f76983516a375af93c2e31640468f21d5f45d52c561c551eba4044104b5b472d4ab6e3da393d5cb3f5a8e81d58ccf2958ea20f45d6ffb8fffd23a7e4c6b0031c944daa53bbee4bab", 0xfd}, {&(0x7f0000006980)="1e17ef14", 0x4}, {&(0x7f00000069c0)}, {&(0x7f0000006a00)="cb5db7fce1c0efacf43b2e00872652dc49e49b9f8f63ffed8472020c6f26f0c954ee1440fe724e8a89cf2e454bbbe38a5527252c200a3fefca337ed5c15eceb7cbdae8b8dda8584e5915f1c185d16669cf878fe4901d4e01e1097520f5a11a505e04be2769c605c38dbbd265e142b36e4e3085f1ef01f78ce12281d49e198b94", 0x80}], 0x4, &(0x7f0000006ac0)=[{0x70, 0x0, 0x20, "7541aae4adfb4605d1d362b3b53e6f964939687730f566a9b2e45054f9b35a73fa29f345457da76d5076accbe80e058a9504dd3096e9e7a62cc56641f4ee71318301f97ded8f6e09ef0c654f65cb92d9bd8d5e2f8afe66af3153aa53b661603a"}, {0xf8, 0xff, 0x3, "323788827dc62bc5db49f3133f3c357738fbad1024dd60a3e1e56f6cbbf081c0037346482ffbfc049b176cace87c15c2e18d67a8fe89e8b1622adfa408cc52a42263cc2889bce6ea409c6f9166e45cb9a6ef02d9822eff8eb256ff6c7bb632a087145a853b3dec9bce6290011779748c39f7fca6d5ea79df36059d108ced0588f732763414ed864222b8638c2ac5367dce6573bad537e84a93960c73d7957942f161026c1a5fb8ee7f51f2b1d3426fcf65db05ecb54dd03ccfd4f103ad574eed078c6d241d066ce8b960ca863e81e2d3180a4f734e48cd2d8b254b205b50c56872bfcb9b"}, {0xa8, 0x1ff, 0x9, "ee2202ceb816a26dd7cdf9b4f30cec9129ec011c934eb4c4b9cf1f30ea0980ec011795fd35422f4171a13adf2a190d55fa0ab7bf360329ad0000cd1b4aa190fe12d63541f8cb6254d0996d8ed422f54a0dcfbfb01a29ddc8b0b11854268061763410a1d98c48bdb36a0273a8bb431045763a7f5a0f0efc4e3ba6de94c2425b0c628fc8e4b2fd30907a786110acf90915fcdb43342519dd"}, {0xe8, 0x107, 0x7, "10974add8fad3504254802e3487c3406a0156d7fc5517fedc89c0752c3f1ebc521be06e0d741f19070b16f5126e15668209ad393186c735d117ac25ed20660bada36e9e6bc7540796fb53b8b241168d4616ebc2cf57ad50e8d9fc631af81aad586fcd7ec54dc63e770d61c04f9792d385b6b46e80b081789b14a09ecbf46052416f462d8cc5b310945cbfcd3178577961c732ecb2b17e89e67a0201f087e877d0cb03d249298b6ef0d336bb06c23d8d064937182c9c80302ec18e28a845684ab12b520c661ff2f94e34fdca9fd27a1f9eb"}, {0xe0, 0x117, 0x6, "68eda6191b65c97cc9ecd0fba952db0a725609662be0515ee5aca53c5aef7854f893fead3d6d13ca22aa61a35ef3deefea7866bb12ad07db437309eeab154adc66777cc2b8f615dafa7b831f74dcf68d8e01dd8794834f07f750b67eca68ae1526105b369e2538e4200571fb5444f0f673c08ca2dc939a761081abbd48d529f6615cfab267f87b30038bf31700efa1334b0e3a9855d8ef89bf974c334d4bdb08b9464a6908305c4996635704913eb72e0ac6b3eedd76bee8164e3e0522501b6f226053a42241be4e277cdc"}, {0x60, 0x84, 0x100000000, "09d382a9352a575bee75475b45db9f1caa13f0a196fdb6df25ce1cad4285c7a504d48a1acf4fc5ce595c96ff3f36f6212dfbe1fa9c22c06688632162f75dd85269f329c9ec9d17f3f36c"}, {0xa8, 0x11f, 0x1000, "d25b7af784733f651e8808949ef5c48fae767c9766585a21dcb1fb1dc8041128362162b4371e529af091a66c46817f9872c9188f7662b72b23ec9e6ac33f15f31e41010e1ca5ac7643919d3a267029234586d0054bb8717296629ac7d57740818279bbb30842652537d45b575bb8c7cab128bde5bc9c02e910af6a04dcc374b60ac0687e539c8a346a808e25c75c7a5d56c7"}], 0x4e0}, 0x7}, {{&(0x7f0000006fc0)=@llc={0x1a, 0x31f, 0x6c1, 0x401, 0x4e, 0xd047, @random="2b4848bfcce5"}, 0x80, &(0x7f0000007200)=[{&(0x7f0000007040)="297dd030bc23141bc1a270e20d965baa25ed5912c99803c3e18691e2a8e0040e1676fb8cdfb9f9d182a36090e15691d219a6757cb7b8322badb895c423b074747f1ef9f0c2673fcad42e7167071773f3603e7ebe788fb2ecee31c048c7f5cd61e644cefdf931cab48f4191a9a356bc86bda5662c3eaf230707cb", 0x7a}, {&(0x7f00000070c0)="d1290c7e8e62c055c19ff5ec0b8f24dcffa34a4102b49d2d3332e54f271fe8ee581b91ddb071bc04a1ed", 0x2a}, {&(0x7f0000007100)="d06603be68dea663b0178130f22593d1c31345464d903cc0e47a280615ac6f4a104ac10d5d21bf3d6dfc08141083e4543d9b7c3d9cac8e0e703fbc148b59910ca32a78ad9422c6d1f6f6fc18def1dc7c192e39de9cd2a22f9c19730cbc8600edd6abc810afcf3812941e6ec145653631c4d136b2b89c687315d5ef1aaa2a2f9eeffaa682514e18e9f8a5c10a1155bff8ebbcd6bdf5", 0x95}, {&(0x7f00000071c0)="961612b56f12517cd54306a978197854a913bf112c0e2331c471a63e0e95205c1f785a9b5018745253234025ce", 0x2d}], 0x4, &(0x7f0000007240)=[{0x60, 0x119, 0x9, "16d6e2fee03271591d72517a5219756a60ade82f82a36f20351ccfb924692c71adade493424006926213aacb983eaa49fb9aea75e396eed8a8de665525b6fc30c0f7a92bae5f26fc22e1"}, {0x1010, 0x105, 0x100, "bb2a1431511bc054dc5f478491e861b282d9195b3c55c6d3fe16057124cf8ff2b878c8939cf631dbfed404efdb8d9ca81eb9fd9b8ddf6629dda3e3799617e6a6dadc8b10238a22412c5635762cb36feae61d7da34175b34f05ebc6970a1d3d12605a0a82824bdd0338f0599a85769ade37670b85b5a6e75f517703dbb332499e425afd2edf3691f7155f23a29649846537d42cedb09413d20702e834827a6fe9105e5e329e0634fb044433e495c6664d52e468cc62098c2c6c67b51786a7ed10d6a57d280baf3a8d11215caea19d60e29c5b998d52db9379c521d7f480bec50af2c596b9cafef211f1674b5c2765ecd2daa81be56647a6d317b42fe854c6533ad105a2c734e39627b729f02f9f321209c45b1f003de1409d537fa9898746868ee6b4bf69835b3eb52c1aa8e221968c9494a61073296c5d349a66b2ab538ca51ed810df916d51f2ab702b341f397a920eacef88fa5b33d5e44e8a77f4b499b078fef7a061f77e112f8da29754a67a5df927ebb39c8f267555b0cc13206b7c6c96f71658e801cfd5203eee4aa60a4f4cbdaafee1fe1cb6e25a07c42f5cb42b68f3277d39621f75654985c09e51a7984f5f04bb888ed18e00da7e56924bce8e6b2857633927c44dc662e9611531451cbe00c545b7cea4e0f240378a3bd5024ab020f4c96abdbe174c3ab7d4b6f8509f361fa542de0b0b1d223336c086153694fdd7692367c3e2b15e7cb61695615aade3c68b4c57bb3d9e444310e6ab949fc0672ed97e7f892daf8fed81e7c1e98f19a89a38b14dfd13cc56d89fa2fd3ed1fa3e6afbeacbc670592d55ddc51512d24fae87b8977a67dc6a37f190213d0472ee7d4d38c121da151c88b143950e09dd154b33511853dcb7be5210469213bc24366d1671f07f4f93c002732ab5bcefae08258b50f5b1e6c767f9b3c42167e0bef0f52699350f04883ef70fb03d3a5b1023154f10a5217ad8d2c56b344b57a96fe5aab0b90f3e0ad9ae9239cbd8f018c2686da28f62e8efceabad17daed3cc8648ebb005bc373960536d707a05a2cd21f87b0e8f421b61a51d2e9543ca0083972c089477e04757d113f19267769a41cdc9de150bbd1efcacd6eddcae46b2e1b0947beb96b0974626b772c55646d954c3100a2048a730bd164c128540f58db42a754239a60cf6b18fc06dd483febff25a4becc181316d0320e162d44090dae6ad9258a808c5a5fae4a7292ef1b8051dd3784f742a857c25fbb56b9db31ec1f954f64a432e71081d637f6737f2aee753552b1ca02bc8263a9bcf0f49cdadc60107b5426fd9b2f861e37b91369def841a15a50ffa21622306a385e2345992831eff4c09c1446b00718f9ea01520dcca0fe24ccded19b6dabcd314f044306def95c952fff65b8e84aeabea3cbeb0624944717b04c65ff3cc1904ce791dfcccfb7e1fd877ad8652e83d590b71c6e14dbf1b0d1c21f8d020692460b111a987c0ab573ab47c539b3f5f8b31793d1c72cf99d7338c74884fe23d719435db863e09f429897e22097cdf430c9e9b1fbdf29c5502be1dd74c9dd3eda76361e391308c50136baa295353b7adab2e36c92e45b9f6e0817bceb16cde3169c4d8eb6a2d6c615f09d9fb3d1c027e0ef0e4a443ac2f2d6afaef8fedce4350e95a38ece1321272d4730901bc5ec8848d303e945d262f0ef326029dbdf95169763896faba38a1cfdb38fd79e376438fc4687c00f66dba7310f0440f3ed2d998dbfd74cfa48e52189c43491e250c11bbd3e8d33c32ef8c2cda764baba4f5a6acf1152b7578f0d6d0553380dd7e69b0f414ace44f6421c072bc80412d68a7d86a95ca8552250b96c8460957b72d89d40116cf59d4ae5706d2277dc18ea559b9ce4c65ec5abacb569c10202f3c8a34772badd501a6558be0c72621f48ca15b8840f819cd205377f32fec3eb6b24f2cd53bbecb64f45b17dade2ddd39bf250062b44a721c137764f89ba7850d676571f4246811379e41a106b1347f13fa33e44cbf945b0369f53939d347d03d2925eac4f4e0a9c81d60efe214dd105fda92edcbcba57e9312e4fe0105ac858eaaa6839f4c4e2d61c5ec624dbf935388719468f2697b89c409c4053fa3d8173a873dbfeae70c4b54acb24365b57db76ff939fd225c5792f82d09d0b59d348fc8bb7567fe18806cb652136884e0f5fa337b0ed08cc7a7aa8f289906a4ef62088a0271d3b859fa346a9a8301d5a6aa82d744d0e45490e43bbf9e050c36ac9b8a6db7ea23de686a36a2ab0b1d149b0d9b24e59c8e0090307c4e1fa312876ed6fe9992030443c5aa039b841191371e2d0850af927f95f99c7fdd0e8c2bb32208d2499d5a545ffde5c3af2886370ecfcf33f985a757af65b89dfcbddc4ba5304ab2a11d770337495e2f6ac15c819e4c9165b789b709d86c68429d695dfd4005707739b32e5a9b66f9ec47c1589ef4e1972854300774c509012708cbf358d3acc96d4ec58da6e7016a502e17b5e3329aaec79728557110d441453835eed4c64a2876c91c580281bf8c8637555328efa8c3372d86a4d6c164412767709ab5286029e37416f14250512013bb85865389c5dfa607c8e54b7c84476ef41f18e52a71e9f3a0fc50f2a02879b767e27d91391122e72612bd80d0cf8d85bc1babe1fd69ce9e78a34f5d72153d24bbb231639533ef282c0249eb7ed9802f55c09fb8698d2784bf8e396680acc8e6448b5592fdeaafda60fee70412ac53d21e59f3ecc31eefee7083ba1e834d4aca444249bd12cb523f3f4278ff443f631b5fbe495fb18a7b582806b69c359727dd46f87138cb6dd2aa365eb3910ee5d905ffbf36412a9c66948fc9b20b992d1a48b55a7cfa1a081bdd6772a9da568b5c6dca2340efc68a6aebe0cd031a75f17e1962a925c0e9936a88416c0a13de372e2f992c53542e9c3e41e1d40a44131f81a2ed53e2e874bbb3a265188fe3bbdbdaf42d7f9ab5f751dd1a3d4578d03288df9c1ba6528e9a982959eceaf9734ef7bb71e461c3232e7da0eba29b7aab99613c33e7cf8430c2e36402198773dc1519cfcc4d44c8e642f73c793a9de5f235690dfab9e8d2755f140ffed990628df764d8788459879c3f89650d824b22c57c8cd3068d29770877d0ba14c40d01baaeb3b988e9e764c11bf9c9fbd14256bcb4fe32fe9f715f706dee82dc07ba764c95c20704dbc314345ad4302c4780b3138ef4a9883e85f63510f9d0601a2711517151cb06f681a6222a54babcfade85e113b4bab72f26a4df3c67f01265a7c6eb76de441b72b09665c65a1a943b7fb6957ac81375f0f1bb4845b5b49281f958cf4d24369a7ed0acb6854e290267f2bf66f5162c090bd362dd40a619743282b699a483ce07d1fa7b28c8c31ef26644ed7b32db7df2c7478aa2dbe1a4de7257623c1fea88a3b47274aca0fcc6d8290ac9d42d352d7b51c39842ac22ad44322fe952867cd7f209d2ddfce74907b0eb2a8302a6712c406b01eac0ad52708b204fdbf394fa028f12291b6462467f32b8135a73dfebd8754b1b5afa04fb21e5fe1b3dc596351d98cf3f29c8fd8563425a3120f6f95eb84b803166021efaaea11b3e84d5bfe2d6c7e22262b95400d840e3d445a4aebc1c1f59404eb8fd7c83fa0f73cdda1086d01a7568766669a7c018191c33fc72aeab8b03f3e951c3a90440f2ff10b58b53de13252732e5d4bc4a445c33f4e1fc676cfbf4ebcac6cea12b807511cd15f24173f62c5cc33957bb820a3145ad2c8b229d20b0f7cb54cc335b605e6058bba2610b171f1a9bb93f1a3396a27c9b855ba19d7607975af968649f3bf0a8fe75a008294aeaec899f94893cda89baf02bdb5618e3a86c6178951092f49be4add1fa61f310b22e35193e5e4e13269aeb6554d13dfa4e9669de47d65888ba3bff6f8d9fa815ca14019df141645c83d41d733e943fd77191a478dd0d743cd2bccf286bd1d74ca517cd959b740830fc3df4015292e953f1593aea9a0e15ac5df58ef45868450606be116ab2b768654c562072c843857f8bd4e8e444ec73c7d29f68c9ce79a3875e2828443603c54bc1b612afba34dc0c991b5c53efb52c647b6d956643c76e637d9b0df51b895e266efb02e0caad08a31cd13bff9157dde7b1f821140acf3e0fe1475d91bed6c796e01505c383b5d6fc08da52e17ef3acb59ffb4be8b9824c0c56b45de0378167072ea01fe39bdc01352e5db9ca35be0d6f6d404494afa96deaee23952a3ba402f939795fd0bd7864ba583cd1010ae32cb06a98d70b5fed84e26cc3430adb1eae719384001ca4bb0af9e96256bdb09e85a67c6d36a3f0069639aa5f8e8bb1e4be6f5765cf75a98812324e9fe87af81c0f3870c82198fb65120b8d0cbdad311930ddcfa8695ed030dd802151b82665d49d66807a2bb6b7d5dc44aea59de679a82ede090386522886c533b8b43a374ed4b4e07a568bd28280fcbe3efbd4a054b8061038b11234126fd6b7b3cc53fb71af736d9a2cd51377aab78e1b83379597516ff703f5f493c2b65a41f3daa9213ab317ca85f0ca811751c8fc234bb0379dc947f8f984ed3840167e30e8217b1c816301ec28ebc602251fc22d81e1871185b7c83eb50a7cdfb73cca1ee2a988516d971461698234f241b89f73d4f3f6102b3e89df3d061e22bced538c89c7bcab6f6a4a9f1a8209b014ce05f5e662f1eb46fd791f517c89020a08ea3ea60bc8139c54d95a440547c9d79c98c46073b916d9363f25c36c3d867a295f50a1f6eb057389a1eb09bf17f6fe8846979422ffb967da21114aaded5a5af7ad5dd6432e7ae3ede5018ac83be223ffc36a5b8649d5bb4705a11e7e57de657be4fe1779d67ebe6a645405c7b56a9c5765dd75c52706b2ea04bfc3baaf9d56fd1a435304677c721b2942866ccfb30d763da87a2c1edf350ffee970a89084b5f36e62177f9f9ffcba2db3668efb30ffbe89fbdbf61686a5ef8970e72bdc90bf3db2defebdd1286953af7a36d62e87aef54cbb66304b3738252df4767f55b8b818b4a84e27d56503c7f419da78fed7b4f8e9aa40d7a7f42cd671694f2a65958c25f32443a02d37a9446cd66fa60128bb77f3d8623b3603c7af5e12c3a3d5f5423c56e1013184b409f5f6a9beaa678d63ff1bcc23e4f1b614220b357f19dbbcb1f9822ff9fad0b057fd70ad8e8141dd50e12157ad64cee05fa25d4c775a3dd57a4632120a340141e1ba7f766940074333778761fad5271787ff48340c7f2685ab69e7873f3deb8cdb40508539ef7167633341b8e8f0ead124a0f922461ccee849c2b9e66ca4535da3e9e0793ffc7b2305b2a1ad5dec2fe457f2ca667478b31d90c6763db83ff18836294d139dbc3f443b76bbde6236437879d94ab3702b69e13df94740860f6185ea5fffb3e541007d0a8114d7f40e6f733e5bb0edaec7a14eee2339d1dbbbf429573eb29a55153c9aa55e438515cac1b2ff618311e0dc75c8658586d671ea9c939adc10c7a4f8a627bdd1b02bd50751aff283d523bfdcdd146ab78b9583d09061205ec115c778c9e08ab7ef6892fbe617adc10cd22a17934be64b2fd76365886b3528fca141bf141572030a9285b35ada7810e042d296d6717c92d82958e5da9a9129ea41e31466150df2018baa2ef753570c619b231749cc5f108117fc176bcecf09b273ea720ef2e80d3d057cb67a1ea4b98b0ee787dae0aeeab0c927345aee5ecc46d02e29e35f7506a3fc02ef36a4623ad900ce4d49963145ba1ed2d9a2c593a32bd1103fee67676ba1b16ca4de9685e939705c85c5c"}, {0xd8, 0x111, 0x101, "f276c99f8a0fd782f15d7e2429a08d0af99c621a5ebd8683d4232f6f32b06aedbb9e80f5414cda230fd16cd11c4c8b8d08736fab15e406289fe53ba7c6577e69daf9caea4821d5461cc7d3bd4cd3791b800403d0e56168ddc3318c0338f5c1aa76c782b404eb3da1382029979400a834bc05527b45651d8f41bd41a7754c06ecaaefd4a143a70985efc1e5a9beebc9c6f595bbec1181e9021fb868adf4f40d7b9f02c74f49abd80682e7ccaf7bb712c5629de285779391a2f37397df86bc9242fe"}, {0xd0, 0x0, 0x2, "e4e4be2dd96f0434f44bf8ec96c8dd339fe6c11f4b2c012f04fa4bcc972fea31fbdbad7668cc561edef28283a11520e55c00282707652696cd7b8db79121641187777f64f07c283902fb7997773b5d745c97a78b355f44d460565d15294369f88867f7d0451524be551f0821e04f2c6fc78430c24c86cb5d83777cbef553a7e0cc32daab138c44c673ded92b557363d8861653c0bfa3c1d157cc7a3a45a02f20dda7332e0df2c8848fdf3a5c44aa0956caf3d042c1b5ae0b8f"}], 0x1218}}, {{&(0x7f0000008480)=@pppoe={0x18, 0x0, {0x4, @random="e8ef1fc2dd2d", 'veth1_to_team\x00'}}, 0x80, &(0x7f0000008780)=[{&(0x7f0000008500)="226c225af5bdffdf8b4f76c928d004da9d407bfb0dae5dd57db9405263ce46ddd97e8e23dd98c43bca4fa9448708ca977028b256047a1305fa58168d8ed0cc7e8d367b559cd70caf838022141c31e565de33a3a0c03cd5a9afaba8b8c79e11900bfe3ecd200356726cec4dfdeb74bfb8549e147b867c629db3d857365c6c295d7e0bd837f2c901b6fb8c68c6decb39c66c29a9f9ba7170cb319693b4c13102022728bc3c967fdbfb65f7bdb0ed8e55e38c94badfdd834c2818201ab1f5b06c05020d66fdeeb1ad46d0e2fcb0b7e1cbb93f23ecb68a01bd1ac35e8f", 0xdb}, {&(0x7f0000008600)}, {&(0x7f0000008640)="497ad02b157f547b7528e6405bcfca281eb7a498fd4b20058839f8b324086452f19306c7be353c8ab1ea17bf35df58e0253c07bb5d9bc3101752aebfe97b7ba120f47fe74a4f96f6a651d5530c0302e22bfad389fa2805f80cf61f918df4758744caf6fe0dff02c7e002d4795897c11449238dd685da2b67eb2d160829ac8568a582ed4b984358917b5b246fda63742dee", 0x91}, {&(0x7f0000008700)="b1a54ae603cbd3b97eb6befd428bc56108e12d5697bd156436db2e917257d1238892dfe99b7329e62af73af57023f4c652a15afc2d71402a29fe5921051a3fbf3794fce0c2f7e6d8f4f47b7a591048976fa5b13aa0979916e52c953f0409df94", 0x60}], 0x4}, 0x8eb}, {{&(0x7f00000087c0)=@generic={0x9, "4427124cc586e09db34188e66983f10b65acc342fa58a88ce29b28ab9533628e51f300d1bb13a4c6b04c2ac5d06c311d31991411c73ed87fd9a02a38f2b74101fdcae3edbe85ddcddc440030ff2fdc2cf459edc09a211714c1b10e71e0f1f60a1a75972b689cbd1be61b1d44ebb2e51ed0dd3092ccbe985134b92d36a418"}, 0x80, &(0x7f00000088c0)=[{&(0x7f0000008840)="ddb555e70d0349c5e3a18f9ba96dc011d1cebef3b6b73df2bc12614f24ec70998f4752db841527e7b0998f40740edc866d254ce630b569640dc8f3a92f38165f0baf8f5acb8fd66d9910e3319bfb5106a5e639de3cba095860d23a4216aa00e82dbfe35a98ad481a8ed596c4fa0c598a92d7f4053f42aaa1173bfb", 0x7b}], 0x1}, 0x4}], 0x8, 0x44001) io_setup(0x6, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:21 executing program 1: 16:43:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, 0x0) 16:43:22 executing program 1: [ 2032.258290] sp0: Synchronizing with TNC 16:43:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, 0x0) [ 2032.502561] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2032.563866] sp0: Synchronizing with TNC [ 2032.578498] CPU: 0 PID: 32742 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2032.585651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2032.595009] Call Trace: [ 2032.597612] dump_stack+0x172/0x1f0 [ 2032.601265] dump_header+0x10f/0xb6c [ 2032.604996] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2032.610116] ? ___ratelimit+0x60/0x595 [ 2032.614018] ? do_raw_spin_unlock+0x57/0x270 [ 2032.618451] oom_kill_process.cold+0x10/0x6f5 [ 2032.622960] ? task_will_free_mem+0x139/0x6e0 [ 2032.627477] out_of_memory+0x79a/0x1280 [ 2032.631477] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2032.636595] ? oom_killer_disable+0x280/0x280 [ 2032.641098] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2032.646222] mem_cgroup_out_of_memory+0x99/0xe0 [ 2032.650900] ? memcg_memory_event+0x40/0x40 [ 2032.655238] ? _raw_spin_unlock+0x2d/0x50 [ 2032.659400] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2032.664519] try_charge+0xfec/0x1570 [ 2032.668239] ? find_held_lock+0x35/0x130 [ 2032.672313] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2032.677190] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2032.682040] ? find_held_lock+0x35/0x130 [ 2032.686114] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2032.690975] memcg_kmem_charge_memcg+0x7c/0x130 [ 2032.695653] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2032.700168] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2032.705030] memcg_kmem_charge+0x13b/0x340 [ 2032.709279] __alloc_pages_nodemask+0x437/0x710 [ 2032.713960] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2032.718992] ? ___might_sleep+0x163/0x280 [ 2032.723152] ? copyin+0xb5/0x100 [ 2032.726536] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2032.732090] alloc_pages_current+0x107/0x210 [ 2032.736512] pipe_write+0xa65/0xfb0 [ 2032.740163] __vfs_write+0x613/0x8e0 [ 2032.744019] ? kernel_read+0x120/0x120 [ 2032.747915] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2032.753494] ? rw_verify_area+0x118/0x360 [ 2032.757657] vfs_write+0x20c/0x580 [ 2032.761212] ksys_write+0xea/0x1f0 [ 2032.764765] ? __ia32_sys_read+0xb0/0xb0 [ 2032.768840] ? do_syscall_64+0x26/0x610 [ 2032.772822] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2032.778199] ? do_syscall_64+0x26/0x610 [ 2032.782191] __x64_sys_write+0x73/0xb0 [ 2032.786095] do_syscall_64+0x103/0x610 [ 2032.790004] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2032.795196] RIP: 0033:0x457e39 [ 2032.798396] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2032.817316] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2032.825051] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2032.832334] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2032.839629] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2032.846908] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2032.854192] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2033.118298] memory: usage 307096kB, limit 307200kB, failcnt 2388 [ 2033.124629] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2033.178217] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2033.199074] Memory cgroup stats for /syz5: cache:23076KB rss:260148KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283216KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2033.318866] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=32722,uid=0 [ 2033.414189] Memory cgroup out of memory: Kill process 32722 (syz-executor5) score 1147 or sacrifice child [ 2033.468392] Killed process 32742 (syz-executor5) total-vm:72844kB, anon-rss:13460kB, file-rss:35820kB, shmem-rss:0kB [ 2033.535380] oom_reaper: reaped process 32742 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB 16:43:23 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x8b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:23 executing program 1: 16:43:23 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000140)="619003b30179611157aa8ba554369fa52863f147a83b2ae16ed41df8e85f843b7506830a4cda8166b0a81c5c2b5f865d977ba32fe62bb0b53dc0df8484e23796c9e88d9b67ccdcdc79eac8402a22e25c61f10baab49996efa60bb7637058250bea1f2ff5b5fd6a5fb3c6b93e60ba30fd262e0deef9deb3d63b1f54f6fdf237aa0844b3c96e4f675f83079565f9780640352bf2bae4c8e37012aafede1d7cd0a2b46f6c5559820bcd19d54dd022806173b07d643a5369421ba689d56aea3fb5cf442d240284be368ca7c70b49de87a576edc211e52c6cf3c7eb16e157648bb66d1da6688947daf0") clock_getres(0x7, &(0x7f0000000000)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x7) ioctl$TCSETSW(r0, 0x5403, 0x0) 16:43:23 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x11b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:23 executing program 1: 16:43:24 executing program 0: 16:43:24 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x200000, 0x0) getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4) 16:43:24 executing program 1: clone(0x200, 0x0, 0x0, 0x0, 0x0) symlink(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)='./file1\x00') mknod(&(0x7f0000000300)='./file0\x00', 0x1042, 0x0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x10a) dup2(r0, r1) execve(&(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) r2 = open$dir(&(0x7f0000000240)='./file0\x00', 0x841, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000001c0)='./file1/file0\x00', 0x0, 0x0) write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file2'}, 0xb) 16:43:24 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:24 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f0000000000)) [ 2034.709425] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2034.766659] CPU: 1 PID: 345 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2034.773644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2034.783008] Call Trace: [ 2034.785620] dump_stack+0x172/0x1f0 [ 2034.789275] dump_header+0x10f/0xb6c [ 2034.793014] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2034.798140] ? ___ratelimit+0x60/0x595 [ 2034.802048] ? do_raw_spin_unlock+0x57/0x270 [ 2034.806486] oom_kill_process.cold+0x10/0x6f5 [ 2034.811019] ? task_will_free_mem+0x139/0x6e0 [ 2034.815567] out_of_memory+0x79a/0x1280 [ 2034.819583] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2034.824713] ? oom_killer_disable+0x280/0x280 [ 2034.829217] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2034.834337] mem_cgroup_out_of_memory+0x99/0xe0 [ 2034.839046] ? memcg_memory_event+0x40/0x40 [ 2034.843406] ? _raw_spin_unlock+0x2d/0x50 [ 2034.847571] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2034.852684] try_charge+0xfec/0x1570 [ 2034.856406] ? find_held_lock+0x35/0x130 [ 2034.860486] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2034.865365] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2034.870224] ? find_held_lock+0x35/0x130 [ 2034.874304] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2034.879172] memcg_kmem_charge_memcg+0x7c/0x130 [ 2034.879187] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2034.879208] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2034.879224] memcg_kmem_charge+0x13b/0x340 [ 2034.888404] __alloc_pages_nodemask+0x437/0x710 [ 2034.888423] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2034.888440] ? ___might_sleep+0x163/0x280 [ 2034.888458] ? copyin+0xb5/0x100 [ 2034.914728] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2034.920289] alloc_pages_current+0x107/0x210 [ 2034.924718] pipe_write+0xa65/0xfb0 [ 2034.928397] __vfs_write+0x613/0x8e0 [ 2034.932134] ? kernel_read+0x120/0x120 [ 2034.936026] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2034.941564] ? rw_verify_area+0x118/0x360 [ 2034.945703] vfs_write+0x20c/0x580 [ 2034.949238] ksys_write+0xea/0x1f0 [ 2034.952769] ? __ia32_sys_read+0xb0/0xb0 [ 2034.956823] ? do_syscall_64+0x26/0x610 [ 2034.960787] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2034.966138] ? do_syscall_64+0x26/0x610 [ 2034.970106] __x64_sys_write+0x73/0xb0 [ 2034.973985] do_syscall_64+0x103/0x610 [ 2034.977864] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2034.983040] RIP: 0033:0x457e39 [ 2034.986223] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2035.005173] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2035.012870] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2035.020131] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2035.027446] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2035.034710] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2035.041968] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2035.054947] memory: usage 307072kB, limit 307200kB, failcnt 2444 [ 2035.065260] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2035.076516] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2035.087220] Memory cgroup stats for /syz5: cache:23076KB rss:260340KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283288KB inactive_file:4KB active_file:0KB unevictable:0KB 16:43:25 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:25 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x11c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:25 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001f88)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000c0c000/0x2000)=nil, 0x2000, 0x0, 0x811, r1, 0x0) r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) getsockopt$inet6_buf(r2, 0x29, 0x2f, &(0x7f0000000040)=""/145, &(0x7f0000000100)=0x91) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) mmap(&(0x7f0000941000/0x2000)=nil, 0x2000, 0x0, 0x4011, r0, 0x0) 16:43:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:25 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x6) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0xa) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x40000, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f0000000140)={0x6a, &(0x7f0000000040)="a7d9af236c3bc29e3b5b34a52f7f2ed4782544e6deec3c4ddb7f7e35d9f062507662d9893404d7952f9b353f1342cbdd01a51576778c21c1cdc9d097ec933502ec3173fff9c72b0ad5a610c8acc112153b539aee158a3eb816cb0f5465a4092d226b4f62bbd23ea65a0e"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0xa) 16:43:25 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x8c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2035.109390] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=334,uid=0 [ 2035.123838] Memory cgroup out of memory: Kill process 334 (syz-executor5) score 1148 or sacrifice child [ 2035.133485] Killed process 358 (syz-executor5) total-vm:72976kB, anon-rss:13728kB, file-rss:35812kB, shmem-rss:0kB [ 2035.149827] oom_reaper: reaped process 358 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:40kB 16:43:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:25 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7f3decf0, 0x0) ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f0000000080)=0x50eb) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) 16:43:25 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:25 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x11d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:25 executing program 1: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KDDISABIO(r1, 0x4b37) write(r1, &(0x7f00000001c0), 0xfffffef3) ioctl$BLKIOOPT(r0, 0x1279, 0x0) read(r0, &(0x7f0000000200)=""/250, 0x50c7e5e2) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40485404, &(0x7f00000003c0)={{0x0, 0x3, 0x43, 0x0, 0x20}, 0x5}) io_setup(0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x1e7) getresgid(&(0x7f0000000040), &(0x7f0000000380), 0x0) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) ioctl$RTC_UIE_ON(r0, 0x7003) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000540)={'filter\x00'}, &(0x7f00000004c0)=0x78) getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) fcntl$getflags(r1, 0x408) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) [ 2035.673630] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2035.713537] CPU: 1 PID: 409 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2035.720511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2035.729864] Call Trace: [ 2035.729890] dump_stack+0x172/0x1f0 [ 2035.729915] dump_header+0x10f/0xb6c [ 2035.729939] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2035.729956] ? ___ratelimit+0x60/0x595 [ 2035.748858] ? do_raw_spin_unlock+0x57/0x270 [ 2035.753289] oom_kill_process.cold+0x10/0x6f5 [ 2035.757800] ? task_will_free_mem+0x139/0x6e0 [ 2035.757825] out_of_memory+0x79a/0x1280 [ 2035.757846] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2035.757863] ? oom_killer_disable+0x280/0x280 [ 2035.775956] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2035.781088] mem_cgroup_out_of_memory+0x99/0xe0 [ 2035.785791] ? memcg_memory_event+0x40/0x40 [ 2035.790171] ? _raw_spin_unlock+0x2d/0x50 [ 2035.794415] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2035.799545] try_charge+0xfec/0x1570 [ 2035.803269] ? find_held_lock+0x35/0x130 [ 2035.807373] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2035.812240] ? kasan_check_read+0x11/0x20 [ 2035.816415] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2035.821275] mem_cgroup_try_charge+0x24d/0x5e0 [ 2035.825875] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2035.830818] wp_page_copy+0x408/0x1740 [ 2035.834711] ? find_held_lock+0x35/0x130 [ 2035.838787] ? pmd_pfn+0x1d0/0x1d0 [ 2035.842336] ? lock_downgrade+0x810/0x810 [ 2035.846511] ? __pte_alloc_kernel+0x220/0x220 [ 2035.851019] ? mark_held_locks+0x100/0x100 [ 2035.855263] ? kasan_check_read+0x11/0x20 [ 2035.859425] ? do_raw_spin_unlock+0x57/0x270 [ 2035.863847] do_wp_page+0x2ed/0x11d0 [ 2035.867570] ? rwlock_bug.part.0+0x90/0x90 [ 2035.871807] ? lock_acquire+0x16f/0x3f0 [ 2035.875794] ? finish_mkwrite_fault+0x540/0x540 [ 2035.880468] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2035.885498] __handle_mm_fault+0x22db/0x3f20 [ 2035.889923] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2035.894777] ? find_held_lock+0x35/0x130 [ 2035.898845] ? handle_mm_fault+0x322/0xb30 [ 2035.903098] ? kasan_check_read+0x11/0x20 [ 2035.907257] handle_mm_fault+0x43f/0xb30 [ 2035.911332] __do_page_fault+0x5da/0xd60 [ 2035.915434] do_page_fault+0x71/0x581 [ 2035.919249] page_fault+0x1e/0x30 [ 2035.922710] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2035.928600] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2035.947504] RSP: 0018:ffff888059237b30 EFLAGS: 00010206 [ 2035.952873] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2035.960149] RDX: 0000000000001000 RSI: ffff88803bad4e00 RDI: 0000000020761000 [ 2035.967420] RBP: ffff888059237b68 R08: ffffed100775aa00 R09: 0000000000000000 [ 2035.974690] R10: ffffed100775a9ff R11: ffff88803bad4fff R12: 0000000020760200 [ 2035.981960] R13: ffff88803bad4000 R14: 0000000020761200 R15: 00007ffffffff000 [ 2035.989260] ? copyout+0xe2/0x100 [ 2035.992728] copy_page_to_iter+0x347/0xd00 [ 2035.996980] pipe_read+0x28a/0x940 [ 2036.000537] __vfs_read+0x610/0x8c0 [ 2036.004173] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2036.008776] ? rw_verify_area+0x118/0x360 [ 2036.012937] vfs_read+0x194/0x3e0 [ 2036.016401] ksys_read+0xea/0x1f0 [ 2036.019865] ? kernel_write+0x120/0x120 [ 2036.023852] ? do_syscall_64+0x26/0x610 [ 2036.027888] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2036.033259] ? do_syscall_64+0x26/0x610 [ 2036.037242] __x64_sys_read+0x73/0xb0 [ 2036.041052] do_syscall_64+0x103/0x610 [ 2036.044958] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2036.050155] RIP: 0033:0x457e39 [ 2036.053374] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2036.072280] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2036.079991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2036.087262] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000006 [ 2036.094535] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 2036.101810] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 2036.109084] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 2036.187425] memory: usage 307200kB, limit 307200kB, failcnt 2518 [ 2036.231608] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2036.245534] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2036.253142] Memory cgroup stats for /syz5: cache:23076KB rss:260284KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283344KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2036.281378] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=395,uid=0 [ 2036.301918] Memory cgroup out of memory: Kill process 395 (syz-executor5) score 1148 or sacrifice child [ 2036.313926] Killed process 395 (syz-executor5) total-vm:72844kB, anon-rss:13656kB, file-rss:34880kB, shmem-rss:0kB [ 2036.337740] oom_reaper: reaped process 395 (syz-executor5), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB 16:43:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x200000000f) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xffff, 0x80000) futimesat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={{0x0, 0x7530}, {0x0, 0x2710}}) 16:43:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x8d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:26 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x11e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000280)) ioctl$KDADDIO(r0, 0x400455c8, 0x3) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x101100, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r2, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x10, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}]}, @TIPC_NLA_NET={0x4}, @TIPC_NLA_MEDIA={0x2c, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24004000}, 0x8040) openat$dsp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x218280, 0x0) 16:43:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) stat(0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) r3 = gettid() process_vm_writev(r3, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x38d}], 0x1f4, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x306, 0x0) close(r0) ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f00000000c0)) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r4, 0xc02c5341, &(0x7f0000003980)) r5 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0xfffffffffffffb3f, 0x420000) r6 = accept4$unix(0xffffffffffffffff, &(0x7f0000006740), &(0x7f00000067c0)=0x6e, 0x80000) sendmmsg(r4, &(0x7f0000008900)=[{{&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r5, 0x4, 0x2, 0x0, 0x1, {0xa, 0x4e22, 0x62a4, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7fff}}}, 0x80, &(0x7f0000002380)=[{&(0x7f0000000200)="74f85545be4d31fa998d8152b97e6619ffffe20a264d955b76eba91c6e9640e869792dd71e9da622790d0041828cdbc3078b4dab5a02b10fe60dfbc1df5cc5b3bd46bc2f4f1a53a8c2c71950fe22e663ceb6edc831029263626381030090571bd1f9369e74d8776573e79caedd44819bdfa10ccc4e7a75aec076e0b3751d98a1c54df330cbb6f1bc914ba3202485d3e18c222a6b13c465860a734c47dca22990e1b6bf830fb40d676839dbd29e8b0f2e89917b5568cce2237f205d109f3d258edb38987f113a254932bc5c57c5fe67693682b618f9a51c78e7f91743a5bcefdc9243c5c18c665aa84639643a398ec255b769e82e95598933c5eada7d07226db095236c39934c2156f9c30c5f0689627c5f957994f349c98148dcb1da2befda32942bb8cddf211f78feb9a8304ffd27543933c1c0184cc8789465aa77ccd877a9b4fb27bce3b50f4c27099ce561a97a74768445d8195f9caeffc84cc5b45d4c562db8c85bd63e5d2739d521663df3d34d282d581303a92aad2895357567d2b243c04605e4a4849edf52b747526752062aa03ad509c3b100bb986ac806f0172bec2f211dd0aade3e47f2d5f5c2fcc1f561d3b34d2e7453dd63597d9680157f2283e5d8ffc4a33f6c4ee8ed037e30e4d41cfb1526684656f283a801755e9cb7a66df0f83df79ef76df385536690f76e6031c002953caf09383a0127a758bc2f39a72c2e8b5f128f3a013738074886cdd77115c8537efb4acfed248caf5816a347459f73cd9e045de6b0fb272efa5df42f8b89208623df5a3a291e347d30c89ecf43c273dd6782f7b1d9a91881cd1f7208db21b67f34c3f8538eef84236270601eee6dccc904254b5a353c801b06431a764c5610c2eea96b9ad413e2f290fd7ddc3cc6550477b1a9cba4bb28d7b7024295b9ce0df160e7569385ec4e7926ae2d06c4705d6a2524165ac282b2bac729d77afaa31de94fd23d41a1ab74d9f65353ddc65b0a51c206ecb8504af62b73c5971b0125f1a54e3f19ed2dc4c8a1789bc8869969ef45f11f381384cf4c2199e4709833901a6450bb047d7767d19b433220ff41e77f86a4f0bc71a173dcf945e4cb5dc339a884f42bf5b2b9229549a785ac5bb2aaad4764b9209302aa81e475567d0d7ec7568bc74421d6cda9126bd4b64cd1c1cf4ee113893a028062826eb6be8bf486adaba173c00c2b76c4839589f08d239dfe8def1280e54e4d51fbe429ebd2dd7d84e661bc4eefcda212ed5a47f51e4d0b770edda210c8e3988dbb12418e24d2157087151cc37922600965a0a38f79ec49b5f6c9d515f6a2bb8e8933dad029a27d48b6368484c0c5598acf776f25752ea8b26b78bf8d2f647a76cdda16ea26a005f3b31e556b319ae0e67f6b924577dadb472ad64ad2ddf83fe40c1b08cba2f326d43ff809a31ff3abee975211b1105cc854adeb0e2efa4c704d5c9497042782d3f435adfbf7cd1fcb1f0a5c0fc5064f439c386c273398439ba72513798c5ac857c8d0168ebbaba43c031fdf802cfcebfd76044d29beb2155b2110a26342177e91c4648b901dc27403a809da2ae5f83321b5390ab402fa0d62afcbcb1c56c7fe3865520ceb5c50d372d90153facd32177cf05285661a349fc8c940e7b83b25a9d62cfe32bdfc4af101cc0aecdbe05d6894884eef98147453cb788b33bf1697550d00342b8dcd6985913fb1eba33bee180f4a11ba5cd0def601daa6d5bb899cc184b87559212a2703785d685dd794c662665bf82ad0fe37d55509bd366dd5db31a9e8398bbea06663e58d5d32ca36d16664843f641c20fee1765ea95f7be92c0affe53dfcbd4b6f9bf7e42653e7ebe1eddddd46f8b4e8b01e69c14a7e22a7e00874344186ab4021c50863489eae4212f332460ec235c7ce30738824b9c3f0c5307b18da55092d3b2a7c2dbc53d484425966114b097b4c8e63e8dfa24fbef643bb6cc9392d36a9b5b42ff7f97351c8b27aa9e5adb6c50cf0527df3bd76a978dab1dfd27b19ca87f10248da35159e050de778250d11bbf7feca54843bc1ab66d4e4153f2ac1afa440eb174e0d14244c3935549bf047ab731bb6d78c23dbd776186c9df6abce094b9d8108ef35edcbd9d7a7399396186aea0ec091336faaebfc66dbd3ee7115ed4a2197dfbaa960c6e7c124e6a0b20ea0b44322f16fc03803f3d84eae1abac3e9dde5586c45d61884f117d4bc6b5efd8aedb0ea11c5be3d3d0d8ce7e091fc9b63e5829104e92dddc49982bb4f9f0b8c59893960aa147f5169513539c8713f176654bb7a1e0bda366ad44d8d842903e983037aac78d9c15358fc06154e9bbe4601496b5a82f23cb114c5458657a5366061ceed505b540a72ffab900a427afc3c7271b02c569dd33ea2a663d827e420a5d77d9c4d23597d9857b6839facddb09d2e7d6c02725e5e65a7a39af6994e4adec4aab1a39be31a296beb4b719aa6a7dba4fc468e90d8e01ea80a8d955cef7b11e83deb664b49d7ee29f083aed338c55314b4dc108d9c204b8a4964fb6421dd0929629dec106aee69765d3dcf241bcb40dc0a3ad461a35b6473f20ce798c0d51693c8d3e732121a91a220b39b8c31c58028b2f028477a2296d10470f342d9bbcc9a9bbbd79bc1209bb39fcb2ba4882ac92dbfec1fee084749873bb79abd07d65c37643532d8c86b561f96de4d73c226c035f39e71909f2ca83f3ae9e4f39493732eb167d51ccd715e59f5cdb9bb992be1a18294f5b4a3f3b9b5119fc251503c310440a124b57b56972f67d6dff0023929d313a7187adfac521c9a0fe9b0f7e62ceabde154e214ad1d5bea5f07bfd27c80887a5fe19a94576bf11e66f457485d6ce7944fc3824d4e8a9782bb6d67d8084699da3f3341805e76f336d7fcd3e149804b137f3094c85ecbb25f2d7a3b8ee28dad6a4db53b1e7e12b5b092916a146276b4f8c11161857e33da8b5ea9dd448ede613149dcd66800e66b79c8ed2e22492f6b3672825cb6240e9237e043e1b3eea916bb339a924422e68374c3b1cb5797cb7e70e1de8faf404a3c5f8a66b477cac03a1cbca277aee0ef48366b9ab8d2bfb0aee6ddb0374fdc6ab6cb21ca75ef30f759b0436cbf49aa35f8dbb11c58c626856bdae33e0933f55c0aea4b67349068a386c0bbc0308fb2c16b7cf55b08f3ecbd2d4dbf20f13b33054e23af5d856f3de775561764471fc6c2e2a170b6acf532de4f76cbba36a50656178228a96f5385cfde98c1a560568cf131fb5ae352887ee0c33527628dbe18b62c76d583d9847e78feb716f18ef32e056f4c55c6c9856da7385f0de8995547eafe01212d3712f00673fa8751e941a4263d6821ba985956761c4c979425ae5629d6ee279c25f3765ee34747001f7d02af58f6334464bfbd180bb4a7430580ae9944c044e8cc969874d5b8444381ea13b43c494722268a8d5e880d04efb492408310fbd2f7cc7d53e7629f0e242b5ae5ad6f26bf63a431bbcb931487de2edfe55dd4c30655a58390534458fad147507d7c97c284086e0aed9f07bcf294889be6d25849ca681d2eb421b0ccbf50bf1ee4723f3807a2f219e26b99dd2c3431b87e1fb7af5b2b50d8d7d460e36b805e295fbb68b64579f9ab8589107fbd7621b7edbb5907da4ae68cb151f36b4ea1413a1035503b60867abfb06935e00bf8063c1089efce5314984506f6219740a87cf0c1390865f67976957fd89ac2bd099e38cb3ba9f8d68893a0a0ef515b80d91484244960adeafb7d6f74c1726277dcc87d48b40e85716ed3474c6a82586ae36284936449d752affd2f0d4c6c96c9a5c9001dee409af22567b469ef8fd2eadb57b578acfdd8e9011a16acbe1ed5216bdb506877e54f6aa11792dad286c6af1a2351c668d29875d2ad3d4e0ec425378980879bbadc2128398038cb27bcc45e6a43698b2e09c3e4833bddde62078e7df69f9b889b3e60037d9123103b1cdd4aeb7edcee76fa69ccb3f2765d43ae432275b453856aa6b31d790a624e0b49cb3fed06d37859384e63e23ed249df9fb38b3fdd743f5e580099e5f5b7a725bf4d445317cdfef32b5f85000acb24556cec52764d8346d8bc310e65ccfb645d705c671e5f2b29fc3604dc28101180632578be0d972d3a51c03631c47ffce77379895406cff682b701634b3af441ef84c98f410339a96e92656b058ac1ed358047f3e7b3e76d275b5761558a7fbe2b853c27661089aede4f9a24750ef59075900565d540e8ddffc06e1894ce60d4aae6872e0ab49ad1ea0b291781426946b123c70869b973943cd70323444fc40e965335c0b413fd83ec9b2adbbab0018ec5410116b2a8508448f7c1fdc4a7ae4deea450a3bb78cb633ac23a01bf723782caa19ba81469c631d01d2c2bbc8b84f70156c73b5fc789eca5d1a302b78110f2f4faab5e034a5dc2e77e9760a28cfed8234103ec81760b95ecb6a3868bd5d8e29f8438d86db0a0ad3fae8f01aa0811528474dc2ed288d64de68204114fc2b4c26274ce73190047a8628b8d20bcab842f651d5485815a42e08072855578e480fb38101c0a37bdf3fae377f75ce47b1f40c5d04205fd86ebb3a9d0542de9e82a1fae7ce1bd007b94aef83ffc8520f27d6a52e7f27d429ebe31920d46df876816ac3f2d3ef1126c382e3534e27bc67e7176931eba90ae32b991827c71f549ac032dfe26261f9b0cc8752fe97413ddd5c7ae4ce31723828df8b9fb2d472b9fdc398920756a00bedfca92cc0d5bb0d46caf85918ec7d23195f061ebac3f55653cc44f1ebd1b25a6a230141bae948785f25eef55fc882854a3e6e65d26df9add34af0f143f1e4dd7ff52f90ce720703a7d4c36254ec85a4e21042617e562ac7bb46a605dce401c1cd85c4ea71ed168f38d95fea101285ab3f7758707bb8b2605b2632b54256a99d8992741d3abd20b5583b0a450a5fd6e8185403ad39fa805c1b176839d362caa235db115b0e0d43055faf9ab82d3f49fca98a9cfffb8762d499fee65ddcb704783119540e8937092197caa053109bc7ff44b16a7c09b9fe705876ca7f7da11a24396a0e0edd9ddc77fc86a2fb23a4e8c2f25baa7c4ca0ee922d2653c3e5149ec636b6bf87a6a45dbfaffb1e46fa7a475b558b0b59df524ddf33db361a95896308ba5292c39eed084a5294b5ba3547ecf39a3261db0458a4f388681243156133ad1a5272ede1f24a4418c829eb365e3dac6a3638dbc47e9dfe2710016d7c1f7ddc31452d44344111f37ffab6bb6250aa0e3a5c5021f4a2088e9048089f84c602ca511b95c069e1b2eb3048b876c5811eb0fe32f14f876325de12e655028897d6a1e21337fe962a1520dd303fbf87a64ff33f9ab9798b5f124f30abd5c2051470e9f12410b5a8cd833d9cdce54823250f2a1c6f216b26ee8e9779977e2164d13f43de845f91eb7f7836324c731773adf0e282f4949b14106c7afaae718ab93f74f08c3d3b2e7c1502edca03cb82431cf8c8b219cfd05c049cd4411acf011ae99b6e2ee87e6e98071ea5b65b4467f63e845634537aba9abe41930a8564981c9731adb01185507255967240034cd08487995c8ca5e235c264bc3807b15a3131e65a1b990352f9a18f8bd4c92f691a49f932972b4763e80839a775cfb4fca29d14ab04214bae0b0b4d2a67b47f4d6858075b5cf8bf71683e539f96262149fc68ba5e9eb62dd3cfc18e66cdb2d648b9ef1e3cb8c22474a654b0e1c07773360c9399680d8904852b6691de4b188085e5e48acfa05149948c6e6b3dee53df9237aeccb288cc908c6c284793e6c273e", 0x1000}, {&(0x7f0000001200)="bb94797e221999c7bcb935daa86568a4e5026cda", 0x14}, {&(0x7f0000001240)="86725cc1a9566aeca032c2e7b193d26b5def9acecb051a839578529e2062859076536349ee17ddf9cd2e8e01f895478188687772c70cac2091052cdc03252485867263e29ad70983cf56a33f95a9dd20150f7b398a3c731f5235dd0133c2d98da10245c2315f844ab8941afa6945d325bef5ebfbfff3a0e93bd01fce9be1af2d51073fa0a756f31ea7a0845368326b263b030b2dfc6c252c98bb465af6b9d635a7897b85e501c704aa656c8c4eef9a83e5f7c9dddb433c4c95cea7e0def78b8f776b461cb2e3ea86d3d97a269d92689dd7f206e9321101abbe74510cbf719fe7e21466e371c4667b8cd8da0cbcde003df4e25b6dd2776751057fdab6acfd0b7b3a1aca8c38d5a0dfcda319fc1772ddaf1baa65667f0676bc33afd2d528bded5e4390c9689c20884cd3871a19903615f4795fcafdc1d12d2a0dc26b7646f2b4ff790ccb9c3af984e7ffa02e5c254cd7668c4d220ecab3839c7b1e5f671248909f7044ec1b764261a4eedec0ff9d30c89ad76f46576e227133e46e7608824f2f5396a95150af457304d281336406478a5a116b37e8f7f0d8bd91c17c856bbe39917fa2280b62ca746ea62e8311b91a15fc806a0af69a8815e66a4c1efcc27e89b27ba3435bd46de8dce0be415c561d780e2aeec7426b7d0dbcd1831b8ee07e421c707d6d4edd089781217343dc03d6f48520db77c8f7108bf12176c43de9f8da192360be88d15d155834d10bfdfef763578a562142c0999fd9764d7ba945692847cc005ced6fdd64be682eb5e76e7184d31122760661c09b7518fc14e42156f89a6db8ccf13b885942e6a23ce9995f8c7cbc3342a5449f6228cc020c09a120765dd9e80fcb6434a024cf3d0610fae5b3ed8f0a12b72191c6f61d417ce16223c13eed3ab8356e4c1b3f61726f6f9ec9d1b8bb0e1c195d5c650409ff5d368a2bcd10cd754dd2c00074a8133501112f49df4fa0fbdcb248d5e9c6a3842fb7d392a7b7fec62d3c561fd3cd7b8447884295a348a7679e424f755623acff8ddd3d064ac916698f6e995f9bb55c55d684c14ca47d207baa6aba0335303d68ce3a96da0c9b0f9b615ccabf1536578d02132c837cc010ed3e99cc0ea9ab27dcb2eaf48987dbc2d172d326aa1f73b3f074183bad06ff39d3e98eff70892333ba3a74580e5866e87806e7cbc73c274df208d0c22293ec7dc9259f69a2da5fc1c158e9e7a5dbc69686bf7a7be57f2fcbe5ff237b7fcf92073e4f8ed2daf1d4d3a2122fcde744f77d5872afd8a9dd9a7e375a0c1777173a9eb73779069c772901cce8b66253c84bc587aa5613e24365a4385b83836292595eef831786439cf0c7739c135abfe94f948d1753f5a97ad8a46484cde79c2d7f27451e9b5ec752b73bf28dc9d871e83af2f9b84e88c37929a4e0649425c8615b344d52865f721c2d77d8db4243fadd242048870c342e71dc5ec1798854acd78d061991fbe4dfa67f82758ac591b636f86354491206b4ea8a6a683809076c98b1c98913de513366f0f7ce7f55977dca767da721c79796f2aa9777963e4a4d9478425f41fdf756b95d9d1230f2c99c3bb74d3b51f7fc7ffb0e31cdbe56e14bfc651db7c980141bbff57d468e448ca4c69c92632cbe6c36995903888981a052bb5619f35fd46f731ff596921c7c62101285f36ba8730260de5dcb3db68116eecf847e072deff6750a0f68b041fda3fabf6b426ebbe84c26686c2ecd8396f80dac785aa74438e4bc9f971a2045e6f0a8da1ab9e07a8de87906b329ab612c93aa2aa4480e1216abeec783280216efbff2d92ed082201286d41a306278ea0a8c224a7e1ffdfbd0e21ef515618e784d1bfc64d6543355e81bb8ad2104cafecc5a35ffde5f029799875dd8978af845760f5136ae1b59f8ad3dece8c345ce5340a13bfbebf22811dccaccc62f1366b12d1957e9a313a3bb0bbc0d8c10eba0255c76455d4ca48bd41e06a62a22ebe3b7b2e06826bf37908bef2b338e72e6f15fc9f293a4006f7cf22b2ff65acc133dfce290f8b8a3ce20da2a9cab9a6ce89f63de9ef6fd8f4e180a1216ddbfa01e24269d26f1b5650b3e81a8d476a4d6f567d3bd7c728cc7a991fd8dc23dfa3b0e41fd517d3d042ad1cd561de2c2561ecf752d5d5e07e379d1f15a81295fa308801261c47f5bf5ef2bf36525f8ee536cbb84859a51524b371d549aa65623c4e2a3fe8b44c97672de0b3650f17a5cf6997ae55b60e9487c8b1b72cfb4b06d6fe8139293d63e436ff2d71751205c00867d77ee8c6a3e70ad6afc6edf581f5a1a5f9c2111963b7f601c347a35450a3ca925f18cee06d9f0e4efbda59fa0ea628c0f867565b713ac3dc0a1ee9edbd2f130958b24ecbf1f791af0494a6edc23912485416546f647bd0a21a7904489c221a1f243aa7c47302470fb020f1dd2815609387f18922c7bdaad4aca9f10079111ebf16ddd7b07e92357d21cd4be96c3946b221c83ab6062430f1f2bd65069c45c97fdc398c39da439931e1d31a2c59001b7edb0ebf18f6e718dd6e47a655ce108bd6e45369477b34ee073f658e25b9a02febb1cfd81289411bd8da6d83ce7cdbe8ff3b02794845276eecc86506f34ad19f410bac0cc4c09c462356b96ffb72eb720999375be268069e7b801e92dfc0e2484af7f8ede4c5d189e7eed1c80652c3a8a7cd7872b9db885fd7f19304a1763ff520ab36ada09033ec63823138eba58988490d98442c0ec128a9dc338872639ab88ba8ed19afc115527364942f7acc80b556a5394a5e83243a8fd49b86c0f568851b458f5d8959f19c8849ebe1adae00e66f4d9a4750871d82752d69fbd16adbb34d7d4258f5b700fe38e63a7c4e9c9520651137c4d9ef306437e9c1e017f601e28aa3bc07a53955cdc613ef85b3e712b6ea08c13ca90866b00dbefef8c7b39a1a8dc926cd4ba6968b4ecb17801b6d13fd8f323f0bbfe9b21d8671fa365ff24c8f99e34ad7912c156a0c09adc6d52f60338c485e71d2b54ec3d3427c5172916d1bfa1abf4393e82755813ab660e26ea62903f330428309ea950bcd387c3d688f11c2d7b63ccf4132b6409b66a21c4745a99cdf00fcac4527fc9e2abf2c73e27c88097236d5b81035c0562b51458e427bf2800a91a3cd96dbec023a4299a1706e26bf18b642ae067925fdc777efe774cffae434146fcb2868309852a3d5e053d6c1ded693e5c89b5af99c840747a9007de51bffbc1e4afd48a002dd9d283e77beed747b75a73945bfe28eb0ee0a7c4a101106c55b808aa780658df705ccbdd947a63edb91f40466a33b6ca7bfff61d8d259216b90d73bddec13bd1c06f0ec54b3d61f577ce501d41aa40043d700c295bbbc5bd36f74a1d4b5475bef13ca2fe53aef1e8b077768b9ce1c322ae8c22f931d43f05d73f6cec8d63e94e6c8ec2a928e91ead3db52dbd415c37f6940f6e909518e4cc540fe81e6a02f8ea5a259fcfde696b538dbd5bd388b4b53578aaaaf5f54861140ce193dbeaea14064be3106708ab6fa78f886799f10b3dad3f258ec751915f4379b602e3666512790dc29661779e0a61ad1b50fff04dbc2c98b8f7b79dc1fdf771acfe489b404c5c01c89bb33b9099df9096bef504fcc14a6fd17e4cf2d0582bdc5c43a6d803fb72a37bf0fe4cf3b669612d4ea7c3408af69d8a36abebfb6e3c922f27b11e91868d6a3815a3d9c1fd673b4969e4cdc2509e788559d817518f7572c46c44248528dd223fef6d488466017eb04be07928b6b4b74d7b1429c24f7dfc7b07fdf79dbdb2113b085c9adab0d171acfad655414f9ac66d4594e901dc419ef8b4c8de1ac35699fa0e93588fb61979cd22aa750ac292c7c77796d3162df03aabe8b0c0c6e8ddfa90d3c1c6b5e90d09461f165142fdc06c5a09fbc998eba3acb8b8064241c8103503fb17b86ebedaa745ab160ecb6ec8e32e870bbc106cfa7077dfa27fba2f671e5ff61f7f1e582064cd2d02a4a1a2017059acc273639143facc6f2bb3c41f66730ae8852f5ec2e490063daa3837e072f1a2f33cfefa36f7b05edfd42bccc5b434fc90741809e8d87beeb8dd61b85ac702e5c91d822a81f9291ff83d6fceef2970fc6cd4c6ef9946d0e559c8424c7037beca03916e59f0bcb9875bc3e6d1072610822a0f8e8db0099d3cc17230ae6838b2075895822df069dfe569d9979112100ad53390d14af75410ef15f6731f1e00c6a6246a4f1e4dec11c4ea6dfeeac9b4cf69c6cb45c4ffde68b137859284e8976a1d89059505bac14c7532ac793a916a4e2e0432e4e7462859d975fa6279375d1fa493912f9d3a13ea8f63151906b6c8ed83fe66742764f9b7cc4b685735efa812c955ec67e1326502f8a817ecb9a7eee581c1b46de30b20cb62666137f1725f8b02d13a168ea23b9b93eaa3104ab1ed3587046adb085ce313005dd021e7f95e6d2cb32d3516005a847a37541ead145b8f9d9905ad1b09128fe714fd3930185ffbef495fa51f1b75a3138b31cb3dbe14b3aec8508424c252ea072e1f0371c8a4b1462e150bfdca4338c5eee004b73bd271c7ab31577f952cb348ca379be72f8b9563ad4be261c069187c33397b9cfc4040b6136deeb620cb9d5ca46496b49e80014a7def8e9442fc5970ae2e234f36fad2727a24df45d72c6d474b88eec8d558d894c2ed33c028e4200da2531526d0d1572e38ec20e6b7b4e10c39d820db997d906519d27da2189ea4a07d0c2e4012ea38e58a1ba151ee3bab220efa5aea7a1449ee7c8a4d5886b8d88468a8a2ff01a86287198aa8d568498046a9f86f7e13951cbc92c07b4703cd5bf3a3dd8a514f18be634b334c8e376527b27cdbf5c0af85b53b5f0c683e5e04defe13c8c259968c69e37578bd6703ac7ce0bec469acb0b0b6a6eac74bba1c72b0cadc5aecc925fca141ba471ff3d64532f1a24f985e7e3db73ae52e5cd878be4cab8639058b11a0870138733b7ba8904f72457686ecd3ba0a434782c6de72da52f81f8a369ddbae032b5a0c7d3e9ddf391ae2dfdc8b87e8022a08fc51d0afb612d721e31900d9df2d0b2494382b1438d336041573342697777c99870a6dd2c878cc7a38c2e99068e757305e977c808050db260f9017d77c08c1eb1f215c133bb1dece8735ec54c8424d2060729481df914e7fcb22da5c214cf5184928e3e853d8e45cc2ff254700181b2307e7df41bb9aa75bfb127af961e11350b3147ef4395dd0ca69959caf940676f0cdef745f2a6645604ab934b8218e3b1e8c075fa29f3f6684ce0f1a99e638bb11c6d0a79d2f730e9afe42e5279329546ff05d204d5ac06945c0fdadba0dda503f934966ea08a661a9c0691eeb0c90d160dd9356f14ba4dba411b445008769d393cca689315de2811722fbff428cf53141650a4782d6a427fae796185ef8b0ae5c5f7ce6fd62ffdc0fbcca498b6f43da5706f5f8952db507707fb16f74674e8ae9873e2a3970241d3010ed616991b36546bff2d979d9f0ff0a495ec711a9ef82e5ca64f9898182fd66bc500a442c5d053a54219a78a1ed34a294f1f3abb45085e1392fdf98ca5f12bc7c9e98a2d86631eda0a9ff7ee55c17b48a3b246532466b2ff20402b99f5b6bca25530fb0f88383003e25762c38afceed0249bbdd1ba8a8c5c76170a923e5e85ff34d22b0b6a3ca7b8d0dd374f92317eb254f91fde6f67487bb7f9485750d3c453a81ad326f493a5da8d1a86ac906b92a6b1900ab54ef06491e4497026e2c62a00ebd65f5b72d539ade86c3fce127bedc04ec21fce3ceb0796158e08db4c747779246155516", 0x1000}, {&(0x7f0000002240)="b938f5a5490e85161548dce913707b4e92829e89e4a0fb7ef76c852a7faa960cb066b1048c6843a767adc80f6dbd0d71c4fd90b9b2f3d3dee6d5e5b013d4f77e379b14b09c58a4e07fbd2aea7138819a737f36d34cd8f14a15c9188a2330e90deca702a71196d94a7f662e008a2f968f841d2980cfc1822644a112a16df3318a514f183d6b7d2af30011a8d8f346a3e373d2a655be862e9a10dda6dc2a11c1f1edaa4ac3810741ab5e189523c8d1c6d2636c4e8f0ea07e12fd9f49f2defa47279b3973cee345d7a5dbd7314239e63a074d1d31d3d00e6704e3a0d222", 0xdc}, {&(0x7f0000002340)="92507ee73642d5b031af29574b2d", 0xe}], 0x5, &(0x7f0000002400)=[{0x30, 0x3a, 0x7, "e913b425383da0d681a63a4d1e0c087540002330677229261f23fd4baab7"}, {0x100, 0x107, 0xffffffff, "74e92dc0450c323c6d0c93533e62b339970ee70d8066a366f054059eff727b0b80675edaeebb75ff33de61c23157fb1d9876af786861abc849992d4c8f88906b146489544971fc843e7fd9ae1a704b17e072cc2ec7e937e0d0c0b3ef7656825e960370cecbcc840cb2bb90efd9fcef4ad899c068e4e7440a55d435f981f8050e4a4842f228c38b03895a2caff3fa20cc42142294c4be49f7bb6d89f9be677b63eb34eb2654084d22047b394a29392c9ef313294f10fcf9ea8829c5bde7782cc34969829ffc694e9f7deecbe256d5f4c0270b1b2a35a47ed2d90deef8eecc273efb1e1686dae70cafe7"}, {0x80, 0x13f, 0x2, "6d6ac41bfbcf8aed0405d4225f80df88d8802ef09e78ece215906053c99732243ae7ee1ce976357935a5e98452c562d323b51860cb5c99342ea55181018b544a11f79eea90f0c2e185348e7da987b25d0aa99a210b2ef5f90484d240dd81aebd2a6fbacad7fc1c6cdb0fd62e9700f03d"}], 0x1b0}, 0x9}, {{&(0x7f00000025c0)=@nfc={0x27, 0x0, 0x0, 0x7}, 0x80, &(0x7f0000003900)=[{&(0x7f0000002640)="c70db794f4773be19721333d3d8ca48eac8b15bcdfa1227454aafbde432478f7469d20894384a5e3bbf56e4c99a95fc3716f6bd57a8844dc5e915443100da1c27c7069a15a4ad31908efb0390d47f47ba7ff8cd3437f3e83a9135cd693bd13f5a1deb5ca523976cd0abe9598d88756a2c6f4f2c15c339339ea611f2f3f1fba64ad56a77112382ca25afb6b0ab8c332a31918e6137f6f86ae2eb8c6c1107c20e35f97790158a30d6aa468f862086e6679870c6156eee17297e6533badc6c102ae84b18320c50ab3ed0e8b3c7a0eb2dd702d42dc027b0b7f1823b94990057d4a8e421168d16e036f0a037a5b7679958755f6dc7d33dd", 0xf5}, {&(0x7f0000002740)="7523e5ff23b1d5481e88c1e0692e307aaaed5ac5f42dee0722139c3f24608b9f6beb6aa539c2ca23675aa58607f78295408272e51624f439ab3613760ca11ba8548ac13bd1a65c1b54614968c5c561dd9cc7753b871b6376f876f161a668951c5bfb1874c511d14fa756f287f410c253a63dd71a208a78817e9b", 0x7a}, {&(0x7f00000027c0)="b625aab930139ee5fa8bd2db101e2ceefa27a66339711b2929a8e42a6a3d1f9ed6829525faf8d5585740206efc6ebb07409791c958ed6a40e2552dd157864628979e2b802b43df6fb855612521cc5a775ae98edf70b88337e934731bee759e1b9494a0f114605fd98f926548ae71cca0f3f7622db31a9d5a9caf6fc929ff85bae539e840a864e0c93ef85b78abf4ddff39df09a81a756601ae0620591627ac7059f11100df7cd86f7ce04c12ccaebe4a525584a4f0beab82ba71884ed7156f5e0413ee705058a07c161532b66c974eca1fb9659f993774dd3b6322abddcf5a00c9c0d5cf0110d9e0f5102a83af0ae6d8e14a2c3d8f385500699f7ddabd12d229178516fea21c1a3f9882bf1e9f25e1a1eb9ae0a0287cad4845befd4147e599b433d68637b77c8229caec2455930b976972ef8a85d533051c4dd2e71ffbd0b23b46c440a4262f812754d8f70c8622d97f9e65a8ea16c41c66c65a1b5517e3288d0a93d3effea0f7a2f14ee2c9c26088d74837ef9c5d1e18220b32ac7e2fc1f13c27a2251af3752b197a800e07422b5828c84fde50380b6c4e30b88067d902e3bf71d0c65ce4c83c28035d8bd1dd37ecb72447009d3c598b8a4cec0d8feecf29c9ca6b793eee81c329cd49b399b6a88472cd0e1768ccc7d236046b0b0e34a075959e992e8884985b26b38482ab6dbd388830446ac32ac70507cffd333e1fee2e466481b518a8357117cb8d07d87f441acaabacc5997087323f34d12ef532153182bd93ef6a62634e54a461125e8aafaa5e1511734dadf3049e8c40e49a46f4b200fe8e4b859d4af816ed9c7a3d1283c4c3fe996a7e7b414f0ca0d55792aaa3698fa4491fd8feb4aa16f298362b7343d122b5b1f70d611ac9214bd6784c07e2fe5e59dd5cea9432766f622ca1a8edebc931d3b86c7e085db50e6ea852668d8954efc6f3d00994187b24a491dda13433793da800b0371467ff255d777979467c53804cc53814fd9c331b1cb134bc00bb701dc02c982c588bdb60d83c12dd983b6369abb54fc0ccac90112e5fe4b70311a0af75a74249feeb9a092dd3de99d21a2e927a42444940023681e71b1000ecde39819ce926a6d654b72c8853dbdeeeeea21ede9a1c16f11104495466889b8d81df503b223388a2d6408ab8c70df02ee5af741febe1755e87d4faafb7c493a42ccc944a2bccdbbdf34b62b66b763850e5acdb4815970d9a9681e88e5ff4f6b78b44542985e94755acfcefd5efda7d110cf805f93be9af8ae443930e6f2b0b589f4b714de363321d9a4ec3424a4b9d789f260ff5135d92ad898509e666b5d9896608f2556edee6cdb07e417fbfe7f5855cc184d17cf0aed70c0af1733f403cdacf539bb73b61953316bf3f4ec830637ef1f797bfe6478ca284a456e0e7435508f1632bb98a0688cb39fbc1caaec7bdbae6d111803b0426123a149d67b8a4bbd1bfd152d97bdf81a3cc8d836ef5aafecf16a703ec152714279a7d84753ced918773616f2df502e8ddc44708b55f75bc3c02167de96aabb721fdfdf30e3b737aad666ddfb889af0b3c638ea3f8e2f5e382d3733115004375102f0a16efbe44f57c6aaf58880eae0794cdd6b5babd54270be80e01e818ef4caaa300a151e84e652dbc6b0e176d8996a28e82d0d4f20a72ff0a9f4aff9969007c16b13c60bd875e203c6225a96092d9d4fc9525de3df85f7cf2f6ad3c7446dc9a78c770dab5eb5a39577f7735c88951c9a12d55c8eb8b481ed92dac791326f6c8aa86226bef711d4e4723ca4f2b644fea579213fe324ed1de5ce12a1f89939aa0475d9f52a750fbf1332379123073198e115f7114e032eb38243f1d171190dd1dd7e7aa35a2b1abb93f33682f8542809f03fa56c1881a86cdeadc0d257db5cf956ed67668991779cedcb18c252cb4a9a3bb072ac6edd44694dbf8e821fcd3ef0e73e476bf08e3e2c1bb540f1a3ba61acac85b9369ca9d33e41f898df2a524a01899162a1c4359e1a8eb394a241ba09223ea2db8695ed87c4adc308af9f8e2e71d768931879886af9fcc9eea75cc7426f3c77868a8d6f6d843cd18ab3a406d2c6f55e52484d334b0eac1471f3226bb9b8997689c60b433fc67325c78b21f7714360c353cc5f4f6e3e8694a7b90dc464491176ec96cb78de9bc755719ddacbe11d96f607879b30bd738e74f3698fe6f614b1f89dc5f399dd558b3b8f4f602de4b259802d3b0551c0cba8bc0f75979a7c3f3dc1635726506309db0d6f24e7711e4044459da3d04dd2277301695972b058008902fa0243057d15f9fee31c82952c6e3b7596ee26ba8a505662ed263017e77bb9bf7526b6a06b2f869be41254150ceb4484dd1d0575c24a6458fb682f48d026560a2cc8a920095e3bf6822b5cfd3c18f20de3cf4dcd986e3b8bce914a8041f4aac1981147d7c088212fdb3eab9428456fede6826edcc7343f325a1b9e94802fa450b9fe2d9fa3f99f9c22f372272663f8939b985ae1a60b9d34073e53bb519a2b9dc092ecf66f6ee87b34914f9ddc25b4253ce86f415ae261f9b00796f85920e6e943fb6721387ca2e948cabdfdb0ada129063924a94d62cd72aeebd7f53a8ec53edcabe3c9e3ae5e738390b7f706f6d7aff8125e3825578c07a261eb2c6fb3c9657570d8cd6bc7f585a351f2bc6a6c866308247752c4805831900613b42e0d843296e4f1456e0ca458346e3f4de9b4ea3452cf51d15bff12bd1eec668c1efd1af9e0e59eadd290f8353b43437c423713bd60b65a10bce71954b8e4f6979767d964ba529c8226e61dca1dde6e79812922f22d989f75f3ec3d72217ef91d30c4db1924732c321b192cc801846de89619b117028e23bbaa32bd243e74bd8b495506c42a2175d2b643cea5d396cc722d3902ceb64a2b57e06c28c7229168820d18ad3aafca57ccc587c3fcad641e79cf5e8f4931813eb23fe48114dc7b2677b64a242aff018c547fc08894fdc0d34938ab4218fb2beb52086a42f62c81651c30186dc436b38b2cd3fcbcfd958d3dcc4a06b9d0fd10b18640ea3cf8ff3338e8c11c651438fbce54b84fcbd780f0240866879da16d9c36c20106c8a3cdcc08bb7d27864d8b891fc4db370c81e2065d74dc6332a89dc13370d545a2519eae039b8cdb4a1dbfb3bbc736b6e60c613b7a2305d2ed6052d10d26e28d490ae05df645e54ae89828d438faa57a7821848593f5f88549a83629f8fe7c7f62283030dd4e0eec13eddfbbae2d09e6293f5f8b71e9a44b52fa8377ff0e30f1cf8d372e270e76d7faaadffe11fbd0118bf405ce2580d76cf683cd0ea72f00f4ca1e084bf89e9963bf49375f10e2bbcf70b4185ea24cdbaeedbfb349f322500cf49fd3518c34e3643912bbe8225ab0e0e587977c2f4141e44daaac95f4e61f35f67d053c8596ed30fffddc6431ea02e3c385b3ad30f99662356b4d6da51bc785b26ab358f56e872bb67a5d51662a606f8a4c4485b30fb254c77e6fd9c1452c673ebef3cd32cd38a5d8b829768e9f38cadb55b3815a6e08034e4232270670578ee8860284efa8308a05744544267b3386d57d792f9be00adf7f4b677ab594f9c837970deb01b2f3137f3a8dd4c7cb8f64b49d6b73bd1f752299749439dc6b14234ad224461309417da00d4d100a25e45ecbed6ba5a7b827a9ca28336f7405d81d83bd730eeb6655a2861b06f940b2382dccdb9266249ea85a8ac1c76b1acb1568f3af38c5d9fb91d27317e1392ca9662eb2c8269fd3b96de622ef5cd73012b6e9b80818f00e3c59ef2eed750462ba7dd32293d113a654f57c7a218f0b1671ce94089000ea14e733ba9d346cc9b214dc401ab03b86923e09d934b1a648a37e94b355b6ddb9a1f32820190e31fb069541e954d43c21898cc3e276c5c8db0ccf7975c3ca88fc6a2b8a6d27874e008bbec023566986269d562fce3b73008c063781fc3a933971eb0907911cfad4874f90cc065a199d5b6fee1625cc1cfbc1459d1121c6434b7f1f49fabf305928400103120a2fac1dae6928ec2eddf2ee5a46eca32d69ac3b61eb9cf31041e30c6c6a2980503f083306f4e3fb9f5acc34ffe7cd21aa460d0c7fa4338acc385a7d758814b13ea8432aaaaf7e36f4dcf68fe0376dab35bbe9f65d9e4a81688102ed7ed3102442ddbdd64e70d5a95062ebfc1c2363bf37f12aefc9a24fc8a4b5b1809fedc2313f5820eea326e096116a408e5ffc1221c0efee01c7bb85a242fbf099c893646f7a4aed330cfae3e765cac5a426d115db38565a00c1b876bdb3e0432a0ac50fb34cfb8777b9e6009dcfc864e4e31c4334728e09c28b951481e63898d476a676971c487f28fc819d6ddf1f8cd495cc7bf7fab54dd6c018a883eeede5837a608e67ec8779c4a5ed275d38f172803ec058820a8032310d4699a2f193234704c57a7388aad2dbc741f66c625ba96db1f163e1b7f73cf344b9f7f76ac9e8910cbb6731d647b170c98f29562430dc8449d0ac47fc10cc994db3f0fbd7021a168a062bcc6713278f9e05c5e45b90c4626184ab2da7f050bcb1b4c6882f7b69e54cce6b918c03839104685aaa43767d1c9b6af32b34ee80e6c89ec8c309295b79ab095230d499068de571296bd53258d7d9db5a4e178253ed313954c306433fca16e14ef8fdcc276db716ade337e56f5e407c93a3bbdcfc619ca119bb2af4353e96f7e8935f32c99054b9aeedc6a7ded187e53b39fcc31638caffa9bd76ed4177eb3b0e554cdef16f504cec8afab4a6c08049d9f42bb700663ec1678474c03f730bed807bd8640668ce537667ee64a3af4d4c4766be1be454b6c05987796d2020bd42cd6a3bc184985322c02db387c5a9e699dc98f8298330900389d8867d691c855cf2a677a83e6af266902fd9d9e0745d66b95926134e897b2b08d6263e9d30dc8b050b5ca03357b1a5a065e2fba059cd09f005e7891ff34547e316e2ade3f2a4a01c31c378093b9646c5bdafffa93bb118a497fcce8f641c300291fcd82fc7aae9ffad2bc568a26e16d2a535f24f4bed7aa086ea18bbf11006df5298f9660f4c02bdd2fbeccbaf987d373b257b82852ab919b9734d44815bea5be1e9b731a774ec54b574d9f61333aed70f883c817859010646aba6efb327c70aa07b4ddea1859ffd26ffb33eca5c3f6f375cd9a5228f4f220309e22681fde2d56c9077492a45c3d353bf3d44d0d6543e3896f631c5fd293ab81f799854a0fbb6bf0ba91b400a64f1c91061ee291db760b2d9f8fd97eceddefd26a9d93bb19c1991c2fd10f549c7ea31f408ef15cb61876b31dfac4f32307cbcf299938801a99d0b3fcb9cad15343bd65da909d9826e9e1757bf223dd340f80852800156ef8732accfca162331ecd50bbb144e1d79e2145e22b14a814c4607979d7c722a5734af02109fe78c1a491c2c8a7db9b0697aa122c91605f16a4f2de2b18cc3843e6140305470f52d9e8cf9fe4289cb2a0285462124328f1b82cf3a6c47c8b7375c8871ed52b7f69859a7f9f412d31496d9d5ba4285daac1f2e1943b903fc14cb7b65ea9a2b82184c1a77d27135d3728b4b9cc09c047f48c11f80fdc026c5660fc07001a515e87e2d010b8e879710e8f8a19d86b163a269ab89e4691d8020d81cfa854bd583197bf9856d69b7613d02979f27f40806669c6e31813e985dd85da5e614e900c861f05981ffaab88e8721f6bad1d75092f5657346e1dd23ffd0d9a9ed0c472484c0cbb78ac5f76fa080fb03bd8fb70c86a03e7399fb460b1f09adc93872c84a8cbfe2171c41516447d0d433c", 0x1000}, {&(0x7f00000037c0)="1fdc0f9a4860a5ef3b59a70ff085c8183c0bd18baa18670f16acac869db041ee0300dacb6463314e6bcd1edd75a0517430943fa29f5827c5621b07b154e2f3da7ef9203e412fa2ed41cced4349db928533bebd9f821ebec3f95cf9bbd48a2911005ae1732f5342145ce7a64de65a78eba434626cdbd644662aa2ce899bea77f89e19750d72e07423a3e76c400cfac3df20f4253ff3b870b58d0befb244c59bca8bf283c0b48b7607", 0xa8}, {&(0x7f0000003880)="ef08a6494947f4f90e23214e4edc5a2b923fa144d80070a37fd82ccb7ca3216dbd2f26190d309ae357fe838baed95de09f7515dcf112d8268b8a569c31e0989bcacafd72179f997a5783b743d4a140e1f692acfddfa1a390f1457990e43fdeb58e5dd6d02ca4d8a7e1ed8c1e0acacbf73f35da663e932f2faec0b998", 0x7c}], 0x5, &(0x7f0000008b00)=ANY=[@ANYBLOB="78000000000000000a010000040000000eea32b4ed00b0aef67b97e634a0443d536700d2a19d2a3dac249ed215e47c72e2e3d2f26a941d68f3daf4edbf17941dd44375fde9dcc6953da1e98e2f5810adba5bfef2273df89a46753bbd8a2ecd251a99ce7c09e3b615435122084c241e82fba7000000000000000100003dcab6182087f400f54f58a669a36e3e83ac76456731b3896471c130a9d5b076bda50086b7334f93f84522ff09913c800a0632fe51bb32fa28993fbb95378752738f901544edb1b1f8d607922f4856349cf544156bb1e7dfb047cad23423aa98bfe161f11245b0c214bc493df27d08605e7097a1c9b2261a3f58e13c0a66c1a829103f2418ccb1fd213b7a4cda5cfb30db500a5e5d08d7659610fa4caf8aa0eaa85b1f3093f547c8fdf37a80a378ee8b9cae9e9366dd9a8c427da71c8e009e65ae187c16161eaa6e7aac9e46f2f1f316bb4388c22dc43b2c5878a20c29cbe81fc8ecab841395884c32ede3d7912f32dbe28b73b7afb76a131a83b0c310ccb25a90c3bf1edf64027b10c17e1f0500000017ee7cb8ff1cc12972fe1623f9976d8d7a012b455c8070cf15a7da7de7dfe9cfc51678ee422a20fed0241cc0c57f380db04ab3701b5a5a8e1baa8cf478aa15de6a3e6075e699767ccd8c753f6289a56aba6389daeb4064"], 0x178}, 0x4}, {{0x0, 0x0, &(0x7f00000050c0)=[{&(0x7f0000003b00)="c094df24eb686a2645fd8646455cc32b49dfc2813e177ab470ecd2a9fa693836df4bee5dee0a2c3193b56f996520a698aa460f710abea88b22c0553ef3a85be04b9928f48abc561211385aafad94c55404b3b82b59f2bdf399e7b2246e95285466faa26ea09a2476e3955e27a76a4c4a5868", 0x72}, {&(0x7f0000003b80)="a0cabb069284e67616847fbfe67e23ddb859e19dba3c7b0a418055dbbbc73a3a6e2c4755887c743f522e5fdbb938bbe976dbabedeb5f87b02b75fff751102b901192fa6691203df2450f53f17234a7bf901eee7b87be319090ab27a86155f4d439cc517ccbeaca99d4044761938cf9bb7b6232dee0a059fa96df828598bc2a57a3cb43c9f1c2369141c544d37a4e0ea35151a7cdfb50315cc1d6c44461310a62978d08f85ae102b8273f961db473dfe931f16fa22f0367c7cfadad33c828b5f32cac", 0xc2}, {&(0x7f0000003c80)="0d7f471f7ba58bd283070b5134e448adee22630e412a5d547dde0ace0e781a5d5c7831a93cb7d4b9048c5c33cf259284247dda86b6b04967f0f1c64603c8e521180b9eecd17dfee2cd9d6df34a9f6c0f24c167811db67d10a1b1de0652999d32f2c3ce7dd0106b20a978eb324434d984d0d3a9db4773743e6a1f9a99bea67e220f091f6f0dd6f00a96c1eea5cedb37580f289e50b6a7f5bb255ac1ffe9002b85ee80dab9a1ea4bc02e07f2f575469d5728e6fa74240fa6be9b635f518b5c7f8d6b40", 0xc2}, {&(0x7f0000003d80)="ffb2198d03f3549745c46c6ab1c22def64d73958e89ae6cff9c35cfbef970ad952db5b7fdc78dc442b4eea4bd418746ac8584b78af0b41aa947bccfaec8690bc5832475eb101261a8fed50f1405a593e09f3e9c6dfdd1b39fb9535cc5b92288002be3c79684674f45376a0a4a1d4f5d48596963b42a4d7e84012652e1fe713bc95fc37c4defcf378967d54bb7d2b44847cc40d53d75c167e6c5fc24d1769c3616850a5052b6d341863d1f7e19f5893d1d5c4234b026aa926de1b8ca83e69d230ad6d17ad0bb9bf10a13bdc49b6736bb9653e1cb65862b861d46ebc3f853f22d0758d73df03131be086bb6701f8c15a0f7da613fa68751e3dcacf19cb673828d3ffc9de7a85da3afc7948df151b6cb9a2e950c2451e15854efdd6e4a95df6d181e1d70be11879b9d54a80828e8c7f423282b4304f5415442dc1f739b5e4a91dbbcb5be544332a6e7488751b25f583661241f0ef72b654cd69e381b0878381209e128341f76a312ec206f6e567281c68edc563ef47dbffd37cedad57a35dc8148bf23a0a76247396468a6f16ccf6ee94c1f05e24ecb80aa80937598ad3029da7ea104e47155e2990fbc6194de5b125abedbfbdcd840ffa7bad33c12d6f1348954aa68ec8b0a7363acfb863400983c51f8379145e097452bd87f5c253e7e7a245e9b8470bba244bac57cee4927da6065dd94d862e24bd0966b47db9ad2bcf75926b7a9d4f8be69bba52164ea0ed75437f9c483e33fe141e98e17a9b57e8348a798f93f4e68433c4e3618656e50c48aeac78779cfc66a21862b900d06e026846202d7e43e237424a8a8bcb181f1faf59cd2d628af749a385b6caf316e05c69997565c45a7ef3650aec132d4feb6149b17084754cdc29915100278663f2d4fe33f6bbc820e3ccbfb844ffcbd8f92cbcd132dde43db2ba82661d2ac2576a025387aaedf337bdd6eedf2438f6884acb2e5cdcb0ddf91527f27a628c90fce5a877d9a6adabfb3635cb83eece23d466cf44081d1ae13dc90a547f1e7ae11e925ff09682b57fb1d93c0567ca5404497ed1132c27c2adc59be3163aca19b69031aae76968c629f38b5a91f122ca85759b4c846247672f9ee852f690c2986ea3f7de5648742d0a5feb3fb7d32f391c57e40e5ca044deceb0aa3fe6eb25b7d043956b4c6a7e2206ea7bff79bdf8e97567d166c3c3569ed3913e4bad6087545ae5e38757d82dcdf640047c23de822f13d22cfbc8223b5eb587a09d08ea59e9e912f948581a33525b812df4a34b264ba808f17e544165796ff97037e104e605f6058dddd5d98dfe38c982e6e4f0dba69fde7c6085b999ecdde2a9732abb4908b9a70fce4c4ffaee341ef18058213c688275630ec5e0c76c109b4312359fffdb7c7b77c39758940f55ecb3ee7eebc5a9eaf7ea884e84577213a49d9247ad7101ad8f1d806ebb163710f5dbf90da73590330475e3d092572783f7789b540d9f558bb3e4ae9519adedf5f84e9088315f7afbaeac7ba376cbed4268686091755b24fc703fccb0a289fc26da6ace8b9343f49b63c03c72a943cca8340e3908e07276a22292a0dc552fd03b231d24e667b39ea3fad259cbd775750b2a3e199bbcbffdca6abb608642b2cf529c0bd361eb4bdf3fcf1e41f60593aaef57e7cf0c0505271b160a5ac5756ee4bc5231b2816c8fb11d16243d37a306ef882f13266c9bbbcebd803ae6f9fb1f5d475cd50e7d16ce7658a408587fbdd36f3a114883d15948c3cb754a6141bc9c8f8cf46702ca799ecbb475a73395ca36784d07a636559b15870055fa3d0ff9714baad07a8b716ce56789f85a4cdc4b6bf331251dcd746f33c68d19adedbc76400223ba2c431e43dbc229f28228b7b3338e2abf02a30fa7ab40988e0e9c11252b4b9e1ba46ec85bc95f6e7a4152f8d86437c2c1be810955acfa84cd0da8a6db6f6cbf348fa02a2aaaf8eb3d6f160324bc5f6f237613b4a80022419bd928a13f057fd5f769f6eccaf6dc54af791801cb20807ffddcf2bf87a31b22d53b6bac74279a956a57618d05ee7a8fed7dcd1e1b134275fa9dde1308c1ea96019d7c166470fd308cac3604eecbcea1e97b03083559d5e5e7f9def9d600b88951ed6073b3102ff06706ebcef8a4f0cbbdf49ea2a7350c89fd2b4906b17f95d041527c0d23c86e42cfee8b263042b5657db580f7a9e64f2e5343a547ba749f0f99c6a79bd639a01122a575efb0d8b63bf02773cd84e2509d66cc62e21e1f583da1b51a814bc2897adeae808ed550963883165d2169983eef3cadec1b395d76ef8bfbb00d0e10742c9ebacb293fe6dffffab0dd3afd03f36337cfe3adca8036abd0eb042fb011b257beb4fe441323fcd0ed167d9f6c2d47e73e57fa6b48eef24d937b2aba8ac7465beacb6885037b3f7ee311ae14ef41d0cea4a35f41007c919c228e5a234dec4e65921f8346c7a765e4685a68548bda7c276fa547f3c4eb95395d4a0245bb04ac71f0bb5ac945b64088a793e366075dff87d83713f1d31fc007d617b914118bf15ebab0adb596629cabf47e8a201412519e55f65a26e2ffff35a063af7b17072dac0362c1bc1631cc4318f146656f4673b159a577cf3774a42b8652692f6a136f44056997dc80e9d3cde5d44be4b7c310902114031ca45d51eb32c1265793b4420f6ac81f5801a1e66f49d8d7fb7901419a4a6b2e3a5d0573f9ace76d547aff26ad907bee27898caa282ef9a3b8633f3c715a61c4a6f054bc8adf8a28a3cab7cc638cac1f5634a75c6d8fe673021fc18a07196bd5be32feff0d8c8bb789845c00055e44ce8aebf867ce0b39917edfad5b72dca6d42c47e9e801be91fca8590ab07490659212e9a14045b2754bcd663c84aa4ee27be16d60d815c31340588da1f369de39c418e04eafae85a435d4275301ecfb99c3b67780f99e497195ee911143de4a8cfb48f1b0a0e9b1a36ce5d5ecec15a6e25b98bccfba1e307964fa759e37dbb745736f74283f611f25f51064769d6d704e70485c16b9141f61e16ead2605e07eac3b335e5ac3cea1b3b8d03de3e296531010d9cda0b08035f173ae3519136440bf5bdf13134164201fb5f137cb9d8d7af35d0c46e1ca4bdd487bee7aedba1b1fdbf099f7868c3fa13dac923b09a7091178c858b3ab97e8683ff4821393ee28c2e49514a512fdfabe6ac6b48c77c038d442f2990b21a438ba1069429091041926dbebe85044bad6183b3069d6a0f2eecb8bd1db00dceed4c0dc30d695ac976e76b6687f5daddfbb2771272f995e70970d3e7bc49571ead13ce0c783c075b9930b7fe08b5ddc6562f9b2c620c80d38b284927fbf3487e9fd33b3e927e9825edcd100aba04efd5762b214df6c5874250f12ca36478f34301679d939069c56d4571d1e0406abf8c2ae93aa82f681ffc55bd6d9d21d325e8f6332502fcfd76b90e6f814cc270a99e4c8717c56e2f5a9cb6d09b78f9253b73fc7b6894e1f05a710a2f611d0def519aeaf1f292d33b28b7ddb2f23f795f64872bf00c8943f477e1812d130d1cafa9a1ae0c0403b6e83542e3894f11ff219190ba9e12cbf41b4b32551b3c3697c26b54ad2315dc8cc81cc035f7bea81dc3c0cce996040dffb21a2047e9bebe105825d497dba34de4f981fb4b0da4b749b7d5cba6b47dffbac8b9a63cedbdcc967bdfd40f60acd5ea6301be8953ae0ac277446de23f4f55b1f2b7981c91817a4686074cc9c737f804f636e2cacbf4ce2190127131b75f26c6c0d4bde0449d7e317953ee2b6baafad60599d43cff1e1d47b86a4970b2029981307c4dd10e7d122c4ced34841079e3504bcc38036c854ac88f6c4b81441d676cb812c8482b27d2603bb93195fedab9ab395a31481f0675a2cf4af2ece110197db59b86bfc876b5656f0ba171373b998d1232a146c22e2099e6aaa1a50d234ef718796b86ef8efd132065b7d2bc8971ef60d5240a04411cfaf5ef000271bac4c43ba3be7233a6c847863c94c70d60cd31b04c8ac15f7644494b11a46b2bdafb6f1e3864877956f5f1aad7a5679d60d9387244bd33810ce76d4886135fa07730fef3835350e7026c8fc6b2e1cf65f245e31c01e674d55e9f2a5454e498d78a35515fcfbdca26328cb3fc6e1e23a8d9d2106cb7de2ec42c59b7888800f1f9681326dd613314e4fd16c3258eb0690bee64a6120407661a26791564bb8d17bf4f1c51f861a9f523674f4fb864e266a292042cf3fa73c964ce9c5b637ebaa923826b1360a6afb329ff56d0525b65dc17893f718da1f1342d5598889b4801d4963a2896f3cb3100d80ee0913384e728bcd2817e41a5204c225878225e9452334b517b6239e1df437b215efc5c90da0205148dffecf3716174631027bc1d5894d396a4c1a991ddb7d45c92e3e2eccfa07f3f81d3a4611bfdd68b5617933b82438a5954e483a499d86fb7a4b9c89d2336658d04091bb3c94b0f9f10205093ac77c363f1f80d4c49d033937ef75038ecb03c257f2ed35b0abb6eed8c3499c814d2a198849ada02e4bbec80b2c5975c87719ecf5286289bea86b2ffbf9e178360ffa85190575daa20a8e7847cff1cb185444fb7540298db3c75f9f198ef62299699b5c968d4f1a1eab856e2f005bf41aa16441e5870bd34d3aec147470f4aabcc27deb11a7ffdcb82ffb14f81e575cfcc125e899a64532bde9d9612d77ffd8f063b46244f499109fd5b63f4c8a3db902a510df4fcb4cc7b39fe59e0c41e374f7dcb222e82339b73b349e829d87f235d9e8fc06d13c7044ae89fd604f6898e9491ccd3be26aa5d1ff80b8cd3ae767d5b0e4eccfc38c5b9b7be9e197ca29a98c8afa4e13a414facca35fce1d7e6a65ce55ab9e89095a244980da94677ecba08f494188b37949d6747e2841254df270c3f3fa2337ad0f6df973665c8d3edfb4baaac37e8dfce46097becd1892f7f7640f942c6f1fe44bc69442f05f786bec154014a6cce8518a3d246a562a876b5955d705d4f6387e9c58cdfc0aee4a09a888db043937e674535e1e049c89bd80a6c9e0b14c81643573c73f5319d262a54e690f2e78b516aeb82d60d210204e5629fd4dfe5a8cd4a51334404d3622a00503c2296395dd369186d5b6c2e53fda0b12679ad2b955461900fe58ca7d0af80b273c7253224c9e9041792455bb09ec6963a0e75cd4eaf552c784f8d5c2a5404f5fd1adf8e49a0486e72a798fb29bf78690f3b62daa4b97f3a3e332e3bba6001ff92c3b58a3e409d624f44124fe1f5d96bcfa6c8a503481d1b390e7345b90f687c72529e72b9fb885f64ab796fa62d6d8da6987ee111b4fcd8ea09d2c6fc70a94fc019fd71163ae3f641f8b31462a9667e0efa30c186824da3ec0eed02144024ab4f6d6242fee7f812b3c8719bbd2f977631d51531e262d0ed6dc1cc770cb84b6621f00efacd29b69ab4d6a49e2921932971a826372742a56d746e12732af3add4c4b97b79ab72362f52d52ecd3a451a060f7ddcbc8d7c3be9d5a22f1aef9b34bffbc245d50a466ed19ddb688c591021662843933780ae545d674370d2e1d3763683b914b10372eeaecd823cd8c02f2cb8d18d35208c4eacfd2aedd187551a8396a04ea93dfcc34bb2d5a1e66813d4487122f052354aab6464668a2ca225e6fc52ea64389578c17ec76848f67ed28cbddee9cd60ed4fb6244e191c6a078922c008167f3823d24bf63c75a44fcfa8c4575facb564b769b6d0863aea065c5aea862076f39e595cce26db0b33e16124692f5bb78e9d147669b8eef25b0ee754811d92b1dc714d2ab23116f6e9beadf", 0x1000}, {&(0x7f0000004d80)="1b71b42d5fcbb7e6303f905ba95afd0647d72f28305ac5b593fcb03751b91a943224506baed235bfbbc22a5cda1eadf9293cfc1702ae4b161cbb5ebf7a6c7a5a15e06d70deb4d9d9b55831d05a2837517f72b2b2e98eb99e733646472e7d736061b639ebd8e5dd411e2c2559ef2c07f58eb67c692f3f5570a48970c3", 0x7c}, {&(0x7f0000004e00)="baa004d6a3e825e634b985259b7079496cc48482286ff33af7bf6bbd5ed40ec7d266160218734ddfdf706e5a520d2d782aaf9b95baa8d881496f5a21783c6f19bdf338959eced4186346f93effa3faac3fa13523fa2f7f7191fca4d29e", 0x5d}, {&(0x7f0000004e80)="655d73f9891a179d95fd98e79aa708ce591ae460157100ec92d9a6bbaa504c20ec43b30bd92f2178b1b20c9a0ab2ea97bf7dbb49c5900d0b1c06bb70d68540c1def5ebe4", 0x44}, {&(0x7f0000004f00)="35047581ccd17b5404ce8a094880592d5460fb42dbe52fd49511177a8f1a3d30bc22f33982cf8aff22dc7a15cf1943791e84271fa21362735ace6c02d6252614e590e4545d78f6695ac0acf86ed4a2fb47d26e7119", 0x55}, {&(0x7f0000004f80)="cc67ed6b814440f3fdf3cac77a1ebd0b9c5d77c46127484e13ff126f0eeb2d738facf0feb8fa335539106bf778ec7b0b71300df7611250a137cbb7943ce65400f9", 0x41}, {&(0x7f0000005000)="ee9d7f92a754f84d7397cae5a883c1decb746a028f45bd645fc03de882be6ea75978a4e5c6b8fa9f6ff4fdf4e9730ba0fd51163103131a8d00d4c372e6bdf6f0f23411d345cd239f47333c7d4da154363648feef84400cf6099597f760928bd406bf61fe166fcaa62036842da2c94d2fd0791473c2e6b7b498df180d49bf4774da90e6", 0x83}], 0xa, &(0x7f0000005180)=[{0x58, 0x117, 0x100000001, "2c908e2362d24d7b3e4e2e422fe5fa604ec3b77a4c6e607aa1a69b2b0780ecca798c958caf3211fd8de4fd641ca6d8ba029499cdf316ac3bf6a3e98284f38b0a19"}, {0x50, 0x105, 0x2, "e53540db2128c858433f681364c50f1fa2b1a189ecf3ad46b13ea76aee6cd2e747e339f72de256f7dcee2c125bf687bcc0ec1dddd4034cde6810cae827"}, {0x48, 0x116, 0x8, "48cbe300d03a86544743f0cfc96cdedc8523b7fd4302c4c74f890db9709ef510748274df0e023b9d95588cab9b0d931db427451884a355"}, {0x68, 0x0, 0x3, "ca394af5ad8f443601c8afce363fd39013139c45a659c892ff3d47b9ea91b209c07f9f4e3fe7e76763a4a78a4b91d38895ea4156819d4d2ef1743ab8bf833e12f4382b99d54d6a0df8f997f4d33df116660a"}, {0x70, 0x11, 0x74, "b5f040fb5966070336df87962d7dbe49fb38b645707efdc8abbd52703304c0b5b0adfd5231f911f4ad14e0c70dff78baf9a54fe8fb56a2dc6d333112f5c7d8b66e7dd702a42a3410c4ae18cb551b85353fff51c711d5ec6edfc3e3f2"}, {0x70, 0x88, 0x7, "87cdd68484170eeabfca02ae514ab8d9ce2e44ca334445fbeb031ea6ef487c9ca4784e74f5d447eb1f0911d6c0c809bf5a340efb41e01846292a2db5e716019bdce2694cd9fc1fa65e4007ac5b102f990b32951103a5a92128"}], 0x238}, 0x8}, {{&(0x7f00000053c0)=@ipx={0x4, 0x80000001, 0x4, "234e7f7311b1", 0xfffffffffffffffc}, 0x80, &(0x7f0000005600)=[{&(0x7f0000005440)="ac35317592ffebef8228aa82b6ae077e1eea41c031cdadfc99cd005655d25360e00d2a6a112d2ef88c9f5d04f9301e9ca7f493387f154df627fc71bd64b4063fbe6176c1ab3e766ceb320094ca21f7dc3e8c7694cb5f70eb630f093ce4731a4869076347c503560fd9cd3dfc47c480e70a6c8e535d450d5192153072c25def4294ea9404eb98a9d567cd75c3f7b81bf376f89a4e11053c36c1fd442b9beb2b76a9", 0xa1}, {&(0x7f0000005500)="e29209da52e7f69d74ef115336fabb430e66bb47dc1c2a251737f42cb8a5f8ec6d900482fea0046407ff3101c67e1265c40a0a966195a159f9913ef526f42f6a45b9", 0x42}, {&(0x7f0000005580)="9679ea9451f98baf42b0c693076193c5ab59aa37c42d0849982d8d764d4e63fceaff31e92e3d8bc9f14db619e8392cc96cfdaf9fcd01d2b769dfee4f7504afc4489b37952862", 0x46}], 0x3, &(0x7f0000005640)=[{0x1010, 0x88, 0x0, "4796ab3adf1c4643d220667db09ace86bd4f373c9b2a00b7f85ef96c67e125eabf180834eb1469264be1356c69e5fa03dd79d68981529d9463d3f441c69c64b1fa58fdb4c0e263d39657942595e8c093eebcbe96a587046992cd9755fc469ad23678a7651846a8f1ac43bf1a1dfdcffcbce594917b5ea5e49a1e50c53aec48afce53e36ce956da24f054d315d3123238b05a573646f4c97ae45a4c53e8753da53175e1c700151f05df3c498e22a44c556b5ca7e288ad00c25eae10ed2f9e42817c093b4041084ce7281408fc36dab0cb63bb0d85f51108f2629c718e2f7c4314295f9e16538d64cd302065c1364c6fcb3db64c281201517512846178a958e6700e539bb4ed1af70e956b07165dce6f6c27642a715e2d9bba5584ee0adc0530aa21dc25d8e8d15c754af74ae9ef908ba8a16d1f8653d5562a57198f320536e65159afcd366a8e7c08a69002edce65f969aa2b779a5cb4769c53aca48a4d91597df7a2c2fe5507fec515d04303412e462f9c586f84a4a5bc3cbc0bb3aa7d2c070be130ffdcfa82c1eca99d755f9f072944f793d4cb7656e52d82366225a8e942a4fb0d4999ca3089ce667d0322bab6eb009de991d53df8b06e17e5797f501fe977f057881e8c16a642a5f0b7ea3f1695e0f66b1a8f763bc390f58fd04fd95304d6e39ab03a3e9b0af460f2a1f48dd081a81b2891a0dcd29fc9923a2afc23cbeec9c5cff4414f0631bbbbcc6ebabf3fd2d105604c266430cabda29ccd9bdb09281aa3ec9133baf65b2931a2d35207c6046294501ab1a1da1f128e323176b35c8d3b476e6ff23ebdb54579cc1d3ef74ed21de7821134aae7e14dcc81503023a2bd41ff556556b6a2f848bdba2955241b1716cc2edf5e2855bef6240e3dabe466190547a48c5a980dcb081ef2781c907830e485b7ba812e981724c09edf3cfb03b9239df54794adda2a7b85165cf70d687c3160b9a4ee21cf9a1b9bfdd3006855882179444faa1be5e95cb1d6ff967d201ba65c85e8037c32fa4161f5b6f2d688c66434d9d803e55160b3e4c8a5a4620c8bb4303ad1f62e0715ef4ead45896aca75b21efdef91b5fbd77f06dbc94ca16f2159266db27def50c98f6acbb99d5902c14eda40a08d2eb017f3d2aa9903758cd48cd6b1718745c3e9bdc6a23102ce4bdb2ec232666e3f05a84f32f4f467c22328cbf1949682f39032c7cadb45c797ddbfe1718237ff4fa1f676b9d497aeff930ee5a529c7c483525d4dcdacc5065a55c639f3f207c72f84cb09ed6ef72c3b700fba73672bdf30ef372221ad247e5277c9899453ed240faba0beb5c28bada1f46c644f1490a34924777d2829a0a98967e674d422b7faf61f94afebdf01152eaf84247ae9c8f44fd822a66764817cc2842bfdd65c61e3863e1fa4ded65555fa00ccbdf708a44f5aca7fe2e946ed4d8da5b086c279d39c27b7d67c6c52cf004055cb129cafd22d896669ee647f5b1a6c8ae711b1af8b3f9395926e8022b5f9b4efe2b8baf5d017c9f1400d83a2f972567962b72686ebaf224fb849af6797bfd350f4f75753d34340decf3a8a5df01733b0edee9ae6d5e688254ced933996050669aec441bda99b30195f9813866f72b727adb2d1375c81bade7c8ef0a0fecdcd5fb85a890da4a9a14e97593b1fe5aa89c9ab5728e3596a9ce535b1ef3fec1bcc2594b10ca687980cf1f96d3f06f3af505f366bbab46a4746416d3538517ec5c5a07db3a2b380df4fb515b9bd288be67c48b4ccc9064461011ae04099e08112f5f369b1b490dd907c9d63df42be125059b42469b33f9c5229844604f9463efbb60ad611406768f46bc1d3727940523856c8774457ec59ee1373c21bc56316d83a8830439699b208718ed6f36437158c817a54179292f8b56829a525d628465b7ee22e92f1f87d1ab7383e06f7f5f10189480312f446e5893f185ed51653aa9187540a135b4c64c53651b5b6b84dd7f008c8b88905e14bd74c480d3142ac8ae4ff8cb4846343bfa244a49c423121a3cd18a88d7a8df07ce3ae4a9ec94d3087a8ceb1949debbf654dfacfadff8d350684f98b06053443a5d73a0268b241d6b4f2425e45db948178ee99a48e3ae1fd58d91a8bda71a6aa7bb0641abe0328b555c7568b022833f4e67451393d01eebd5ed489bf7cfd04a2b5ed3c1d5b18a2cd6cb445c518737d43e3e577a1026e2d99efc7629c7eaa34f7615e130070be517a5581e8daedf12d20e0a9c6351a2a8046e0d85d668506a0f87d38469032b5cab98c0f8c4e384b1f37e15280e70c8f6bc476d4002f69f00cc594a4d28db4ab59c7f63157545ba0c2c7746fefa907c255716d161b6e66bcc3e78bf75bc9c035d96e468be0ea80727ed5f915c98c5590d43b1fe15e6143da0a4ff3e2f1fced4ba9c8e0761d0ca0e4ce6034bcc27e8428273e47ba59bba02e83c0a5ed7246bd4039243b0ceea85047c3dddfd5f0999a7c39b1496c1af0101613f10233cd16327edadfca2538d2e5647f4a531dfefb74fa220d60df9002e22a0b8d5e835986eb2c40dad92bf91d7088a38c3ac1df358a9a1e967dbc147b30d227e88a2926e4d63ac0ac5fb467e050215eb4d7b11329b92ee7dd61d2c99ca7b6f87181e2c3a676b30a0158d6ccc61739967e89f9d6a9707474dd0ae5c4b0b7eb8bbb8a0bd7c6ec05d5a9bf2cdfd740a95875b9ff66a5ff2eecac004cf9cf99b38c1cb587e3b1c4cc266b49a79e4bb2fc5675effd8631bd246deefac80634011204778b623e6fb22cb81a979ec48df435d3876aaa1a3003e5419aca6abf211f942bb4e973d420549a7bd1cfcf0f64cffb7be786dc3f28fc768e101543d5a63155290fb52b1efdcbdc28c49548f8ce74745ad29447d7695963a07eade3cdc64d7355fb2d02679cc5c22aaab62e9125a0cdea70da595206867962465ed2b7ff23a5cc496374c347e8cc70d388bf1b5957c553a0d624cdb51eb7381885793f4251f6ccd9653bccd22ce2e43da5b85dccc5dbaadee6d31c01a8647068d5e29548c41cdc4b6bc51731c21342e19150abdc23352e6ea101add934199fc57022c95d8275a0b9d4cdffd66451a9422ee827e7c1c6d36dc57bbdfddc44130744a60d235153f5d3ae368db8e787def9fe87163e80214ae6ca0b494bfe1df02fef97ce2d7e00fa672c3c38cfdb5dac37cc22bf1ac1e15b9f23d91cdbe3aa0ce9e8ea3e752092e306dfe1a5005ed5e4d49bf52e5618af2b22247eb8738e9f1848a6f4aa3ca97fc44db48544c5b5022c81f4cbef6dab1cd389b8f081ebc4ec0072640fe93153238e905e4d9f0f47bf9d9d534d7b0747e782ab1f540e5ec3227dba3fa3af2c706ab756d4a43a0034f997033dbe4c25a6d0401ff6633740cc4ff0451c35ba40f7d06809613f5a072ee93e4a94ceff06d168a8160d4bfba1cbe0a9bf9da6ccdcaf4b1eb998c8e58314f5c6fe79d803197fe02a786be8f6b9054c2f0a14f885ce9db938554f892233b0e6456cdd106d255de8d17ecd84e0fe2d5c65e8dfc237ce2a0bddd4f2a1d23550d4c7b05bce6f0fd6d676b46692e238fdc70aac83c6f158cd4dfd1127068be0a80a1555908636f0727608d30365136225cbc4df9da12930691d27b68463ed6a9f47baafe76a819e717c062ef8cfb548aaf69df7ebb3ec0f02d6d0bdfc8c10d58640becf417473b92dce0b156c9e759c85d6cfb2e029f3ac5d70f637d73d52d93bece61202377124a0ca3d4b9eab0d9364d47845e60b849a99fccc6e225d00fc02f7f9a673ad5b5a0ee1414262b346e08090309d1d4bce23ab9eb10b8bd192e36d3cb3327fb8ff23a102ecf5dd667d043b4c0d4c78b91b54104bb98fb437ba239ce989d4c271c44aaa48971e286c8aca97214f1b4e7259314139343d43e4b6a3116f3df7388b9e5b04597a7ed59f7b074ff09938d2252cf184778f4a8166694689a7093895abadb21fa1bbc28de4036725bb115afc9eaa8744674ab60a911efbea03c5c266b3e0a951b303f1c2ceaeec889076a947b597ff9f6ce3336b309e91a6572d6919abceadf05e76f3971868f47f9229a6ba7fea944b10d5eaf6129ed3726aaa6ba70f7f0c5c88931ab68fb1e07853358c07ac741ba36417f1d1e370c29691566c10d67930b66c85845ea349c5e902695eb65ddfae7e9d71a09002c38ea01e2e84eb9852150a2d4ad1609a2f5606eaf7f3d52fe56f8e5959c0991866b1fed34f4b0ac5dfc125506baff3eb7787738c2ea60a7db2bb1b1251f95e8273b8b4d66be3e94e782b99e95041883e868283bb2fdb9d05674da723121246bb238ffc16ef1311d63fabd1aeeffb3278206e92b9b11d311a7a4a6c57f60b4caf17b44d6a28ef6a6ac3077015e5183bea904b574feca5849e820bb52e87f5939404ffc04f40d177b6c56dd515204ac54d689c58b004b12f0b039cfbed6f9efa22f911fe95e8ba2cf0705c0b53e3d9500974c39e3649480dd13fe829833f187ea3fa502733021cf7884be597aa9310c1872c1bb834884220fde57c07862a81116f79cf05a7d2abd32a160c7d89b2dd3e059e486470d00fadde45b0860165210fb2736b43edfdfa2b47538539cca4f86ba7acca86761936568f5f78bdf1bf8e0df3e87a7e6d33a25365d8c09d5c55b4ada563f449e474892eb87124c94bf5dc131b22f4bf37edae949c2809509318f079c4bf5edc0a6267cd2c2a4ff78b3da332ed9cbc581c8d738ff564249204761e77d67aafd59c857661c49b0541a45329fdf18da2bb9446253023fa86642fad5c950e9b54f05a8813f7a4a849e4655fa1b12f94f24361e9995ddcbe223db6b0fc82fe891ecd0fefe559d778b4c3550aee6b6e045fc663f8b0fbed7b919b2d7501e62c9082e09ddc4ad28e88ea517bddfe406018d272e69ea2edeeabd5da7d7ac19a7a63f8622f4e8c2bbdbe621c5374a8efdcd911b20fdb781e2deba239191c1bb1c092ecbe797a05a79f62f7ea51bd75dcdc69425bdce32a0cd0bf15e543751e3156b8d17de8cce9003214565d0efce5b67033031377685f2281cd7c51131d5576437228deb62bc3dd790bb762aa53b208e075be322b556d2cadee50a0633a308eaa740f4987c298f041b17f36e4fdd5a1eb8f2e8541806fc4daef35ef92e6db688373115dea70e32a9771a1a97742f317b89d976adf6e99e9364f7af8d360921ad29d27acf57f1ab3d7272a7a34c1fcac99b2d689f5ff5a4f1ddee8caa96e45d8fbba5caeb3087d4f7df830bf23230895eb2c50d2216f540198fb5e0071c6a34ba9fc70837797ceaef08ba6c34a1b74e3948b628e4aea7b7c9b19c9b5002dc5b264a07747fc57e8495e16142678319abfab11ba20c196718ef285f9a17e617ffd08f82277e41e0327f14cc79c10c5878eab26be7950939f13173f92e00fec3bea55b89873e387163e6732537db7352c08eaaeb615dcb0560a31ff458307a3bf59b5abfb344b61acfd8c25ac415ff148247725f37d7c2a16fdc9024edc8c98aa7a04e0d912facaaf2836feb981e46ef9f78a7733494a99048053a0c235c267bcb7d71679a1cd463bc6148547053677937fb68ff6433a690f1018fbb92ff15339d3264987730f6b611eea22208d1dd36b37669d76f1f5d839a049045d606d80b81631401cab5a3466f8a9e2dfc4601377d2df9c40d26d10f4aa6c13c85d74469e726db358727d2f4352f450dd1fbfee9834b7c366db40ac53d6c4efb2429b7918c74f2df157fc0c69ff16ddd7757f7ca2df15db6b0815870bf1d2c7274516d25f01f1a389eec7dcbe5cd1795be555"}, {0x20, 0x103, 0xffffffff, "6b6d9ad2e6ec9ad76d"}, {0xb0, 0x3b, 0x80000000, "c2f706d817756e7cbda10befb77e239fdd48a2db49652a49121f5f5dd9714f1aae08f3517b59ec31f6b250cc9f3ae53c69b356e9740e777d8c0a036c8974709c2d9549a5f73b73e9b46426aa4067063df4c5d87d06d25a51c297329d2cc6f4246254cec9f47f2f3b0e2011b273f83befab78fb6061d902d112ebadd4a3619870b4c8abfb19f41d9d4823dab324f22d4a700748365287c3ccd2978dfd"}], 0x10e0}, 0xfffffffffffffffe}, {{&(0x7f0000006800)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x2, 0x1, 0x0, 0x4, {0xa, 0x4e21, 0x79975f01, @mcast1, 0x200}}}, 0x80, &(0x7f0000006a80)=[{&(0x7f0000006880)="54f72ec50170497b66ca67f8c07a8794e46eebf61a9c5fc9843e1cb43f0ccec59cc2f26fe9794288a4ff6f49145ca4d3477bd7d8919854634a300702cb42d0eb1fc93399cb18a87cd18e0a1048cd264729ca9407a338ff0e60a6859b888b7d62e74355a71ccf23531174be36d640f9043b66c894a3a7663ac7a2f6216df0c567dec145fa65595571d4216f3c5f186f872d6a784255ba31238f28102ab872e3d9664a829f6198dbc88bc67f5058441981acb74cb8d2f76983516a375af93c2e31640468f21d5f45d52c561c551eba4044104b5b472d4ab6e3da393d5cb3f5a8e81d58ccf2958ea20f45d6ffb8fffd23a7e4c6b0031c944daa53bbee4bab", 0xfd}, {&(0x7f0000006980)="1e17ef14", 0x4}, {&(0x7f00000069c0)}, {&(0x7f0000006a00)="cb5db7fce1c0efacf43b2e00872652dc49e49b9f8f63ffed8472020c6f26f0c954ee1440fe724e8a89cf2e454bbbe38a5527252c200a3fefca337ed5c15eceb7cbdae8b8dda8584e5915f1c185d16669cf878fe4901d4e01e1097520f5a11a505e04be2769c605c38dbbd265e142b36e4e3085f1ef01f78ce12281d49e198b94", 0x80}], 0x4, &(0x7f0000006ac0)=[{0x70, 0x0, 0x20, "7541aae4adfb4605d1d362b3b53e6f964939687730f566a9b2e45054f9b35a73fa29f345457da76d5076accbe80e058a9504dd3096e9e7a62cc56641f4ee71318301f97ded8f6e09ef0c654f65cb92d9bd8d5e2f8afe66af3153aa53b661603a"}, {0xf8, 0xff, 0x3, "323788827dc62bc5db49f3133f3c357738fbad1024dd60a3e1e56f6cbbf081c0037346482ffbfc049b176cace87c15c2e18d67a8fe89e8b1622adfa408cc52a42263cc2889bce6ea409c6f9166e45cb9a6ef02d9822eff8eb256ff6c7bb632a087145a853b3dec9bce6290011779748c39f7fca6d5ea79df36059d108ced0588f732763414ed864222b8638c2ac5367dce6573bad537e84a93960c73d7957942f161026c1a5fb8ee7f51f2b1d3426fcf65db05ecb54dd03ccfd4f103ad574eed078c6d241d066ce8b960ca863e81e2d3180a4f734e48cd2d8b254b205b50c56872bfcb9b"}, {0xa8, 0x1ff, 0x9, "ee2202ceb816a26dd7cdf9b4f30cec9129ec011c934eb4c4b9cf1f30ea0980ec011795fd35422f4171a13adf2a190d55fa0ab7bf360329ad0000cd1b4aa190fe12d63541f8cb6254d0996d8ed422f54a0dcfbfb01a29ddc8b0b11854268061763410a1d98c48bdb36a0273a8bb431045763a7f5a0f0efc4e3ba6de94c2425b0c628fc8e4b2fd30907a786110acf90915fcdb43342519dd"}, {0xe8, 0x107, 0x7, "10974add8fad3504254802e3487c3406a0156d7fc5517fedc89c0752c3f1ebc521be06e0d741f19070b16f5126e15668209ad393186c735d117ac25ed20660bada36e9e6bc7540796fb53b8b241168d4616ebc2cf57ad50e8d9fc631af81aad586fcd7ec54dc63e770d61c04f9792d385b6b46e80b081789b14a09ecbf46052416f462d8cc5b310945cbfcd3178577961c732ecb2b17e89e67a0201f087e877d0cb03d249298b6ef0d336bb06c23d8d064937182c9c80302ec18e28a845684ab12b520c661ff2f94e34fdca9fd27a1f9eb"}, {0xe0, 0x117, 0x6, "68eda6191b65c97cc9ecd0fba952db0a725609662be0515ee5aca53c5aef7854f893fead3d6d13ca22aa61a35ef3deefea7866bb12ad07db437309eeab154adc66777cc2b8f615dafa7b831f74dcf68d8e01dd8794834f07f750b67eca68ae1526105b369e2538e4200571fb5444f0f673c08ca2dc939a761081abbd48d529f6615cfab267f87b30038bf31700efa1334b0e3a9855d8ef89bf974c334d4bdb08b9464a6908305c4996635704913eb72e0ac6b3eedd76bee8164e3e0522501b6f226053a42241be4e277cdc"}, {0x60, 0x84, 0x100000000, "09d382a9352a575bee75475b45db9f1caa13f0a196fdb6df25ce1cad4285c7a504d48a1acf4fc5ce595c96ff3f36f6212dfbe1fa9c22c06688632162f75dd85269f329c9ec9d17f3f36c"}, {0xa8, 0x11f, 0x1000, "d25b7af784733f651e8808949ef5c48fae767c9766585a21dcb1fb1dc8041128362162b4371e529af091a66c46817f9872c9188f7662b72b23ec9e6ac33f15f31e41010e1ca5ac7643919d3a267029234586d0054bb8717296629ac7d57740818279bbb30842652537d45b575bb8c7cab128bde5bc9c02e910af6a04dcc374b60ac0687e539c8a346a808e25c75c7a5d56c7"}], 0x4e0}, 0x7}, {{&(0x7f0000006fc0)=@llc={0x1a, 0x31f, 0x6c1, 0x401, 0x4e, 0xd047, @random="2b4848bfcce5"}, 0x80, &(0x7f0000007200)=[{&(0x7f0000007040)="297dd030bc23141bc1a270e20d965baa25ed5912c99803c3e18691e2a8e0040e1676fb8cdfb9f9d182a36090e15691d219a6757cb7b8322badb895c423b074747f1ef9f0c2673fcad42e7167071773f3603e7ebe788fb2ecee31c048c7f5cd61e644cefdf931cab48f4191a9a356bc86bda5662c3eaf230707cb", 0x7a}, {&(0x7f00000070c0)="d1290c7e8e62c055c19ff5ec0b8f24dcffa34a4102b49d2d3332e54f271fe8ee581b91ddb071bc04a1ed", 0x2a}, {&(0x7f0000007100)="d06603be68dea663b0178130f22593d1c31345464d903cc0e47a280615ac6f4a104ac10d5d21bf3d6dfc08141083e4543d9b7c3d9cac8e0e703fbc148b59910ca32a78ad9422c6d1f6f6fc18def1dc7c192e39de9cd2a22f9c19730cbc8600edd6abc810afcf3812941e6ec145653631c4d136b2b89c687315d5ef1aaa2a2f9eeffaa682514e18e9f8a5c10a1155bff8ebbcd6bdf5", 0x95}, {&(0x7f00000071c0)="961612b56f12517cd54306a978197854a913bf112c0e2331c471a63e0e95205c1f785a9b5018745253234025ce", 0x2d}], 0x4, &(0x7f0000007240)=[{0x60, 0x119, 0x9, "16d6e2fee03271591d72517a5219756a60ade82f82a36f20351ccfb924692c71adade493424006926213aacb983eaa49fb9aea75e396eed8a8de665525b6fc30c0f7a92bae5f26fc22e1"}, {0x1010, 0x105, 0x100, "bb2a1431511bc054dc5f478491e861b282d9195b3c55c6d3fe16057124cf8ff2b878c8939cf631dbfed404efdb8d9ca81eb9fd9b8ddf6629dda3e3799617e6a6dadc8b10238a22412c5635762cb36feae61d7da34175b34f05ebc6970a1d3d12605a0a82824bdd0338f0599a85769ade37670b85b5a6e75f517703dbb332499e425afd2edf3691f7155f23a29649846537d42cedb09413d20702e834827a6fe9105e5e329e0634fb044433e495c6664d52e468cc62098c2c6c67b51786a7ed10d6a57d280baf3a8d11215caea19d60e29c5b998d52db9379c521d7f480bec50af2c596b9cafef211f1674b5c2765ecd2daa81be56647a6d317b42fe854c6533ad105a2c734e39627b729f02f9f321209c45b1f003de1409d537fa9898746868ee6b4bf69835b3eb52c1aa8e221968c9494a61073296c5d349a66b2ab538ca51ed810df916d51f2ab702b341f397a920eacef88fa5b33d5e44e8a77f4b499b078fef7a061f77e112f8da29754a67a5df927ebb39c8f267555b0cc13206b7c6c96f71658e801cfd5203eee4aa60a4f4cbdaafee1fe1cb6e25a07c42f5cb42b68f3277d39621f75654985c09e51a7984f5f04bb888ed18e00da7e56924bce8e6b2857633927c44dc662e9611531451cbe00c545b7cea4e0f240378a3bd5024ab020f4c96abdbe174c3ab7d4b6f8509f361fa542de0b0b1d223336c086153694fdd7692367c3e2b15e7cb61695615aade3c68b4c57bb3d9e444310e6ab949fc0672ed97e7f892daf8fed81e7c1e98f19a89a38b14dfd13cc56d89fa2fd3ed1fa3e6afbeacbc670592d55ddc51512d24fae87b8977a67dc6a37f190213d0472ee7d4d38c121da151c88b143950e09dd154b33511853dcb7be5210469213bc24366d1671f07f4f93c002732ab5bcefae08258b50f5b1e6c767f9b3c42167e0bef0f52699350f04883ef70fb03d3a5b1023154f10a5217ad8d2c56b344b57a96fe5aab0b90f3e0ad9ae9239cbd8f018c2686da28f62e8efceabad17daed3cc8648ebb005bc373960536d707a05a2cd21f87b0e8f421b61a51d2e9543ca0083972c089477e04757d113f19267769a41cdc9de150bbd1efcacd6eddcae46b2e1b0947beb96b0974626b772c55646d954c3100a2048a730bd164c128540f58db42a754239a60cf6b18fc06dd483febff25a4becc181316d0320e162d44090dae6ad9258a808c5a5fae4a7292ef1b8051dd3784f742a857c25fbb56b9db31ec1f954f64a432e71081d637f6737f2aee753552b1ca02bc8263a9bcf0f49cdadc60107b5426fd9b2f861e37b91369def841a15a50ffa21622306a385e2345992831eff4c09c1446b00718f9ea01520dcca0fe24ccded19b6dabcd314f044306def95c952fff65b8e84aeabea3cbeb0624944717b04c65ff3cc1904ce791dfcccfb7e1fd877ad8652e83d590b71c6e14dbf1b0d1c21f8d020692460b111a987c0ab573ab47c539b3f5f8b31793d1c72cf99d7338c74884fe23d719435db863e09f429897e22097cdf430c9e9b1fbdf29c5502be1dd74c9dd3eda76361e391308c50136baa295353b7adab2e36c92e45b9f6e0817bceb16cde3169c4d8eb6a2d6c615f09d9fb3d1c027e0ef0e4a443ac2f2d6afaef8fedce4350e95a38ece1321272d4730901bc5ec8848d303e945d262f0ef326029dbdf95169763896faba38a1cfdb38fd79e376438fc4687c00f66dba7310f0440f3ed2d998dbfd74cfa48e52189c43491e250c11bbd3e8d33c32ef8c2cda764baba4f5a6acf1152b7578f0d6d0553380dd7e69b0f414ace44f6421c072bc80412d68a7d86a95ca8552250b96c8460957b72d89d40116cf59d4ae5706d2277dc18ea559b9ce4c65ec5abacb569c10202f3c8a34772badd501a6558be0c72621f48ca15b8840f819cd205377f32fec3eb6b24f2cd53bbecb64f45b17dade2ddd39bf250062b44a721c137764f89ba7850d676571f4246811379e41a106b1347f13fa33e44cbf945b0369f53939d347d03d2925eac4f4e0a9c81d60efe214dd105fda92edcbcba57e9312e4fe0105ac858eaaa6839f4c4e2d61c5ec624dbf935388719468f2697b89c409c4053fa3d8173a873dbfeae70c4b54acb24365b57db76ff939fd225c5792f82d09d0b59d348fc8bb7567fe18806cb652136884e0f5fa337b0ed08cc7a7aa8f289906a4ef62088a0271d3b859fa346a9a8301d5a6aa82d744d0e45490e43bbf9e050c36ac9b8a6db7ea23de686a36a2ab0b1d149b0d9b24e59c8e0090307c4e1fa312876ed6fe9992030443c5aa039b841191371e2d0850af927f95f99c7fdd0e8c2bb32208d2499d5a545ffde5c3af2886370ecfcf33f985a757af65b89dfcbddc4ba5304ab2a11d770337495e2f6ac15c819e4c9165b789b709d86c68429d695dfd4005707739b32e5a9b66f9ec47c1589ef4e1972854300774c509012708cbf358d3acc96d4ec58da6e7016a502e17b5e3329aaec79728557110d441453835eed4c64a2876c91c580281bf8c8637555328efa8c3372d86a4d6c164412767709ab5286029e37416f14250512013bb85865389c5dfa607c8e54b7c84476ef41f18e52a71e9f3a0fc50f2a02879b767e27d91391122e72612bd80d0cf8d85bc1babe1fd69ce9e78a34f5d72153d24bbb231639533ef282c0249eb7ed9802f55c09fb8698d2784bf8e396680acc8e6448b5592fdeaafda60fee70412ac53d21e59f3ecc31eefee7083ba1e834d4aca444249bd12cb523f3f4278ff443f631b5fbe495fb18a7b582806b69c359727dd46f87138cb6dd2aa365eb3910ee5d905ffbf36412a9c66948fc9b20b992d1a48b55a7cfa1a081bdd6772a9da568b5c6dca2340efc68a6aebe0cd031a75f17e1962a925c0e9936a88416c0a13de372e2f992c53542e9c3e41e1d40a44131f81a2ed53e2e874bbb3a265188fe3bbdbdaf42d7f9ab5f751dd1a3d4578d03288df9c1ba6528e9a982959eceaf9734ef7bb71e461c3232e7da0eba29b7aab99613c33e7cf8430c2e36402198773dc1519cfcc4d44c8e642f73c793a9de5f235690dfab9e8d2755f140ffed990628df764d8788459879c3f89650d824b22c57c8cd3068d29770877d0ba14c40d01baaeb3b988e9e764c11bf9c9fbd14256bcb4fe32fe9f715f706dee82dc07ba764c95c20704dbc314345ad4302c4780b3138ef4a9883e85f63510f9d0601a2711517151cb06f681a6222a54babcfade85e113b4bab72f26a4df3c67f01265a7c6eb76de441b72b09665c65a1a943b7fb6957ac81375f0f1bb4845b5b49281f958cf4d24369a7ed0acb6854e290267f2bf66f5162c090bd362dd40a619743282b699a483ce07d1fa7b28c8c31ef26644ed7b32db7df2c7478aa2dbe1a4de7257623c1fea88a3b47274aca0fcc6d8290ac9d42d352d7b51c39842ac22ad44322fe952867cd7f209d2ddfce74907b0eb2a8302a6712c406b01eac0ad52708b204fdbf394fa028f12291b6462467f32b8135a73dfebd8754b1b5afa04fb21e5fe1b3dc596351d98cf3f29c8fd8563425a3120f6f95eb84b803166021efaaea11b3e84d5bfe2d6c7e22262b95400d840e3d445a4aebc1c1f59404eb8fd7c83fa0f73cdda1086d01a7568766669a7c018191c33fc72aeab8b03f3e951c3a90440f2ff10b58b53de13252732e5d4bc4a445c33f4e1fc676cfbf4ebcac6cea12b807511cd15f24173f62c5cc33957bb820a3145ad2c8b229d20b0f7cb54cc335b605e6058bba2610b171f1a9bb93f1a3396a27c9b855ba19d7607975af968649f3bf0a8fe75a008294aeaec899f94893cda89baf02bdb5618e3a86c6178951092f49be4add1fa61f310b22e35193e5e4e13269aeb6554d13dfa4e9669de47d65888ba3bff6f8d9fa815ca14019df141645c83d41d733e943fd77191a478dd0d743cd2bccf286bd1d74ca517cd959b740830fc3df4015292e953f1593aea9a0e15ac5df58ef45868450606be116ab2b768654c562072c843857f8bd4e8e444ec73c7d29f68c9ce79a3875e2828443603c54bc1b612afba34dc0c991b5c53efb52c647b6d956643c76e637d9b0df51b895e266efb02e0caad08a31cd13bff9157dde7b1f821140acf3e0fe1475d91bed6c796e01505c383b5d6fc08da52e17ef3acb59ffb4be8b9824c0c56b45de0378167072ea01fe39bdc01352e5db9ca35be0d6f6d404494afa96deaee23952a3ba402f939795fd0bd7864ba583cd1010ae32cb06a98d70b5fed84e26cc3430adb1eae719384001ca4bb0af9e96256bdb09e85a67c6d36a3f0069639aa5f8e8bb1e4be6f5765cf75a98812324e9fe87af81c0f3870c82198fb65120b8d0cbdad311930ddcfa8695ed030dd802151b82665d49d66807a2bb6b7d5dc44aea59de679a82ede090386522886c533b8b43a374ed4b4e07a568bd28280fcbe3efbd4a054b8061038b11234126fd6b7b3cc53fb71af736d9a2cd51377aab78e1b83379597516ff703f5f493c2b65a41f3daa9213ab317ca85f0ca811751c8fc234bb0379dc947f8f984ed3840167e30e8217b1c816301ec28ebc602251fc22d81e1871185b7c83eb50a7cdfb73cca1ee2a988516d971461698234f241b89f73d4f3f6102b3e89df3d061e22bced538c89c7bcab6f6a4a9f1a8209b014ce05f5e662f1eb46fd791f517c89020a08ea3ea60bc8139c54d95a440547c9d79c98c46073b916d9363f25c36c3d867a295f50a1f6eb057389a1eb09bf17f6fe8846979422ffb967da21114aaded5a5af7ad5dd6432e7ae3ede5018ac83be223ffc36a5b8649d5bb4705a11e7e57de657be4fe1779d67ebe6a645405c7b56a9c5765dd75c52706b2ea04bfc3baaf9d56fd1a435304677c721b2942866ccfb30d763da87a2c1edf350ffee970a89084b5f36e62177f9f9ffcba2db3668efb30ffbe89fbdbf61686a5ef8970e72bdc90bf3db2defebdd1286953af7a36d62e87aef54cbb66304b3738252df4767f55b8b818b4a84e27d56503c7f419da78fed7b4f8e9aa40d7a7f42cd671694f2a65958c25f32443a02d37a9446cd66fa60128bb77f3d8623b3603c7af5e12c3a3d5f5423c56e1013184b409f5f6a9beaa678d63ff1bcc23e4f1b614220b357f19dbbcb1f9822ff9fad0b057fd70ad8e8141dd50e12157ad64cee05fa25d4c775a3dd57a4632120a340141e1ba7f766940074333778761fad5271787ff48340c7f2685ab69e7873f3deb8cdb40508539ef7167633341b8e8f0ead124a0f922461ccee849c2b9e66ca4535da3e9e0793ffc7b2305b2a1ad5dec2fe457f2ca667478b31d90c6763db83ff18836294d139dbc3f443b76bbde6236437879d94ab3702b69e13df94740860f6185ea5fffb3e541007d0a8114d7f40e6f733e5bb0edaec7a14eee2339d1dbbbf429573eb29a55153c9aa55e438515cac1b2ff618311e0dc75c8658586d671ea9c939adc10c7a4f8a627bdd1b02bd50751aff283d523bfdcdd146ab78b9583d09061205ec115c778c9e08ab7ef6892fbe617adc10cd22a17934be64b2fd76365886b3528fca141bf141572030a9285b35ada7810e042d296d6717c92d82958e5da9a9129ea41e31466150df2018baa2ef753570c619b231749cc5f108117fc176bcecf09b273ea720ef2e80d3d057cb67a1ea4b98b0ee787dae0aeeab0c927345aee5ecc46d02e29e35f7506a3fc02ef36a4623ad900ce4d49963145ba1ed2d9a2c593a32bd1103fee67676ba1b16ca4de9685e939705c85c5c"}, {0xd8, 0x111, 0x101, "f276c99f8a0fd782f15d7e2429a08d0af99c621a5ebd8683d4232f6f32b06aedbb9e80f5414cda230fd16cd11c4c8b8d08736fab15e406289fe53ba7c6577e69daf9caea4821d5461cc7d3bd4cd3791b800403d0e56168ddc3318c0338f5c1aa76c782b404eb3da1382029979400a834bc05527b45651d8f41bd41a7754c06ecaaefd4a143a70985efc1e5a9beebc9c6f595bbec1181e9021fb868adf4f40d7b9f02c74f49abd80682e7ccaf7bb712c5629de285779391a2f37397df86bc9242fe"}, {0xd0, 0x0, 0x2, "e4e4be2dd96f0434f44bf8ec96c8dd339fe6c11f4b2c012f04fa4bcc972fea31fbdbad7668cc561edef28283a11520e55c00282707652696cd7b8db79121641187777f64f07c283902fb7997773b5d745c97a78b355f44d460565d15294369f88867f7d0451524be551f0821e04f2c6fc78430c24c86cb5d83777cbef553a7e0cc32daab138c44c673ded92b557363d8861653c0bfa3c1d157cc7a3a45a02f20dda7332e0df2c8848fdf3a5c44aa0956caf3d042c1b5ae0b8f"}], 0x1218}}, {{&(0x7f0000008480)=@pppoe={0x18, 0x0, {0x4, @random="e8ef1fc2dd2d", 'veth1_to_team\x00'}}, 0x80, &(0x7f0000008780)=[{&(0x7f0000008500)="226c225af5bdffdf8b4f76c928d004da9d407bfb0dae5dd57db9405263ce46ddd97e8e23dd98c43bca4fa9448708ca977028b256047a1305fa58168d8ed0cc7e8d367b559cd70caf838022141c31e565de33a3a0c03cd5a9afaba8b8c79e11900bfe3ecd200356726cec4dfdeb74bfb8549e147b867c629db3d857365c6c295d7e0bd837f2c901b6fb8c68c6decb39c66c29a9f9ba7170cb319693b4c13102022728bc3c967fdbfb65f7bdb0ed8e55e38c94badfdd834c2818201ab1f5b06c05020d66fdeeb1ad46d0e2fcb0b7e1cbb93f23ecb68a01bd1ac35e8f", 0xdb}, {&(0x7f0000008600)}, {&(0x7f0000008640)="497ad02b157f547b7528e6405bcfca281eb7a498fd4b20058839f8b324086452f19306c7be353c8ab1ea17bf35df58e0253c07bb5d9bc3101752aebfe97b7ba120f47fe74a4f96f6a651d5530c0302e22bfad389fa2805f80cf61f918df4758744caf6fe0dff02c7e002d4795897c11449238dd685da2b67eb2d160829ac8568a582ed4b984358917b5b246fda63742dee", 0x91}, {&(0x7f0000008700)="b1a54ae603cbd3b97eb6befd428bc56108e12d5697bd156436db2e917257d1238892dfe99b7329e62af73af57023f4c652a15afc2d71402a29fe5921051a3fbf3794fce0c2f7e6d8f4f47b7a591048976fa5b13aa0979916e52c953f0409df94", 0x60}], 0x4}, 0x8eb}, {{&(0x7f00000087c0)=@generic={0x9, "4427124cc586e09db34188e66983f10b65acc342fa58a88ce29b28ab9533628e51f300d1bb13a4c6b04c2ac5d06c311d31991411c73ed87fd9a02a38f2b74101fdcae3edbe85ddcddc440030ff2fdc2cf459edc09a211714c1b10e71e0f1f60a1a75972b689cbd1be61b1d44ebb2e51ed0dd3092ccbe985134b92d36a418"}, 0x80, &(0x7f00000088c0)=[{&(0x7f0000008840)="ddb555e70d0349c5e3a18f9ba96dc011d1cebef3b6b73df2bc12614f24ec70998f4752db841527e7b0998f40740edc866d254ce630b569640dc8f3a92f38165f0baf8f5acb8fd66d9910e3319bfb5106a5e639de3cba095860d23a4216aa00e82dbfe35a98ad481a8ed596c4fa0c598a92d7f4053f42aaa1173bfb", 0x7b}], 0x1}, 0x4}], 0x8, 0x44001) io_setup(0x6, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:26 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x8e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:26 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$TIOCCBRK(r0, 0x5428) [ 2036.974677] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2036.995289] CPU: 0 PID: 449 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2037.002265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2037.011622] Call Trace: [ 2037.014228] dump_stack+0x172/0x1f0 [ 2037.017894] dump_header+0x10f/0xb6c [ 2037.021625] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2037.026743] ? ___ratelimit+0x60/0x595 [ 2037.030815] ? do_raw_spin_unlock+0x57/0x270 [ 2037.035249] oom_kill_process.cold+0x10/0x6f5 [ 2037.039768] ? task_will_free_mem+0x139/0x6e0 [ 2037.044291] out_of_memory+0x79a/0x1280 [ 2037.048295] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2037.053411] ? oom_killer_disable+0x280/0x280 [ 2037.057923] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2037.063047] mem_cgroup_out_of_memory+0x99/0xe0 [ 2037.067728] ? memcg_memory_event+0x40/0x40 [ 2037.072066] ? _raw_spin_unlock+0x2d/0x50 [ 2037.076216] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2037.081328] try_charge+0xfec/0x1570 [ 2037.085065] ? find_held_lock+0x35/0x130 [ 2037.089142] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2037.093994] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2037.098841] ? find_held_lock+0x35/0x130 [ 2037.102911] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2037.107768] memcg_kmem_charge_memcg+0x7c/0x130 [ 2037.112451] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2037.116953] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2037.121807] memcg_kmem_charge+0x13b/0x340 [ 2037.126062] __alloc_pages_nodemask+0x437/0x710 [ 2037.130744] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2037.135768] ? ___might_sleep+0x163/0x280 [ 2037.139921] ? copyin+0xb5/0x100 [ 2037.143299] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2037.148852] alloc_pages_current+0x107/0x210 [ 2037.153269] pipe_write+0xa65/0xfb0 [ 2037.156914] __vfs_write+0x613/0x8e0 [ 2037.160639] ? kernel_read+0x120/0x120 [ 2037.164529] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2037.170088] ? rw_verify_area+0x118/0x360 [ 2037.174247] vfs_write+0x20c/0x580 [ 2037.177796] ksys_write+0xea/0x1f0 [ 2037.181365] ? __ia32_sys_read+0xb0/0xb0 [ 2037.185446] ? do_syscall_64+0x26/0x610 [ 2037.189427] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2037.194798] ? do_syscall_64+0x26/0x610 [ 2037.198785] __x64_sys_write+0x73/0xb0 [ 2037.202679] do_syscall_64+0x103/0x610 [ 2037.206578] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2037.211774] RIP: 0033:0x457e39 [ 2037.214975] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2037.233879] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2037.241693] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2037.248967] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2037.256237] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2037.263513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2037.270789] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2037.288162] memory: usage 307200kB, limit 307200kB, failcnt 2578 [ 2037.295300] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2037.315977] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2037.331188] Memory cgroup stats for /syz5: cache:23076KB rss:260316KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283400KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2037.372611] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=442,uid=0 [ 2037.405589] Memory cgroup out of memory: Kill process 442 (syz-executor5) score 1148 or sacrifice child 16:43:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x8f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:27 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x40800, 0x0) connect$bt_sco(r1, &(0x7f0000000280)={0x1f, {0x8d, 0x7fffffff, 0x1, 0x6, 0x0, 0x1}}, 0x8) ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000380)) write$P9_RREMOVE(r1, &(0x7f0000000100)={0x7, 0x7b, 0x1}, 0x7) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x200, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f00000002c0)={0x1, @random="65e33868a901"}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000200)={0xc, 0x0, &(0x7f00000000c0)=[@increfs={0x40046304, 0x2}, @register_looper], 0xad, 0x0, &(0x7f0000000140)="970ef5fc548d743ff3c7ebc780eda612447daa55fb62fa44fec0da0b453db210000ee4d68eec8fa608f36d161fa7eb4887bdf8c1b29d3d85075491e56bf3c3570cfa8fd66f627d2415f422bfc7bb89a9e61b909d2c9ee1a1a63a5aab2736a4dfc74008558987ad7c282a4ca17c7fa19126963343e8b0530e2d3a3c4fc6efd715575c3a34ca0361aac475339891b5e9da32c7ddce2fc50a053ac997f971599e5ce4c408f19069ed2c4c8b81513d"}) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000300)={0x3, r2}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000640)={0x0, @loopback, @remote}, &(0x7f0000000680)=0xc) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000006c0)={'vcan0\x00', r3}) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000340)=0x5) [ 2037.415958] Killed process 449 (syz-executor5) total-vm:72712kB, anon-rss:13716kB, file-rss:35816kB, shmem-rss:0kB [ 2037.451196] oom_reaper: reaped process 449 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:43:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:27 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x11f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:27 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x20b) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x90}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0xfffffffffffffffd, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x42000, 0x0) ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000100)={0x3, 0x6}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:27 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) 16:43:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) [ 2038.189453] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2038.200784] CPU: 0 PID: 527 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2038.207726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2038.217081] Call Trace: [ 2038.219679] dump_stack+0x172/0x1f0 [ 2038.223319] dump_header+0x10f/0xb6c [ 2038.227058] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2038.232170] ? ___ratelimit+0x60/0x595 [ 2038.236068] ? do_raw_spin_unlock+0x57/0x270 [ 2038.240487] oom_kill_process.cold+0x10/0x6f5 [ 2038.244991] ? task_will_free_mem+0x139/0x6e0 [ 2038.249515] out_of_memory+0x79a/0x1280 [ 2038.253500] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2038.258612] ? oom_killer_disable+0x280/0x280 [ 2038.263110] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2038.268226] mem_cgroup_out_of_memory+0x99/0xe0 [ 2038.272904] ? memcg_memory_event+0x40/0x40 [ 2038.277465] ? _raw_spin_unlock+0x2d/0x50 [ 2038.281619] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2038.286726] try_charge+0xfec/0x1570 [ 2038.290452] ? find_held_lock+0x35/0x130 [ 2038.294527] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2038.299397] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2038.304242] ? find_held_lock+0x35/0x130 [ 2038.308309] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2038.313166] memcg_kmem_charge_memcg+0x7c/0x130 [ 2038.317842] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2038.322366] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2038.327219] memcg_kmem_charge+0x13b/0x340 [ 2038.331471] __alloc_pages_nodemask+0x437/0x710 [ 2038.336149] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2038.341176] ? ___might_sleep+0x163/0x280 [ 2038.345330] ? copyin+0xb5/0x100 [ 2038.348722] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2038.354268] alloc_pages_current+0x107/0x210 [ 2038.358692] pipe_write+0xa65/0xfb0 [ 2038.362338] __vfs_write+0x613/0x8e0 [ 2038.366078] ? kernel_read+0x120/0x120 [ 2038.369971] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2038.375530] ? rw_verify_area+0x118/0x360 [ 2038.379684] vfs_write+0x20c/0x580 [ 2038.383237] ksys_write+0xea/0x1f0 [ 2038.386783] ? __ia32_sys_read+0xb0/0xb0 [ 2038.390854] ? do_syscall_64+0x26/0x610 [ 2038.394837] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2038.400201] ? do_syscall_64+0x26/0x610 [ 2038.404188] __x64_sys_write+0x73/0xb0 [ 2038.408084] do_syscall_64+0x103/0x610 [ 2038.411982] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2038.417172] RIP: 0033:0x457e39 [ 2038.420386] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2038.439289] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2038.446999] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2038.454269] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2038.461542] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2038.468813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2038.476085] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2038.489503] memory: usage 307200kB, limit 307200kB, failcnt 2685 [ 2038.504337] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2038.515663] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2038.525963] Memory cgroup stats for /syz5: cache:23076KB rss:260396KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283400KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2038.565821] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=521,uid=0 16:43:28 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:28 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x120}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x91}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x9, 0x200002) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'nlmon0\x00', 0x400}) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cachefiles\x00', 0x40000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:28 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2038.596590] Memory cgroup out of memory: Kill process 521 (syz-executor5) score 1148 or sacrifice child [ 2038.607452] Killed process 521 (syz-executor5) total-vm:72712kB, anon-rss:13656kB, file-rss:34880kB, shmem-rss:0kB [ 2038.631511] oom_reaper: reaped process 521 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 16:43:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x78, r1, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x5c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x7fffffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x5fde}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffffffd}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4000885) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:28 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:28 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000140)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000000)=0xe8) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r1, r2) 16:43:29 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) [ 2039.189457] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2039.245574] CPU: 1 PID: 567 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2039.252559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2039.261912] Call Trace: [ 2039.264532] dump_stack+0x172/0x1f0 [ 2039.268174] dump_header+0x10f/0xb6c [ 2039.271895] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2039.277003] ? ___ratelimit+0x60/0x595 [ 2039.280898] ? do_raw_spin_unlock+0x57/0x270 [ 2039.285328] oom_kill_process.cold+0x10/0x6f5 [ 2039.289844] ? task_will_free_mem+0x139/0x6e0 [ 2039.294364] out_of_memory+0x79a/0x1280 [ 2039.298358] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2039.298378] ? oom_killer_disable+0x280/0x280 [ 2039.298393] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2039.298421] mem_cgroup_out_of_memory+0x99/0xe0 [ 2039.308013] ? memcg_memory_event+0x40/0x40 [ 2039.322075] ? _raw_spin_unlock+0x2d/0x50 [ 2039.326228] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2039.331600] try_charge+0xfec/0x1570 [ 2039.335323] ? find_held_lock+0x35/0x130 [ 2039.339407] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2039.344263] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2039.349114] ? find_held_lock+0x35/0x130 [ 2039.353185] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2039.358042] memcg_kmem_charge_memcg+0x7c/0x130 [ 2039.362716] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2039.367216] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2039.372062] memcg_kmem_charge+0x13b/0x340 [ 2039.376299] __alloc_pages_nodemask+0x437/0x710 [ 2039.380977] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2039.385991] ? ___might_sleep+0x163/0x280 [ 2039.390140] ? copyin+0xb5/0x100 [ 2039.393507] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2039.399052] alloc_pages_current+0x107/0x210 [ 2039.403465] pipe_write+0xa65/0xfb0 [ 2039.407107] __vfs_write+0x613/0x8e0 [ 2039.410821] ? kernel_read+0x120/0x120 [ 2039.414708] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2039.420258] ? rw_verify_area+0x118/0x360 [ 2039.424405] vfs_write+0x20c/0x580 [ 2039.427954] ksys_write+0xea/0x1f0 [ 2039.431495] ? __ia32_sys_read+0xb0/0xb0 [ 2039.435558] ? do_syscall_64+0x26/0x610 [ 2039.439535] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2039.444893] ? do_syscall_64+0x26/0x610 [ 2039.448879] __x64_sys_write+0x73/0xb0 [ 2039.452767] do_syscall_64+0x103/0x610 [ 2039.456657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2039.461843] RIP: 0033:0x457e39 [ 2039.465033] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2039.483939] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2039.491647] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2039.498912] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2039.506182] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2039.513444] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2039.520707] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2039.593342] memory: usage 307104kB, limit 307200kB, failcnt 2736 [ 2039.602683] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2039.615460] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2039.627067] Memory cgroup stats for /syz5: cache:23076KB rss:260544KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283600KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2039.650400] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=557,uid=0 [ 2039.665109] Memory cgroup out of memory: Kill process 557 (syz-executor5) score 1148 or sacrifice child [ 2039.674814] Killed process 567 (syz-executor5) total-vm:72844kB, anon-rss:13988kB, file-rss:35820kB, shmem-rss:0kB 16:43:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x92}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:29 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x4, 0x4}]}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x28000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000004040)={'nr0\x00', 0x0}) bind$xdp(r1, &(0x7f00000040c0)={0x2c, 0x5, r2, 0x1e}, 0x10) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000180)={@local, @empty, @dev={0xfe, 0x80, [], 0x1d}, 0xffffffffffffffff, 0x6, 0x1384a62c, 0x100, 0x1a, 0x40, r2}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x103ff, 0x3, 0x5000, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) ioctl$KDADDIO(r0, 0x400455c8, 0x4000000002) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000240)={0x8, 0x20000000000000, 0x202, 0x2, 0x7fffffff, 0x3, 0x3, 0x1, 0x0}, &(0x7f0000000280)=0x20) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000002c0)={r3, 0x1000, "a5314f56461991f4fd760a3deb25b8fe8787a1beb7bbe4814f0a3ef2becab1a30f92bce61c08a47fe8937a6d86345131fb8715a14d85d9ea57267c0fd9e1f9fda150c33441269652f128dd47ef6dbe9ecdb85b0b67afeb3d6be81763c90d40adbb26a59360219eee0c7827176ca72f4ff5207734962a6571e7398ab31e1c33febd50a6786fcd3c30fea7e040c7d698dba8f1def27b7d886504fbb848b14989b43175613897c335f19307ed9eccbb1e0c16786ee45984686597928172f666063b679c1236664decc95e32c37e8d1f82cb8fa89a2f73220c9b968a99b2e7c2effdeb6e8b6cbb6941d95480c1902c346009cf2f5a7cc1d675eeda6ed9c458eabf5d9a56eac8c7e92891b0cc544848fd2e0439683969c6dc3ad50244cc895f5898f3498bc0bda62153190d6ccd6488c7a84c39d62efed350b49ba338ae9f772ecaa2c7ea6afdea341f840329b9dc8572bd563b51f69facb7d356791e185e68dd17ec17f87b97504fc9945f5ebd5ea651e86045bbaa579e1aa3a8f853237026e6e72fb1d14eea5eb5ae38994ef8caa26b89a9e44dba6fd3d720c0f848a88713b05d0d763e2a8891b55e773aaa6cdbe43b020e71d0352f402b9f1ea28912d1fe9af6682d8ca2abaa94ecafb46b3a39167856b6a9f96e393843f2b68560b57977175db16e81e699ba586672c8229b38ce864df0aa67839ac840ce9e7675ef7d16db73e304c99d1be3ad9301104639092ba031f943406efc2850ee17d95d0646ee69658ccd7e9a44a1b8daaceba80728afd169894a9f5ea1f991f73be4759a9b68aa87652c7094b3f79ac2440a693d63e005c6d99d3bb504c79c91ae0c2fc1f6d6ffc063878aa83db93dabd1cd845c038420db9e74b8b7335335d0199f9d507c2957f4f8f302a1c66042998b3b73c0aaa47717e3b6c6729b6f38a0065e155dd2ab9b692bfaa881fc966a2a11e8d59097f4d14e2bc5d24a92377df3c960520d35e824e8be3516639551de19ab97caa07e792de9ec89a5c038d61006d4e93f1f5956497713074f72de067474f15e66a07d4f10f205a24c73611743be6a6d806b4c81583a7e650c9f1a5dfe3262a56313bb3834e78a5c72adf79f4b122a9492b82f7031dc98965576d44914194d4a9cdc93667134f43467ad0d67ad547136845aeeeb9ece54f8d60b1a0a3a6b4bbba606c7cfc8b3579486ec56896d899cb2e32d964d9f63602f87037dedef2e427a60780af30403facbc1f46e1af312ad16990dbb5b1c14252a34765d54a64fde866d01d844d2a42ece2100751715de3cc4e91338d86f19dfcd20c45dd08ebda42f17f2e34469f1a47df0472db36ac0a3300134f8750cbe662441699ae1011252271eb0b386d1842e7adf6e02b0f48712ffba3ac665605c9abdd78f1fee85489f23e109c1c5e0f35c61c1bf45b626346c3906edb32dad1d6943cdd4051675bbf814da5b4f888466ac4e9b3ce046fc1dd5ebb83412552f9d1516fe1e588b8cfbc796cfcccfa8c6e88592048eae183ccb9fadff1653abc422a2751a016865cd1f1c93d2bd2974388e79bc7b70d45ad9d9e1c0aa241da243acb82032a2d0031c6f9ae3eced58367f99a6a19d842ccddc07079f80a767745890d17865069527f5a0fd561dc2bc8dc5a65fc488d670ef4be2345421086a82cb37d19f63d4f80fd959e8a6014df33e9f49b71a83248bfa613dc9d4f10dc8e204cc792f252e006b5e3b8e278c04b91951ab321edb75bcd0b21ab2ef779bd90b7bc977311ca5cf454980c286bf65df3e7c4413613073fe588f8ba6b480b3b55d2f0bed04e2bd55b0e0381c42c99de2857cd9e33b8d5f0c82093e1c4a210f447471429bc3b2318dbe60a8b49f8c37ad3f3f1b26bad736f5689161e406b528221920daefd404e394238c2d29054d7c66649dc9c5efe97c18ac23388d9dff1f3f81afb6f4865b96cdd28d3b7f44d4665d528acd082ace29421b1647032c9c1c5d8a121830fc1772ce41e62a51a37b140ed8a94dc53826726d437b66d682b10cad5b5b1a9e35cfa3e1aa5a979dda5ae8d7323622cc578cb95e6599760ccbd3979b93a2ff783e1e00127b28a3b72a4cfc00cde6fe973a249448f47e0c5228354860d52e76d5669539c9632090a11ff150dfabafa997993191bde4238644ac99f83e4f575b1234258d448d1533bbbea764f81e4fd388de4b1071c07184691e76c212ee43e2fd25a528400d945c663afbd59615f9a0bd7b31b4e1824572a76eda539c0e9cdad9fe49f7257ab13184c61077ee030c7c3bb1944a9abb57f8672ff301a91482070d93c4ee928e671c4c67f94ea7c3e85b058fc33cdccaef62273778e6bb8cef9fe4064926b5ce16ddddd3f86bc4247297ab358ac68b0a0c86d751bacfbfd2fb4bc2df3a8ed83b6298faa93fda81e5e9d5d61aa6a3feba833b5748ff778a1adeee43fffa5cbc7ad43359f8b92ccd1a2d48a116c24bcdef832f4338d1b370595eb777fc40babc3d947c6270eaf2d5267c8d3a5e3d0528154554e5c2275bd3abe38049fa6e29a1963e0b2c46f98c37dd980f769558b187a5cade07adcb7046fdeac803ae0c4c7bcffbffacf62230dc63997500d89a61f9f228464bded6d5e012de71d1d92100fa2b0208f867d4ba911852b03b0972484fb40658e6057ac6d41d0ef9801d6ee9fa7af4743a30cdd58625ed65439bf2d0709ccd83666e773dc31806831fb7c050fa3c73a302b46e2626fba8165abb3d3e8f4730fae493fb1b84e4fe616baf181fe91738368c25cd20345c9cc13bab5c533bfb73f035f9c87e5b319cde5c32b073758bf6027f2cae5cca15e8e61911293c77d2c2d85ff51416b6e0335d45b889908db419d4d3bf4cdf8c19a623f09e6faefd37a46bfe137d984e31401bc309011eb082ace32f40aaff8d09ceafd8d5b4cc8f3a0d4ad700de951fd9dd114d95966b2caf49820954a9cc3d2dfc820328425440fadc4e27e13e83060ada6fdc961264c51983c9663c2fb5818fbb760a026adee51db147b5915f120ae97464e46096b6d564e8c2168d6972e523f197d7cc2ee0a96bff5d92b1f3dfc4c907ea8ae8c332de05f933be61430e52bcb8c3ff506ca2d240af1a12dc070b35c3d58214a3b263b94178b4c1f50aea1e9060391200f9b2db41109f657f267734b664aa54ff9aefe1a217bf572f486f42438da16e1f6e8d3e65ed1e3af8126ae9b9b5cced6338de0b8eb0a0ab5861d83a2877de92d07f149b993bf1258d8f0bb2876568032b2d47e960d09e143eeefe7e3807163569adffd934bd042c2eb8351a6bf811aed2317147646e6642902cacaf4d227e2810e1645bb0df8dbada071a259ce5747f43e2fe92d5763fbe12d413a9829714cd199b3a790b6d698c8e98026064100571792c0c752329de8daf1e97efa2f8eafa3d121e5ca043f06fe2fdb070cfecf445e318aab0a56bab53b5e2cf435d3f08c3254abd25064c441294372320312d899c205166cdd549a782e69798238773108b86ec0117c0995eba3bbbde072d8ae15781e9f32dcfb64bd03355ac9d211ca74546cf0a8bae267e2ecf6c0b8748c7ac592e6f69cab108efd2a81e396592cf0f872aa1c7253b899433a773e5bd398ae38eabef692cd3d0c716f3adc3684e49a0145f7e68435d500698dcbd49301a166349e6dd238bcf373d30db8b824a02521222d70ea944093cce5c57a7e28ce3aa6737b1a16e197484b24d07ba9434cbc0d612eef2e036374075533bab2245ea9e5b1ece374bbd26ee9da9368d250c2f14e9da2545bb47826d01de6b443d70cdb4468091a93fcda5234c4419ae3bde6c52ef1d883859a48cf3928d9239e8d91ecc1b9fd6890fd6a9d0b381414ab8b3dca7388c07fe37847f1cfe39e2f9a18297ec5871223cc2660082afec24aea002f8c461ad8661935f2d2d49fdc3131976a50ca78f0979ae1084e2e5e071ddbfc7400cc6fdc6d142a979cc1bccdab353fc3a14e4b23a8d5b099ef04a893e9192761e739ce3875dcbaa3c7336473d6be17accf89ea0ae4f5f0b5b1da835e04cff8dbdbc8482b7741b8878ee71354346743bffce3f755bb61a37f4aae826be30e20a03c23c37b6c63d085465aa3fdc136c1c9a34c4013f36db4007d655b3413a295a4c00d4c4ccce10807b2b1bcb616ca8910440c3bc0b968d1fb5e8b0910b17f48b924bdc5761f504efac33dd274c33d3d8c3e1d132ff87cb2e1acbb2a562a5e26a71329a353a11031b44125c411943ab1dc3e118b2b913735aae5daaad5779e9447b82e79583409862aaf0f191e9d41e70eeed0a45c6301139cad880ffdf925677b5aed0ccd9c69fb55dc9f4791794fdf0f5caa8e64f2d9e18f3214e026373d7db704ba06a9e3ca51ba2fdaa85451d99bf00ffcb1ecd7b8b9a618843699ce9090297743ee46fb9da0e31da4b77a2ebd348556a15b3f2213ecd9068c11a547dab070b0e566a1722dc55c089de909aa4ed1b94e751e7271ff211d81b7c9eeda07bbb653b49247fa77a39900d6e31718b6a4371af4abaa1ef59e0b7b95cf756e3b6abe317639acab4da965c83450739eda4d835fa828ef9cf0f78735f80e5e1e0689f9899f3c025e0be036f901fee5084ebcc08cc51696c86ce290ae1bb93cf3f50da31acbb3df7745af5c8af3c15f295e9b6f8c102783ec20e3e85f7340b3f25b28bc3dd0a927e1fd49e2d5d651238c76c7444d14da655e99c4885104b36c4cf47d9972e57afe586b11e35f15a30fb05f56fc8c8bdc2a761a3a59d51e9ce33e61f928462ad518061dbb8c7aa86077cb660ae0f3e03475e1eca5ff116babc5461b314541b67db8435cab899ac359bcea87ae61befc190f7722c7a460a131c222d1a0b8f31cad945f3ca2f840e63b90ace1a48b303dbf873dfb3d55638434e7d711928fff532012fbd77d2cf28ee9f3dcb1eb67a238cbe51e5ecce4145aa03381bf8a79a7232395436d763de1e9e5cf84efc02d35c9b33f60020c5d9c44360287adf37cddc911d387d064a5525ac1cff77d0551bf469c7d4849410de7941472de6207c01d419636e42b1bb72631e813e13fd766c94100a1a4a4eef6ae003c7b81b32dea7de0688b75904e15ae251647a6fec0bbab0e010c358e05f7bdf9fb1a9e44970f1af5e400340c34d968fe3d2a351570e7f8ea87381919aa69148aa659ad32e165cdf0bdd0dfdd32729e690d1505252a8defd02b708234dbdd9e8ae980ea583ea32bb5a60cd9d8ece78f08f5839bbec1b0b5a509855d18d2cb7c87700a313d1b2bcf1e84bb24eeee4b0a1b0e53a51ba6e9315a825226d8a083b9042431ce8d22ac5d08da3e12d3aac571fd545a725378d8feb5a5a594647af7f5abd8cfd7409623d1d801adb703ab1d347f5b5ec93bd50e71797320c915ebd03b11c0300b622b46c7e8f337cae1bf19324807a34d1be5577846312327dbb251bf2480061a7b395105f5435ead84dbd7f89ce544ca4e83babf948730e86820ec2167620a4ca491eb876eed8851d4ea80fb7f59147939b4132f4289c03127f4944cb9a23f856dd1aec8a2126935630c803f75be22d074872e7aa8561c6aa455937741c55a1982bead735ade73dba4182af3419aa9e04154bb3ef7e02c170432b2061bfc33f594d717db8abd0f9308a55d73ecff3b603c1e0f0c03946697caddffb6a5d0447ed650e8afbf12d5aed2524b4702c10eb97cfee19876185150da880b66a3bf772c231c7be5ac5a04d2375ccbee213c75a18bcbd661815f3fa8e4690ea1696732605bcbd461a19c6ef83642de6f25159cf1f6d9dd8f83de1"}, &(0x7f0000001300)=0x1008) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:29 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x121}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2039.692481] oom_reaper: reaped process 567 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB 16:43:29 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000440)='/selinux/mls\x00', 0x0, 0x0) ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f00000004c0)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) utimes(&(0x7f0000000400)='./file0\x00', &(0x7f00000003c0)={{r2, r3/1000+30000}, {0x77359400}}) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000140)) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/autofs\x00', 0x40000, 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(r4, 0x54a1) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f0000000380)=r4) timer_create(0x7, &(0x7f00000002c0)={0x0, 0x2b, 0x2, @thr={&(0x7f00000001c0)="80f9125ddcad70c6545c00604bb7b5a0fb95e06393170e4af7d16ec3de806e2a2763d5f14101cc59316e6fda368360016cded9ccf2bf1b059e79384c63b4fa0bb6733be8bf5b00156df4c92bf26e04b7ba9c89ba6b7cb300a5c4359ecf6f8653b395fa6fcf09fcdf1a533b07aaaec89f82b669538d89caf090", &(0x7f0000000240)="5b14676be847849c287115f2bb3e4c764afea08bf0d3c6b845e109ea6a8e53371cef7dc60b070a83275e43e272b65ee8946b81786a7247a0250d01c854a070e227591bc325aac73bcfb2bb4837f5f94239092a51fc40db13ec91b0cfda871441e6d904"}}, &(0x7f0000000300)=0x0) timer_gettime(r5, &(0x7f0000000340)) removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB='tr\t\x00\x00\x00\x00\x00\x00\x00ev/\btmx\x00']) 16:43:29 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:29 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000140)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000000)=0xe8) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r1, r2) 16:43:29 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2040.136587] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2040.174627] CPU: 1 PID: 600 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2040.181606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2040.190975] Call Trace: [ 2040.193573] dump_stack+0x172/0x1f0 [ 2040.197245] dump_header+0x10f/0xb6c [ 2040.200995] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2040.206103] ? ___ratelimit+0x60/0x595 [ 2040.210015] ? do_raw_spin_unlock+0x57/0x270 [ 2040.214455] oom_kill_process.cold+0x10/0x6f5 [ 2040.218963] ? task_will_free_mem+0x139/0x6e0 [ 2040.223483] out_of_memory+0x79a/0x1280 [ 2040.227468] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2040.232576] ? oom_killer_disable+0x280/0x280 [ 2040.237073] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2040.242191] mem_cgroup_out_of_memory+0x99/0xe0 [ 2040.246862] ? memcg_memory_event+0x40/0x40 [ 2040.251194] ? _raw_spin_unlock+0x2d/0x50 [ 2040.255377] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2040.260481] try_charge+0xfec/0x1570 [ 2040.264200] ? find_held_lock+0x35/0x130 [ 2040.268270] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2040.273121] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2040.277968] ? find_held_lock+0x35/0x130 [ 2040.282038] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2040.286894] memcg_kmem_charge_memcg+0x7c/0x130 [ 2040.291572] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2040.296075] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2040.300923] memcg_kmem_charge+0x13b/0x340 [ 2040.300950] __alloc_pages_nodemask+0x437/0x710 [ 2040.300971] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2040.314869] ? ___might_sleep+0x163/0x280 [ 2040.314889] ? copyin+0xb5/0x100 [ 2040.314907] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2040.314928] alloc_pages_current+0x107/0x210 [ 2040.332357] pipe_write+0xa65/0xfb0 16:43:30 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x93}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2040.336001] __vfs_write+0x613/0x8e0 [ 2040.339726] ? kernel_read+0x120/0x120 [ 2040.343615] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2040.343649] ? rw_verify_area+0x118/0x360 [ 2040.343666] vfs_write+0x20c/0x580 [ 2040.343684] ksys_write+0xea/0x1f0 [ 2040.360414] ? __ia32_sys_read+0xb0/0xb0 [ 2040.360435] ? do_syscall_64+0x26/0x610 [ 2040.360450] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2040.360464] ? do_syscall_64+0x26/0x610 [ 2040.360485] __x64_sys_write+0x73/0xb0 [ 2040.373857] do_syscall_64+0x103/0x610 [ 2040.373877] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2040.373888] RIP: 0033:0x457e39 [ 2040.373907] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2040.381746] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2040.381761] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2040.381770] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2040.381779] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2040.381788] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2040.381796] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2040.724326] memory: usage 307104kB, limit 307200kB, failcnt 2798 [ 2040.744863] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2040.758575] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2040.778443] Memory cgroup stats for /syz5: cache:23076KB rss:260528KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283592KB inactive_file:0KB active_file:4KB unevictable:0KB [ 2040.928237] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=598,uid=0 [ 2040.958199] Memory cgroup out of memory: Kill process 598 (syz-executor5) score 1148 or sacrifice child 16:43:30 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:30 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x122}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:30 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x94}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2040.979062] Killed process 600 (syz-executor5) total-vm:72712kB, anon-rss:13980kB, file-rss:35816kB, shmem-rss:0kB [ 2041.005672] oom_reaper: reaped process 600 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB [ 2041.606146] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2041.638369] CPU: 1 PID: 670 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2041.645343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2041.654716] Call Trace: [ 2041.657316] dump_stack+0x172/0x1f0 [ 2041.660980] dump_header+0x10f/0xb6c [ 2041.664710] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2041.669820] ? ___ratelimit+0x60/0x595 [ 2041.673719] ? do_raw_spin_unlock+0x57/0x270 [ 2041.678143] oom_kill_process.cold+0x10/0x6f5 [ 2041.682652] ? task_will_free_mem+0x139/0x6e0 [ 2041.687162] out_of_memory+0x79a/0x1280 [ 2041.691151] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2041.696266] ? oom_killer_disable+0x280/0x280 [ 2041.700773] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2041.705896] mem_cgroup_out_of_memory+0x99/0xe0 [ 2041.710583] ? memcg_memory_event+0x40/0x40 [ 2041.714918] ? _raw_spin_unlock+0x2d/0x50 [ 2041.719080] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2041.724209] try_charge+0xfec/0x1570 [ 2041.727974] ? find_held_lock+0x35/0x130 [ 2041.732077] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2041.736950] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2041.741810] ? find_held_lock+0x35/0x130 [ 2041.745896] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2041.750770] memcg_kmem_charge_memcg+0x7c/0x130 [ 2041.755459] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2041.759985] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2041.764842] memcg_kmem_charge+0x13b/0x340 [ 2041.769092] __alloc_pages_nodemask+0x437/0x710 [ 2041.773781] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2041.778810] ? ___might_sleep+0x163/0x280 [ 2041.782982] ? copyin+0xb5/0x100 [ 2041.786372] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2041.791926] alloc_pages_current+0x107/0x210 [ 2041.796368] pipe_write+0xa65/0xfb0 [ 2041.800016] __vfs_write+0x613/0x8e0 [ 2041.803738] ? kernel_read+0x120/0x120 [ 2041.807637] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2041.813202] ? rw_verify_area+0x118/0x360 [ 2041.817370] vfs_write+0x20c/0x580 [ 2041.820923] ksys_write+0xea/0x1f0 [ 2041.824480] ? __ia32_sys_read+0xb0/0xb0 [ 2041.828558] ? do_syscall_64+0x26/0x610 [ 2041.832537] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2041.837912] ? do_syscall_64+0x26/0x610 [ 2041.841906] __x64_sys_write+0x73/0xb0 [ 2041.845819] do_syscall_64+0x103/0x610 [ 2041.849718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2041.854911] RIP: 0033:0x457e39 [ 2041.858112] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2041.877025] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2041.884739] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2041.892015] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2041.899288] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2041.906564] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2041.913838] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2041.931792] memory: usage 307200kB, limit 307200kB, failcnt 2880 [ 2041.993279] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2042.008476] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2042.028250] Bluetooth: hci0: command 0x1003 tx timeout [ 2042.033644] Bluetooth: hci0: sending frame failed (-49) [ 2042.048720] Memory cgroup stats for /syz5: cache:23076KB rss:260528KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283536KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2042.088241] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=656,uid=0 [ 2042.199173] Memory cgroup out of memory: Kill process 656 (syz-executor5) score 1148 or sacrifice child [ 2042.211489] Killed process 670 (syz-executor5) total-vm:72844kB, anon-rss:13988kB, file-rss:35820kB, shmem-rss:0kB [ 2042.246844] oom_reaper: reaped process 670 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB [ 2042.748481] Bluetooth: hci1: command 0x1003 tx timeout [ 2042.753900] Bluetooth: hci1: sending frame failed (-49) [ 2044.108233] Bluetooth: hci0: command 0x1001 tx timeout [ 2044.113688] Bluetooth: hci0: sending frame failed (-49) [ 2044.828265] Bluetooth: hci1: command 0x1001 tx timeout [ 2044.833692] Bluetooth: hci1: sending frame failed (-49) [ 2046.188239] Bluetooth: hci0: command 0x1009 tx timeout [ 2046.908284] Bluetooth: hci1: command 0x1009 tx timeout 16:43:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x3ffff, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x2, 0x0) setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f0000000080)=':selfGPLproc\x00', 0xd) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000140)={0x6, 0x1000}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000180)={0x8, 0x20, 0x100000000, 0xfffffffffffffc00, 0x1}, 0x14) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x8) 16:43:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x95}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:41 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x123}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:41 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) r1 = socket$l2tp(0x18, 0x1, 0x1) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x100) ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000000)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x483, @ipv4={[], [], @local}, 0x9}}, [0x100000000, 0x6, 0x3, 0x100, 0x0, 0x5, 0x0, 0x8000, 0x2, 0x80000000, 0xe2e6, 0x4, 0x1, 0x6, 0x3ff]}, &(0x7f0000000280)=0x100) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={r2, 0x5, 0x20, 0x3ff, 0x233}, &(0x7f0000000300)=0x18) getsockopt$inet6_mreq(r1, 0x29, 0x1f, &(0x7f0000000080)={@ipv4={[], [], @local}}, &(0x7f0000000140)=0x14) 16:43:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2051.914608] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 16:43:41 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x96}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2052.014546] CPU: 0 PID: 703 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2052.021532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2052.030896] Call Trace: [ 2052.033495] dump_stack+0x172/0x1f0 [ 2052.037141] dump_header+0x10f/0xb6c [ 2052.040870] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2052.045977] ? ___ratelimit+0x60/0x595 [ 2052.049870] ? do_raw_spin_unlock+0x57/0x270 [ 2052.054286] oom_kill_process.cold+0x10/0x6f5 [ 2052.058809] ? task_will_free_mem+0x139/0x6e0 [ 2052.063333] out_of_memory+0x79a/0x1280 [ 2052.067332] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2052.072464] ? oom_killer_disable+0x280/0x280 [ 2052.076971] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2052.082089] mem_cgroup_out_of_memory+0x99/0xe0 [ 2052.086771] ? memcg_memory_event+0x40/0x40 [ 2052.091125] ? _raw_spin_unlock+0x2d/0x50 [ 2052.095278] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2052.100400] try_charge+0xfec/0x1570 [ 2052.104115] ? find_held_lock+0x35/0x130 [ 2052.108189] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2052.113040] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2052.117890] ? find_held_lock+0x35/0x130 [ 2052.121963] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2052.126839] memcg_kmem_charge_memcg+0x7c/0x130 [ 2052.131517] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2052.136056] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2052.140921] memcg_kmem_charge+0x13b/0x340 [ 2052.145159] __alloc_pages_nodemask+0x437/0x710 [ 2052.149831] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2052.149849] ? ___might_sleep+0x163/0x280 [ 2052.149867] ? copyin+0xb5/0x100 [ 2052.149885] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2052.149907] alloc_pages_current+0x107/0x210 [ 2052.149928] pipe_write+0xa65/0xfb0 [ 2052.149964] __vfs_write+0x613/0x8e0 [ 2052.179714] ? kernel_read+0x120/0x120 [ 2052.183612] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2052.189187] ? rw_verify_area+0x118/0x360 [ 2052.193346] vfs_write+0x20c/0x580 [ 2052.196944] ksys_write+0xea/0x1f0 [ 2052.200508] ? __ia32_sys_read+0xb0/0xb0 [ 2052.204584] ? do_syscall_64+0x26/0x610 [ 2052.208571] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 16:43:42 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 16:43:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) [ 2052.213958] ? do_syscall_64+0x26/0x610 [ 2052.217944] __x64_sys_write+0x73/0xb0 [ 2052.221841] do_syscall_64+0x103/0x610 [ 2052.225742] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2052.230982] RIP: 0033:0x457e39 [ 2052.234172] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2052.253074] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:43:42 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2052.260786] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2052.268057] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2052.275328] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2052.282606] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2052.289876] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:43:42 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x124}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2053.158478] memory: usage 307104kB, limit 307200kB, failcnt 2992 [ 2053.164770] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2053.200550] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2053.228252] Memory cgroup stats for /syz5: cache:23076KB rss:260860KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283984KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2053.318833] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=682,uid=0 [ 2053.337145] Memory cgroup out of memory: Kill process 682 (syz-executor5) score 1149 or sacrifice child [ 2053.347236] Killed process 703 (syz-executor5) total-vm:72844kB, anon-rss:14252kB, file-rss:35820kB, shmem-rss:0kB 16:43:43 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x400000, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x41) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r2, 0x3, 0x2, r3}) 16:43:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:43 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x97}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:43 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x125}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2053.365862] oom_reaper: reaped process 703 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB 16:43:43 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:43 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x0, 0x9, 0x5, 0xfff, 0x1b, 0x400, 0x7, 0xf7, 0x6e, 0x8, 0xffffffffffffffe1, 0x4b}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x800, 0x0) syz_open_dev$sndmidi(&(0x7f0000000140)='/dev/snd/midiC#D#\x00', 0x8, 0x4040) 16:43:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:43 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:43 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) [ 2053.898953] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2053.952026] CPU: 0 PID: 794 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2053.959021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2053.968379] Call Trace: [ 2053.970980] dump_stack+0x172/0x1f0 [ 2053.974620] dump_header+0x10f/0xb6c [ 2053.978350] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2053.983476] ? ___ratelimit+0x60/0x595 [ 2053.987387] ? do_raw_spin_unlock+0x57/0x270 [ 2053.991808] oom_kill_process.cold+0x10/0x6f5 [ 2053.996314] ? task_will_free_mem+0x139/0x6e0 [ 2054.000842] out_of_memory+0x79a/0x1280 [ 2054.004826] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2054.009934] ? oom_killer_disable+0x280/0x280 [ 2054.014439] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2054.019598] mem_cgroup_out_of_memory+0x99/0xe0 [ 2054.024272] ? memcg_memory_event+0x40/0x40 [ 2054.028601] ? _raw_spin_unlock+0x2d/0x50 [ 2054.028616] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2054.028631] try_charge+0xfec/0x1570 [ 2054.028645] ? find_held_lock+0x35/0x130 [ 2054.028668] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2054.028690] ? kasan_check_read+0x11/0x20 [ 2054.028709] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2054.028726] mem_cgroup_try_charge+0x24d/0x5e0 [ 2054.028745] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2054.069014] wp_page_copy+0x408/0x1740 [ 2054.072914] ? find_held_lock+0x35/0x130 [ 2054.076981] ? pmd_pfn+0x1d0/0x1d0 [ 2054.076998] ? lock_downgrade+0x810/0x810 [ 2054.077014] ? __pte_alloc_kernel+0x220/0x220 [ 2054.084696] ? mark_held_locks+0x100/0x100 [ 2054.084715] ? kasan_check_read+0x11/0x20 [ 2054.084735] ? do_raw_spin_unlock+0x57/0x270 [ 2054.101972] do_wp_page+0x2ed/0x11d0 [ 2054.105701] ? rwlock_bug.part.0+0x90/0x90 [ 2054.109941] ? lock_acquire+0x16f/0x3f0 [ 2054.113949] ? finish_mkwrite_fault+0x540/0x540 [ 2054.118624] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2054.123658] __handle_mm_fault+0x22db/0x3f20 [ 2054.128087] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2054.132937] ? find_held_lock+0x35/0x130 [ 2054.137007] ? handle_mm_fault+0x322/0xb30 [ 2054.141265] ? kasan_check_read+0x11/0x20 [ 2054.145409] handle_mm_fault+0x43f/0xb30 [ 2054.149478] __do_page_fault+0x5da/0xd60 [ 2054.153541] do_page_fault+0x71/0x581 [ 2054.157328] page_fault+0x1e/0x30 [ 2054.160769] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2054.166641] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2054.185535] RSP: 0018:ffff88803eef7b30 EFLAGS: 00010206 [ 2054.190886] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2054.198159] RDX: 0000000000001000 RSI: ffff888022d80e00 RDI: 00000000209f2000 [ 2054.205425] RBP: ffff88803eef7b68 R08: ffffed10045b0200 R09: 0000000000000000 [ 2054.212681] R10: ffffed10045b01ff R11: ffff888022d80fff R12: 00000000209f1200 [ 2054.219942] R13: ffff888022d80000 R14: 00000000209f2200 R15: 00007ffffffff000 [ 2054.227224] ? copyout+0xe2/0x100 [ 2054.230675] copy_page_to_iter+0x347/0xd00 [ 2054.234913] pipe_read+0x28a/0x940 [ 2054.238475] __vfs_read+0x610/0x8c0 [ 2054.242102] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2054.246678] ? rw_verify_area+0x118/0x360 [ 2054.250820] vfs_read+0x194/0x3e0 [ 2054.254281] ksys_read+0xea/0x1f0 [ 2054.257737] ? kernel_write+0x120/0x120 [ 2054.261700] ? do_syscall_64+0x26/0x610 [ 2054.265658] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2054.271031] ? do_syscall_64+0x26/0x610 [ 2054.275002] __x64_sys_read+0x73/0xb0 [ 2054.278798] do_syscall_64+0x103/0x610 [ 2054.282680] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2054.287854] RIP: 0033:0x457e39 [ 2054.291038] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2054.309936] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2054.317637] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2054.324885] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000006 [ 2054.332134] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2054.339392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2054.346668] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 2054.362786] memory: usage 307136kB, limit 307200kB, failcnt 3029 [ 2054.370150] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2054.376949] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2054.384573] Memory cgroup stats for /syz5: cache:23076KB rss:260924KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283916KB inactive_file:0KB active_file:4KB unevictable:0KB 16:43:44 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:44 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x98}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:44 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x126}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000000140)="224ddc64296ce11009b5c8d6ae48c52bb0a1f95a0f26732fe17ec9d2917472502d266ecc303ff74734d96551fcf89bda0e75ae72f84202c48f30b0f7ec9bed6f1aafa69ea305c25973b0203cac21f3cdd3661958997e2dbe9b190113530b0eea23ebfe17d30cd979afd61d9c56e76aaeae2d4b975800cd7883f1cf97955042db6a54eda8b967d35fb6d4db0e72c7b512833d9f3845643bf53ded815400fbd0b5b0dfeb714accc0c77bb3207671e468ea9e62c87076ae9f") ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2054.406497] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=781,uid=0 [ 2054.421130] Memory cgroup out of memory: Kill process 781 (syz-executor5) score 1149 or sacrifice child [ 2054.431191] Killed process 785 (syz-executor5) total-vm:72712kB, anon-rss:14240kB, file-rss:35816kB, shmem-rss:0kB [ 2054.449389] oom_reaper: reaped process 785 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:43:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:44 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) [ 2054.872803] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2054.914440] CPU: 0 PID: 827 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2054.921405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2054.921412] Call Trace: [ 2054.921435] dump_stack+0x172/0x1f0 [ 2054.921466] dump_header+0x10f/0xb6c [ 2054.921494] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2054.921510] ? ___ratelimit+0x60/0x595 [ 2054.949728] ? do_raw_spin_unlock+0x57/0x270 [ 2054.954144] oom_kill_process.cold+0x10/0x6f5 [ 2054.958645] ? task_will_free_mem+0x139/0x6e0 [ 2054.958669] out_of_memory+0x79a/0x1280 [ 2054.958689] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2054.958707] ? oom_killer_disable+0x280/0x280 [ 2054.958721] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2054.958746] mem_cgroup_out_of_memory+0x99/0xe0 [ 2054.958761] ? memcg_memory_event+0x40/0x40 [ 2054.958783] ? _raw_spin_unlock+0x2d/0x50 [ 2054.958797] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2054.958811] try_charge+0xfec/0x1570 [ 2055.003848] ? find_held_lock+0x35/0x130 [ 2055.007916] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2055.012762] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2055.017607] ? find_held_lock+0x35/0x130 [ 2055.021687] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2055.026556] memcg_kmem_charge_memcg+0x7c/0x130 [ 2055.031226] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2055.035729] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2055.040578] memcg_kmem_charge+0x13b/0x340 [ 2055.044821] __alloc_pages_nodemask+0x437/0x710 [ 2055.049494] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2055.054513] ? ___might_sleep+0x163/0x280 [ 2055.058672] ? copyin+0xb5/0x100 [ 2055.062042] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2055.067597] alloc_pages_current+0x107/0x210 [ 2055.072039] pipe_write+0xa65/0xfb0 [ 2055.075707] __vfs_write+0x613/0x8e0 [ 2055.079424] ? kernel_read+0x120/0x120 [ 2055.083316] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2055.088877] ? rw_verify_area+0x118/0x360 [ 2055.093050] vfs_write+0x20c/0x580 [ 2055.096588] ksys_write+0xea/0x1f0 [ 2055.100133] ? __ia32_sys_read+0xb0/0xb0 [ 2055.104204] ? do_syscall_64+0x26/0x610 [ 2055.108192] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2055.113581] ? do_syscall_64+0x26/0x610 [ 2055.117564] __x64_sys_write+0x73/0xb0 [ 2055.121464] do_syscall_64+0x103/0x610 [ 2055.125368] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2055.130568] RIP: 0033:0x457e39 [ 2055.133780] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2055.152691] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2055.160394] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2055.167652] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2055.174917] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2055.182179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2055.189440] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2055.228298] memory: usage 307200kB, limit 307200kB, failcnt 3100 [ 2055.248766] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2055.304794] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2055.321899] Memory cgroup stats for /syz5: cache:23076KB rss:260924KB rss_huge:247808KB shmem:23076KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283912KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2055.368680] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=823,uid=0 [ 2055.384041] Memory cgroup out of memory: Kill process 823 (syz-executor5) score 1149 or sacrifice child [ 2055.396256] Killed process 827 (syz-executor5) total-vm:72712kB, anon-rss:14240kB, file-rss:35816kB, shmem-rss:0kB 16:43:45 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000000)=0x456) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:45 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x127}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:45 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x99}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2055.411218] oom_reaper: reaped process 827 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:43:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:45 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)) 16:43:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc) 16:43:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2055.819296] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2055.837400] CPU: 0 PID: 881 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2055.844331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2055.853690] Call Trace: [ 2055.856284] dump_stack+0x172/0x1f0 [ 2055.859926] dump_header+0x10f/0xb6c [ 2055.863652] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2055.868765] ? ___ratelimit+0x60/0x595 [ 2055.872655] ? do_raw_spin_unlock+0x57/0x270 [ 2055.877076] oom_kill_process.cold+0x10/0x6f5 [ 2055.881578] ? task_will_free_mem+0x139/0x6e0 [ 2055.886084] out_of_memory+0x79a/0x1280 [ 2055.890090] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2055.895207] ? oom_killer_disable+0x280/0x280 [ 2055.899713] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2055.904827] mem_cgroup_out_of_memory+0x99/0xe0 [ 2055.909507] ? memcg_memory_event+0x40/0x40 [ 2055.913846] ? _raw_spin_unlock+0x2d/0x50 [ 2055.917997] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2055.923101] try_charge+0xfec/0x1570 [ 2055.926832] ? find_held_lock+0x35/0x130 [ 2055.930912] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2055.935751] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2055.940595] ? find_held_lock+0x35/0x130 [ 2055.944660] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2055.949514] memcg_kmem_charge_memcg+0x7c/0x130 [ 2055.954178] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2055.958678] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2055.963519] memcg_kmem_charge+0x13b/0x340 [ 2055.967756] __alloc_pages_nodemask+0x437/0x710 [ 2055.972427] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2055.977463] ? ___might_sleep+0x163/0x280 [ 2055.981615] ? copyin+0xb5/0x100 [ 2055.985000] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2055.990541] alloc_pages_current+0x107/0x210 [ 2055.994955] pipe_write+0xa65/0xfb0 [ 2055.998611] __vfs_write+0x613/0x8e0 [ 2056.002322] ? kernel_read+0x120/0x120 [ 2056.006220] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2056.011782] ? rw_verify_area+0x118/0x360 [ 2056.015927] vfs_write+0x20c/0x580 [ 2056.019506] ksys_write+0xea/0x1f0 [ 2056.023061] ? __ia32_sys_read+0xb0/0xb0 [ 2056.027122] ? do_syscall_64+0x26/0x610 [ 2056.031093] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2056.036454] ? do_syscall_64+0x26/0x610 [ 2056.040430] __x64_sys_write+0x73/0xb0 [ 2056.044319] do_syscall_64+0x103/0x610 [ 2056.048227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2056.053408] RIP: 0033:0x457e39 [ 2056.056600] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2056.075498] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2056.083200] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2056.090468] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2056.097743] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2056.105004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2056.112266] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2056.182658] memory: usage 307200kB, limit 307200kB, failcnt 3162 [ 2056.201183] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2056.218255] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2056.224413] Memory cgroup stats for /syz5: cache:22928KB rss:260780KB rss_huge:247808KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283856KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2056.246410] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=866,uid=0 [ 2056.260957] Memory cgroup out of memory: Kill process 866 (syz-executor5) score 1149 or sacrifice child 16:43:46 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, 0x0}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 16:43:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:46 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x9a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:46 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x128}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2056.276600] Killed process 866 (syz-executor5) total-vm:72844kB, anon-rss:14180kB, file-rss:34880kB, shmem-rss:0kB [ 2056.301870] oom_reaper: reaped process 866 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 16:43:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 16:43:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000349000/0x1000)=nil, 0x1000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 16:43:46 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2057.085906] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2057.159314] CPU: 1 PID: 927 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2057.166302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2057.175658] Call Trace: [ 2057.178258] dump_stack+0x172/0x1f0 [ 2057.181910] dump_header+0x10f/0xb6c [ 2057.185642] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2057.190754] ? ___ratelimit+0x60/0x595 [ 2057.194652] ? do_raw_spin_unlock+0x57/0x270 [ 2057.199075] oom_kill_process.cold+0x10/0x6f5 [ 2057.203590] ? task_will_free_mem+0x139/0x6e0 [ 2057.208106] out_of_memory+0x79a/0x1280 [ 2057.212095] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2057.217208] ? oom_killer_disable+0x280/0x280 [ 2057.221713] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2057.226838] mem_cgroup_out_of_memory+0x99/0xe0 [ 2057.231519] ? memcg_memory_event+0x40/0x40 [ 2057.235860] ? _raw_spin_unlock+0x2d/0x50 [ 2057.240019] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2057.245129] try_charge+0xfec/0x1570 [ 2057.248850] ? find_held_lock+0x35/0x130 [ 2057.252938] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2057.257799] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2057.262910] ? find_held_lock+0x35/0x130 [ 2057.266993] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2057.271854] memcg_kmem_charge_memcg+0x7c/0x130 [ 2057.276531] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2057.281043] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2057.285898] memcg_kmem_charge+0x13b/0x340 [ 2057.290144] __alloc_pages_nodemask+0x437/0x710 [ 2057.294854] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2057.299891] ? ___might_sleep+0x163/0x280 [ 2057.304062] ? copyin+0xb5/0x100 [ 2057.307466] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2057.313019] alloc_pages_current+0x107/0x210 [ 2057.317442] pipe_write+0xa65/0xfb0 [ 2057.321106] __vfs_write+0x613/0x8e0 [ 2057.324872] ? kernel_read+0x120/0x120 [ 2057.328778] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2057.334376] ? rw_verify_area+0x118/0x360 [ 2057.338536] vfs_write+0x20c/0x580 [ 2057.342089] ksys_write+0xea/0x1f0 [ 2057.345652] ? __ia32_sys_read+0xb0/0xb0 [ 2057.349728] ? do_syscall_64+0x26/0x610 [ 2057.353710] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2057.359079] ? do_syscall_64+0x26/0x610 [ 2057.363064] __x64_sys_write+0x73/0xb0 [ 2057.366970] do_syscall_64+0x103/0x610 [ 2057.370901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2057.376093] RIP: 0033:0x457e39 [ 2057.379294] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2057.398199] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2057.405914] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2057.413195] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2057.420466] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2057.427834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2057.435107] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2058.038235] memory: usage 307080kB, limit 307200kB, failcnt 3225 [ 2058.044462] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2058.153677] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2058.208160] Memory cgroup stats for /syz5: cache:22928KB rss:260712KB rss_huge:247808KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283792KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2058.464010] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=912,uid=0 [ 2058.496547] Memory cgroup out of memory: Kill process 912 (syz-executor5) score 1149 or sacrifice child 16:43:48 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, 0x0}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x129}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x9b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2058.519852] Killed process 927 (syz-executor5) total-vm:72844kB, anon-rss:14252kB, file-rss:35820kB, shmem-rss:0kB [ 2058.553840] oom_reaper: reaped process 927 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:40kB 16:43:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:49 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) [ 2059.307423] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2059.359590] CPU: 0 PID: 1013 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2059.366624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2059.366632] Call Trace: [ 2059.378571] dump_stack+0x172/0x1f0 [ 2059.382216] dump_header+0x10f/0xb6c [ 2059.385944] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2059.391055] ? ___ratelimit+0x60/0x595 [ 2059.394948] ? do_raw_spin_unlock+0x57/0x270 [ 2059.399379] oom_kill_process.cold+0x10/0x6f5 [ 2059.403891] ? task_will_free_mem+0x139/0x6e0 [ 2059.408420] out_of_memory+0x79a/0x1280 [ 2059.412407] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2059.417521] ? oom_killer_disable+0x280/0x280 [ 2059.422019] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2059.427137] mem_cgroup_out_of_memory+0x99/0xe0 [ 2059.431812] ? memcg_memory_event+0x40/0x40 [ 2059.436151] ? _raw_spin_unlock+0x2d/0x50 [ 2059.440306] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2059.440322] try_charge+0xfec/0x1570 [ 2059.440336] ? find_held_lock+0x35/0x130 [ 2059.440368] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2059.440392] ? kasan_check_read+0x11/0x20 [ 2059.440415] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2059.467071] mem_cgroup_try_charge+0x24d/0x5e0 [ 2059.471667] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2059.476609] wp_page_copy+0x408/0x1740 [ 2059.480521] ? find_held_lock+0x35/0x130 [ 2059.484599] ? pmd_pfn+0x1d0/0x1d0 [ 2059.488148] ? lock_downgrade+0x810/0x810 [ 2059.492304] ? __pte_alloc_kernel+0x220/0x220 [ 2059.496803] ? mark_held_locks+0x100/0x100 [ 2059.501044] ? kasan_check_read+0x11/0x20 [ 2059.505201] ? do_raw_spin_unlock+0x57/0x270 [ 2059.509620] do_wp_page+0x2ed/0x11d0 [ 2059.513341] ? rwlock_bug.part.0+0x90/0x90 [ 2059.517584] ? lock_acquire+0x16f/0x3f0 [ 2059.521594] ? finish_mkwrite_fault+0x540/0x540 [ 2059.526281] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2059.531321] __handle_mm_fault+0x22db/0x3f20 [ 2059.535738] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2059.540589] ? find_held_lock+0x35/0x130 [ 2059.544658] ? handle_mm_fault+0x322/0xb30 [ 2059.548911] ? kasan_check_read+0x11/0x20 [ 2059.553066] handle_mm_fault+0x43f/0xb30 [ 2059.557140] __do_page_fault+0x5da/0xd60 [ 2059.561225] do_page_fault+0x71/0x581 [ 2059.565056] page_fault+0x1e/0x30 [ 2059.568540] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2059.574430] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2059.593343] RSP: 0018:ffff8880911efb30 EFLAGS: 00010206 [ 2059.598720] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2059.605989] RDX: 0000000000001000 RSI: ffff88801010ee00 RDI: 00000000207e1000 [ 2059.613688] RBP: ffff8880911efb68 R08: ffffed1002021e00 R09: 0000000000000000 [ 2059.620976] R10: ffffed1002021dff R11: ffff88801010efff R12: 00000000207e0200 [ 2059.628260] R13: ffff88801010e000 R14: 00000000207e1200 R15: 00007ffffffff000 [ 2059.635589] ? copyout+0xe2/0x100 [ 2059.639055] copy_page_to_iter+0x347/0xd00 [ 2059.643317] pipe_read+0x28a/0x940 [ 2059.646879] __vfs_read+0x610/0x8c0 [ 2059.650517] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2059.655119] ? rw_verify_area+0x118/0x360 [ 2059.659274] vfs_read+0x194/0x3e0 [ 2059.662738] ksys_read+0xea/0x1f0 [ 2059.666217] ? kernel_write+0x120/0x120 [ 2059.670200] ? do_syscall_64+0x26/0x610 [ 2059.674178] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2059.679548] ? do_syscall_64+0x26/0x610 [ 2059.683540] __x64_sys_read+0x73/0xb0 [ 2059.687348] do_syscall_64+0x103/0x610 [ 2059.691248] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2059.696457] RIP: 0033:0x457e39 [ 2059.699663] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2059.718561] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2059.726284] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2059.733560] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000006 [ 2059.740837] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 2059.748112] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 2059.755392] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 2059.968298] memory: usage 307180kB, limit 307200kB, failcnt 3271 [ 2059.974539] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2060.128192] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2060.134429] Memory cgroup stats for /syz5: cache:22928KB rss:260712KB rss_huge:247808KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283856KB inactive_file:0KB active_file:4KB unevictable:0KB [ 2060.498462] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=996,uid=0 [ 2060.597974] Memory cgroup out of memory: Kill process 996 (syz-executor5) score 1149 or sacrifice child [ 2060.611091] Killed process 1011 (syz-executor5) total-vm:72844kB, anon-rss:14252kB, file-rss:35820kB, shmem-rss:0kB [ 2060.636768] oom_reaper: reaped process 1011 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB 16:43:50 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x0, 0x0}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:50 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:50 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x9c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:50 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x12a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:50 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:50 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, 0x0) 16:43:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) 16:43:51 executing program 3: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, 0x0) 16:43:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) 16:43:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2061.616774] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2061.739674] CPU: 0 PID: 1113 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2061.746754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2061.756118] Call Trace: [ 2061.758740] dump_stack+0x172/0x1f0 [ 2061.762405] dump_header+0x10f/0xb6c [ 2061.766140] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2061.771256] ? ___ratelimit+0x60/0x595 [ 2061.775155] ? do_raw_spin_unlock+0x57/0x270 [ 2061.779585] oom_kill_process.cold+0x10/0x6f5 [ 2061.784097] ? task_will_free_mem+0x139/0x6e0 [ 2061.788610] out_of_memory+0x79a/0x1280 [ 2061.792602] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2061.797719] ? oom_killer_disable+0x280/0x280 [ 2061.802223] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2061.807344] mem_cgroup_out_of_memory+0x99/0xe0 [ 2061.812033] ? memcg_memory_event+0x40/0x40 [ 2061.816387] ? _raw_spin_unlock+0x2d/0x50 [ 2061.820548] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2061.825659] try_charge+0xfec/0x1570 [ 2061.829387] ? find_held_lock+0x35/0x130 [ 2061.833478] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2061.838334] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2061.843195] ? find_held_lock+0x35/0x130 [ 2061.847278] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2061.852144] memcg_kmem_charge_memcg+0x7c/0x130 [ 2061.856828] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2061.861341] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2061.866210] memcg_kmem_charge+0x13b/0x340 [ 2061.870464] __alloc_pages_nodemask+0x437/0x710 [ 2061.875150] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2061.880178] ? ___might_sleep+0x163/0x280 [ 2061.884340] ? copyin+0xb5/0x100 [ 2061.887730] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2061.893283] alloc_pages_current+0x107/0x210 [ 2061.897704] pipe_write+0xa65/0xfb0 [ 2061.901348] __vfs_write+0x613/0x8e0 [ 2061.905088] ? kernel_read+0x120/0x120 [ 2061.908988] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2061.914553] ? rw_verify_area+0x118/0x360 [ 2061.918710] vfs_write+0x20c/0x580 [ 2061.922264] ksys_write+0xea/0x1f0 [ 2061.925813] ? __ia32_sys_read+0xb0/0xb0 [ 2061.929891] ? do_syscall_64+0x26/0x610 [ 2061.933876] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2061.939254] ? do_syscall_64+0x26/0x610 [ 2061.943240] __x64_sys_write+0x73/0xb0 [ 2061.947139] do_syscall_64+0x103/0x610 [ 2061.951038] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2061.956227] RIP: 0033:0x457e39 [ 2061.959427] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2061.978341] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2061.986069] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2061.993342] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2062.000623] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2062.007895] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2062.015165] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:43:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2062.668798] memory: usage 306988kB, limit 307200kB, failcnt 3329 [ 2062.675153] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2062.736332] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2062.797925] Memory cgroup stats for /syz5: cache:22928KB rss:260760KB rss_huge:247808KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:283844KB inactive_file:4KB active_file:0KB unevictable:0KB 16:43:52 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x9d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, 0x0) 16:43:52 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) 16:43:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2063.044165] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=1083,uid=0 [ 2063.183398] Memory cgroup out of memory: Kill process 1083 (syz-executor5) score 1133 or sacrifice child [ 2063.328596] Killed process 1083 (syz-executor5) total-vm:72448kB, anon-rss:8336kB, file-rss:35800kB, shmem-rss:0kB 16:43:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:53 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x12b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:53 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) 16:43:54 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:54 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x9e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:55 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:55 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:55 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x12c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:55 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:56 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x9f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:56 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:56 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x12d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:56 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:57 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa0}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:57 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, 0x0, 0x0) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:57 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 16:43:57 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x12e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:43:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) [ 2067.983405] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2068.078410] CPU: 1 PID: 1375 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2068.085474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2068.094841] Call Trace: [ 2068.097431] dump_stack+0x172/0x1f0 [ 2068.101070] dump_header+0x10f/0xb6c [ 2068.104794] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2068.109909] ? ___ratelimit+0x60/0x595 [ 2068.113809] ? do_raw_spin_unlock+0x57/0x270 [ 2068.118236] oom_kill_process.cold+0x10/0x6f5 [ 2068.122759] ? task_will_free_mem+0x139/0x6e0 [ 2068.127273] out_of_memory+0x79a/0x1280 [ 2068.131262] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2068.136390] ? oom_killer_disable+0x280/0x280 [ 2068.140889] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2068.146006] mem_cgroup_out_of_memory+0x99/0xe0 [ 2068.150691] ? memcg_memory_event+0x40/0x40 [ 2068.155020] ? _raw_spin_unlock+0x2d/0x50 [ 2068.159172] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2068.164282] try_charge+0xfec/0x1570 [ 2068.168004] ? find_held_lock+0x35/0x130 [ 2068.172104] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2068.177007] ? kasan_check_read+0x11/0x20 [ 2068.181182] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2068.186036] mem_cgroup_try_charge+0x24d/0x5e0 [ 2068.190633] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2068.195577] wp_page_copy+0x408/0x1740 [ 2068.199502] ? find_held_lock+0x35/0x130 [ 2068.203589] ? pmd_pfn+0x1d0/0x1d0 [ 2068.207139] ? lock_downgrade+0x810/0x810 [ 2068.211289] ? __pte_alloc_kernel+0x220/0x220 [ 2068.215779] ? mark_held_locks+0x100/0x100 [ 2068.220030] ? kasan_check_read+0x11/0x20 [ 2068.224185] ? do_raw_spin_unlock+0x57/0x270 [ 2068.228619] do_wp_page+0x2ed/0x11d0 [ 2068.232344] ? rwlock_bug.part.0+0x90/0x90 [ 2068.236594] ? lock_acquire+0x16f/0x3f0 [ 2068.240576] ? finish_mkwrite_fault+0x540/0x540 [ 2068.245244] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2068.250278] __handle_mm_fault+0x22db/0x3f20 [ 2068.254737] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2068.259576] ? find_held_lock+0x35/0x130 [ 2068.263634] ? handle_mm_fault+0x322/0xb30 [ 2068.267878] ? kasan_check_read+0x11/0x20 [ 2068.272031] handle_mm_fault+0x43f/0xb30 [ 2068.276103] __do_page_fault+0x5da/0xd60 [ 2068.280175] do_page_fault+0x71/0x581 [ 2068.283983] page_fault+0x1e/0x30 [ 2068.287464] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2068.293359] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2068.312304] RSP: 0018:ffff88801d6bfb30 EFLAGS: 00010206 [ 2068.317661] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2068.324928] RDX: 0000000000001000 RSI: ffff88801ce41e00 RDI: 0000000020e61000 [ 2068.332193] RBP: ffff88801d6bfb68 R08: ffffed10039c8400 R09: 0000000000000000 [ 2068.339458] R10: ffffed10039c83ff R11: ffff88801ce41fff R12: 0000000020e60200 [ 2068.346756] R13: ffff88801ce41000 R14: 0000000020e61200 R15: 00007ffffffff000 [ 2068.354057] ? copyout+0xe2/0x100 [ 2068.357515] copy_page_to_iter+0x347/0xd00 [ 2068.361775] pipe_read+0x28a/0x940 [ 2068.365323] __vfs_read+0x610/0x8c0 [ 2068.368950] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2068.373551] ? rw_verify_area+0x118/0x360 [ 2068.377698] vfs_read+0x194/0x3e0 [ 2068.381164] ksys_read+0xea/0x1f0 [ 2068.384615] ? kernel_write+0x120/0x120 [ 2068.388590] ? do_syscall_64+0x26/0x610 [ 2068.392562] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2068.397920] ? do_syscall_64+0x26/0x610 [ 2068.401915] __x64_sys_read+0x73/0xb0 [ 2068.405746] do_syscall_64+0x103/0x610 [ 2068.409630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2068.414816] RIP: 0033:0x457e39 [ 2068.418005] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2068.436899] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2068.444602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2068.451864] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000006 [ 2068.459127] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 2068.466393] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 2068.473657] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff 16:43:58 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa1}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) [ 2069.078699] memory: usage 307104kB, limit 307200kB, failcnt 3372 [ 2069.085391] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2069.128914] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2069.149044] Memory cgroup stats for /syz5: cache:22928KB rss:261280KB rss_huge:249856KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:284376KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2069.248520] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=1354,uid=0 [ 2069.318126] Memory cgroup out of memory: Kill process 1354 (syz-executor5) score 1151 or sacrifice child [ 2069.327896] Killed process 1370 (syz-executor5) total-vm:72844kB, anon-rss:14708kB, file-rss:35812kB, shmem-rss:0kB [ 2069.404028] oom_reaper: reaped process 1370 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 16:43:59 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, 0x0, 0x0) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:43:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="b9be0a00000f3266b816000f00d066b887000f00d00f1a5b71430f01330f01c8440f01df0f20d835200000000f22d88f69e093550b6766410f383f0b", 0x3c}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:59 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x12f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, 0x0) 16:43:59 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa2}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:43:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:43:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, 0x0) 16:43:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="b9be0a00000f3266b816000f00d066b887000f00d00f1a5b71430f01330f01c8440f01df0f20d835200000000f22d88f69e093550b6766410f383f0b", 0x3c}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:43:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:44:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(r0, 0x5423, 0x0) 16:44:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="b9be0a00000f3266b816000f00d066b887000f00d00f1a5b71430f01330f01c8440f01df0f20d835200000000f22d88f69e093550b6766410f383f0b", 0x3c}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:44:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) 16:44:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, 0x0, 0x0) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:01 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x130}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:01 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x365, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) openat$ion(0xffffffffffffff9c, &(0x7f0000001740)='/dev/ion\x00', 0x0, 0x0) gettid() getpeername$unix(0xffffffffffffffff, &(0x7f0000001300), &(0x7f0000001380)=0x6e) syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f00000009c0)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @ib={0x1b, 0x0, 0x9, {"8aa70fe0aa0ede7c09c210101caa3dec"}, 0x1, 0x1af88dd4}, @ib={0x1b, 0xee, 0x0, {"85fd0808d02c405658db20b07f8916da"}, 0x0, 0x3}}}, 0x118) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000003c0)="3b58a920bf133167868ac62068fc4e462d4a07411fd71b0caed0cd834ee0dda2d8c7f84350d0f0417e40a74997367f288a17271e00d8d4b8dda68c21108edb69527a3c370d4e0f54", 0x48) syz_open_dev$vivid(&(0x7f0000000480)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x0, 0x3ef, 0x0, 0x3f00000000000000, 0x0, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f00000002c0)={0x0, @in, [0x5, 0x3, 0x10000, 0x1ff, 0x982, 0x0, 0x0, 0x0, 0x4, 0x100000000, 0x555, 0x100, 0x9, 0x8]}, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local, @empty, @loopback, 0x3}) syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00') ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x15, 0xf, 0x2, "01a40cf6a1511fb408ba75017fac6ee2ac8e65b6225b9c810f5ccbd7d52ad387", 0x6777777d}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x4000000000) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0x0, 0xfff, 0x5, 0x3}) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f00000001c0)=""/170) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000000)) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='gid_map\x00') preadv(r4, 0x0, 0x0, 0x0) 16:44:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)) 16:44:01 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa3}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="b9be0a00000f3266b816000f00d066b887000f00d00f1a5b71430f01330f01c8440f01df0f20d835200000000f22d88f69e093550b6766410f383f0b", 0x3c}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:44:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:01 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000440)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000040)={0x0, 0x0, 0x0, {}, {}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}}) 16:44:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:02 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:02 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x8000009) request_key(&(0x7f00000001c0)='keyring\x00', &(0x7f0000002480)={'syz'}, 0x0, 0xfffffffffffffffe) 16:44:02 executing program 1: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000180)="fc0000001c00071bab092500090007000aab08330200000000004c93210001c000000000000000000000740000039815fa2c1ec28656aaa79bb94b06fe000000bc00020000036c6c256f1a2fdfff7f512fd633d456c3109c1a7466f4d07302ade01720d3d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70cec18444ef92e4721ee78f0e392a8815ef8b29d3ef3d92c83170e5bba4a4646e4f5566f91cf190201dee515b2ccd243f295ed94e0ad91bd0734babc7cebcce963d43dd16b17e583df150c3b880f411f46a60467b4df7155870258a103f9c780ac801fe4af3d0041f0d4215a6b2b8f6f0000080548deac270e33429fd311017500", 0xfc) [ 2072.710553] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2072.828314] CPU: 0 PID: 1589 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2072.835405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2072.844758] Call Trace: [ 2072.847357] dump_stack+0x172/0x1f0 [ 2072.851013] dump_header+0x10f/0xb6c [ 2072.854739] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2072.859852] ? ___ratelimit+0x60/0x595 [ 2072.863751] ? do_raw_spin_unlock+0x57/0x270 [ 2072.868177] oom_kill_process.cold+0x10/0x6f5 [ 2072.872685] ? task_will_free_mem+0x139/0x6e0 [ 2072.877195] out_of_memory+0x79a/0x1280 [ 2072.881182] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2072.886299] ? oom_killer_disable+0x280/0x280 [ 2072.890801] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2072.895922] mem_cgroup_out_of_memory+0x99/0xe0 [ 2072.900602] ? memcg_memory_event+0x40/0x40 [ 2072.904939] ? _raw_spin_unlock+0x2d/0x50 [ 2072.909095] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2072.914207] try_charge+0xfec/0x1570 [ 2072.917928] ? find_held_lock+0x35/0x130 [ 2072.922008] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2072.926863] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2072.931715] ? find_held_lock+0x35/0x130 [ 2072.935786] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2072.940649] memcg_kmem_charge_memcg+0x7c/0x130 [ 2072.945328] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2072.949840] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2072.954697] memcg_kmem_charge+0x13b/0x340 [ 2072.958945] __alloc_pages_nodemask+0x437/0x710 [ 2072.963626] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2072.968652] ? ___might_sleep+0x163/0x280 [ 2072.972809] ? copyin+0xb5/0x100 [ 2072.976224] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2072.981772] alloc_pages_current+0x107/0x210 [ 2072.986188] pipe_write+0xa65/0xfb0 [ 2072.989836] __vfs_write+0x613/0x8e0 [ 2072.993560] ? kernel_read+0x120/0x120 [ 2072.997465] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2073.003031] ? rw_verify_area+0x118/0x360 [ 2073.007203] vfs_write+0x20c/0x580 [ 2073.010773] ksys_write+0xea/0x1f0 [ 2073.014330] ? __ia32_sys_read+0xb0/0xb0 [ 2073.018413] ? do_syscall_64+0x26/0x610 [ 2073.022405] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2073.027780] ? do_syscall_64+0x26/0x610 [ 2073.031770] __x64_sys_write+0x73/0xb0 [ 2073.035668] do_syscall_64+0x103/0x610 [ 2073.039571] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2073.044767] RIP: 0033:0x457e39 [ 2073.047975] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2073.066880] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2073.074594] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2073.081872] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2073.089148] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2073.096415] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2073.103690] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2073.252217] memory: usage 307136kB, limit 307200kB, failcnt 3468 [ 2073.305522] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 16:44:03 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x131}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:03 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendto(r1, &(0x7f00005c8f58), 0xeffdffff, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 16:44:03 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mlockall(0x8000000000000001) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000640)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10010174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd64049a3ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef30dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c888c9ff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0x4400ae8f, &(0x7f0000000000)) [ 2073.369382] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2073.472227] Memory cgroup stats for /syz5: cache:22928KB rss:261224KB rss_huge:249856KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:112KB active_anon:284292KB inactive_file:0KB active_file:4KB unevictable:0KB 16:44:03 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa4}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$IPVS_CMD_ZERO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x84}, 0x4008000) [ 2073.623162] audit: type=1400 audit(1549471443.544:157): avc: denied { write } for pid=1629 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 16:44:03 executing program 0: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000080), 0x0) sigaltstack(&(0x7f0000ffd000/0x1000)=nil, 0x0) io_setup(0x0, 0x0) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) fstat(r0, &(0x7f0000000100)) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) clone(0x20000, &(0x7f0000000ac0), 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000046c0)={0x77359400}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000004840)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f00000006c0)=""/60) ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') setitimer(0x1, &(0x7f00000000c0)={{}, {0x0, 0x2710}}, 0x0) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000480)={@local, r2}, 0x14) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, &(0x7f0000000800)) pipe(&(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) write(r4, &(0x7f00000001c0), 0xfffffef3) write$binfmt_elf64(r1, &(0x7f0000000840)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x1, 0x9, 0x1, 0x4, 0x3, 0x3, 0x101, 0x2e2, 0x40, 0x35d, 0x1000, 0x101, 0x38, 0x1, 0x0, 0x80000001, 0xf1}, [{0x5, 0xb2f, 0x80000001, 0x10000, 0x4, 0x3, 0x2, 0x80000001}], "2d0ffe9e42bfbe1cd120b4f66b4e57d8eb10b0e2a305dc", [[], [], [], [], []]}, 0x58f) read(r3, &(0x7f0000000200)=""/250, 0x50c7e5e2) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') sendfile(r1, r5, &(0x7f0000000000), 0x7ffffffd) [ 2073.688991] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=28348,uid=0 [ 2073.850893] Memory cgroup out of memory: Kill process 28348 (syz-executor5) score 1133 or sacrifice child [ 2073.909605] Killed process 28348 (syz-executor5) total-vm:72580kB, anon-rss:8304kB, file-rss:35816kB, shmem-rss:0kB 16:44:04 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa5}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:04 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:04 executing program 3: socket(0x0, 0x0, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x0, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$tun(r1, &(0x7f0000000200)={@val={0x0, 0x6558}, @val={0x2, 0x1, 0x800, 0x2, 0x0, 0x10000}, @ipv4={{0x5, 0x4, 0x44, 0x3, 0x1c, 0x67, 0x8, 0x1, 0x3d, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, @icmp}}, 0x2a) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffff7) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) read(r0, 0x0, 0x0) 16:44:05 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x132}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:05 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)={0x14, 0x0, 0xe, 0x11}, 0x14}}, 0x0) 16:44:05 executing program 3: bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 16:44:05 executing program 1: r0 = socket$packet(0x11, 0x40800000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000002180)=0x100, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendto$inet6(r0, &(0x7f00000000c0)="030462000300600000000000fff55b4202938207d9fb3780398d5375000000007929301ee616d5c01843e06590080053c0e385472da7222a2bb401000000c3b50035110f118d0000f55dc62600009b000000faffffff00000000aeb46245004bad2a66c9c1cfdf56fc88046a", 0x6c, 0x0, 0x0, 0x0) 16:44:05 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000440)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGPHYS(r0, 0x80404507, 0x0) 16:44:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa6}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:05 executing program 0: sigaltstack(&(0x7f0000ffb000/0x2000)=nil, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') socketpair(0x10, 0x0, 0xf5, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$trusted_overlay_opaque(r0, 0x0, &(0x7f00000000c0)='y\x00', 0x2, 0x0) clone(0x210003fb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sched_setscheduler(0x0, 0x5, &(0x7f0000000600)) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x2000000000000101, &(0x7f0000000000)=@framed={{}, [@generic]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) 16:44:05 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 16:44:05 executing program 0: sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xffffffffffffff6e, 0x0, 0xff94, &(0x7f0000000400), 0x137}, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'netdevsim0\x00', 0x240000000000021}) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='ns\x00\"\x98\x05\x13\fC\xd1\xbb\xcc\x0e\xbcV\x9c?\xc4!\xfc\x87o\xc1j\x1a\xc1\xe0\xeb\x06\xb2I\xbf$\xd9{\xb2\xfb\x88\xe3\x8e\xac\xce\xd48Bm\xad\x8bg9\xc5 OB\x9a_\xda\x9e^\x12,\x9e\x9eY\xf7\xaeZ\x14\ff/\xc7\x9f\xdb\x991\xb2w\xcc\xd1f\xfb|\xee\xcb\x92)EpD\xe0P!.\x99\xad\x8c\xee\xebn*h\xf0o\xeb\x89M\x82<\xdek3m\x98Y\xb8\xb1L\xaam\xab\xac\x8d\"\xd8U_R\xd0\xc1\xfe\x01\x01t\xb4Z\x82\xee\xe9&\xbf\xe6\x15\xcb\xefH\xec}\xa8\xbc\xcb\x15PT\xc3i\xaa\xa20xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080)='ip6tnl0\x00') getpgid(0xffffffffffffffff) 16:44:05 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000008c0)) syz_open_procfs(0x0, &(0x7f0000000000)='net/sockstat\x00') [ 2075.714221] audit: type=1326 audit(1549471445.634:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=1708 comm="syz-executor1" exe="/root/syz-executor1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45ac9a code=0x0 16:44:05 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x10000, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000180)=0x1, 0x4) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000002c0)={0x0, 0x5, 0x1, {0x1, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd]}}}) gettid() ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f00000001c0)={0x200, 0x8, 0x1000}) ioctl$VIDIOC_STREAMOFF(r1, 0xc0205647, &(0x7f0000000100)) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:event_device_t:s0\x00', 0x24, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) userfaultfd(0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000b00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000340)=""/175) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, 0x0) perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000004c0)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00\"\x00'}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)) rt_sigtimedwait(&(0x7f0000000400), &(0x7f0000000500), &(0x7f0000000480), 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xa40, 0x0) mq_unlink(&(0x7f00000005c0)='bctf0\x00\x00\x00\x00\x00\x00\"\x00') openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) finit_module(r3, &(0x7f0000000740)='nodevkeyringsecurity\x00', 0x1) 16:44:06 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x133}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:06 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) write$eventfd(r1, &(0x7f0000000100), 0xfffffffffffffefd) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000040)) fdatasync(r1) syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'hsr0\x00'}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000200)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000340)) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f00000003c0)) getsockname$packet(r1, &(0x7f0000000800), &(0x7f0000000840)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000008c0)={{{@in6, @in=@loopback}}, {{@in=@loopback}, 0x0, @in=@empty}}, &(0x7f00000009c0)=0xe8) getsockname$packet(r1, 0x0, &(0x7f0000000a40)) getsockname$packet(r1, &(0x7f0000000ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000b40)={'irlan0\x00'}) getsockname(r1, &(0x7f0000000bc0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000c40)=0x80) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000c80)={{{@in=@broadcast, @in=@remote}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000d80)=0xe8) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000f00)={0x0, @rand_addr, @broadcast}, &(0x7f0000000f40)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000fc0)={{{@in6=@dev}}, {{@in6=@loopback}, 0x0, @in6=@dev}}, &(0x7f00000010c0)=0xe8) getpeername$packet(0xffffffffffffffff, 0x0, &(0x7f0000001140)) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001880)={{{@in=@initdev, @in=@remote}}, {{@in=@local}, 0x0, @in=@remote}}, &(0x7f0000001980)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001a40)={'yam0\x00'}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001b40)={{{@in6, @in6=@remote}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001e80)={'bridge_slave_1\x00'}) accept4$packet(r1, &(0x7f0000001f80), &(0x7f0000001fc0)=0x14, 0x80800) getpeername$packet(r1, &(0x7f0000002000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002040)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000021c0)={'ipddp0\x00'}) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000002200), &(0x7f0000002240)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000022c0)={{{@in6=@loopback, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in6=@initdev}}, &(0x7f00000023c0)=0xe8) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000002400)={0x0, @multicast2, @initdev}, &(0x7f0000002440)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, &(0x7f00000028c0)) getpeername$packet(0xffffffffffffffff, &(0x7f0000002900)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000002940)=0x14) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000002c00)={{{@in6=@ipv4={[], [], @empty}, @in6=@dev}}, {{@in6=@empty}, 0x0, @in6=@remote}}, &(0x7f0000002d00)=0xe8) getsockname$packet(r1, &(0x7f0000002ec0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000002f00)=0x14) 16:44:06 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa7}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:06 executing program 3: openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) syz_genetlink_get_family_id$ipvs(0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000800)=""/115) 16:44:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:06 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0xffffffe3, &(0x7f0000000940)=0x40008000009) openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x0, 0x0) gettid() openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) getsockname(0xffffffffffffffff, 0x0, &(0x7f0000000840)) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) openat$selinux_avc_hash_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_PUBL_GET(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 2076.499204] audit: type=1326 audit(1549471446.424:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=1708 comm="syz-executor1" exe="/root/syz-executor1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45ac9a code=0x0 16:44:06 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000001800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) lchown(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) 16:44:06 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={r0, 0xffffffffffffffff, 0x4, 0x1}, 0x10) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) recvmsg(0xffffffffffffffff, 0x0, 0x12002) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r2) socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1132}) r4 = openat$cgroup_ro(r0, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x0, 0x0) write$cgroup_int(r3, &(0x7f0000000000), 0x17b) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, 0x0) r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xa2a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_subtree(r5, &(0x7f0000000080)={[{0x0, 'pids'}, {0x2b, 'memory'}, {0x2b, 'pids'}, {0x2d, 'cpu'}, {0x2d, 'rdma'}]}, 0x1f) 16:44:06 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa8}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:07 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x134}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:07 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x10000, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000180)=0x1, 0x4) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000002c0)={0x0, 0x5, 0x1, {0x1, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd]}}}) gettid() ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f00000001c0)={0x200, 0x8, 0x1000}) ioctl$VIDIOC_STREAMOFF(r1, 0xc0205647, &(0x7f0000000100)) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:event_device_t:s0\x00', 0x24, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) userfaultfd(0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000b00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f0000000340)=""/175) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, 0x0) perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000004c0)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00\"\x00'}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)) rt_sigtimedwait(&(0x7f0000000400), &(0x7f0000000500), &(0x7f0000000480), 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xa40, 0x0) mq_unlink(&(0x7f00000005c0)='bctf0\x00\x00\x00\x00\x00\x00\"\x00') openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) finit_module(r3, &(0x7f0000000740)='nodevkeyringsecurity\x00', 0x1) 16:44:07 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:07 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:07 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:07 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x135}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:07 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xa9}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:07 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:44:08 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2078.259885] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2078.342338] CPU: 1 PID: 1823 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2078.349409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2078.358761] Call Trace: [ 2078.361361] dump_stack+0x172/0x1f0 [ 2078.365017] dump_header+0x10f/0xb6c [ 2078.368742] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2078.373851] ? ___ratelimit+0x60/0x595 [ 2078.377750] ? do_raw_spin_unlock+0x57/0x270 [ 2078.382168] oom_kill_process.cold+0x10/0x6f5 [ 2078.386672] ? task_will_free_mem+0x139/0x6e0 [ 2078.391189] out_of_memory+0x79a/0x1280 [ 2078.395175] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2078.400289] ? oom_killer_disable+0x280/0x280 [ 2078.404788] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2078.409905] mem_cgroup_out_of_memory+0x99/0xe0 [ 2078.414582] ? memcg_memory_event+0x40/0x40 [ 2078.418916] ? _raw_spin_unlock+0x2d/0x50 [ 2078.423064] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2078.428198] try_charge+0xfec/0x1570 [ 2078.431929] ? find_held_lock+0x35/0x130 [ 2078.436007] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2078.440862] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2078.445710] ? find_held_lock+0x35/0x130 [ 2078.449782] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2078.454644] memcg_kmem_charge_memcg+0x7c/0x130 [ 2078.459325] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2078.463857] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2078.463876] memcg_kmem_charge+0x13b/0x340 [ 2078.463912] __alloc_pages_nodemask+0x437/0x710 [ 2078.477657] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2078.477680] ? copyin+0xb5/0x100 [ 2078.477698] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2078.477722] alloc_pages_current+0x107/0x210 [ 2078.496014] pipe_write+0xa65/0xfb0 [ 2078.499662] __vfs_write+0x613/0x8e0 [ 2078.503404] ? kernel_read+0x120/0x120 [ 2078.507300] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2078.512861] ? rw_verify_area+0x118/0x360 [ 2078.517023] vfs_write+0x20c/0x580 [ 2078.520574] ksys_write+0xea/0x1f0 [ 2078.524119] ? __ia32_sys_read+0xb0/0xb0 [ 2078.528193] ? do_syscall_64+0x26/0x610 [ 2078.532178] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2078.537573] ? do_syscall_64+0x26/0x610 [ 2078.541562] __x64_sys_write+0x73/0xb0 [ 2078.545460] do_syscall_64+0x103/0x610 [ 2078.549355] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2078.554554] RIP: 0033:0x457e39 [ 2078.557768] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2078.576670] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2078.584391] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 16:44:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xaa}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2078.591663] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2078.591673] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2078.591682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2078.591692] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2078.730263] memory: usage 307196kB, limit 307200kB, failcnt 3579 [ 2078.748643] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2078.768394] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2078.785981] Memory cgroup stats for /syz5: cache:22928KB rss:261252KB rss_huge:249856KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:148KB active_anon:284320KB inactive_file:0KB active_file:4KB unevictable:0KB [ 2078.843403] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=1797,uid=0 [ 2078.859105] device nr0 entered promiscuous mode [ 2078.863919] Memory cgroup out of memory: Kill process 1797 (syz-executor5) score 1160 or sacrifice child [ 2078.874837] Killed process 1797 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35816kB, shmem-rss:0kB [ 2078.903353] oom_reaper: reaped process 1797 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB [ 2078.923666] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2078.947901] CPU: 0 PID: 1821 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2078.954921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2078.964264] Call Trace: [ 2078.966855] dump_stack+0x172/0x1f0 [ 2078.970497] dump_header+0x10f/0xb6c [ 2078.974214] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2078.979319] ? ___ratelimit+0x60/0x595 [ 2078.983231] ? do_raw_spin_unlock+0x57/0x270 [ 2078.987643] oom_kill_process.cold+0x10/0x6f5 [ 2078.992143] ? task_will_free_mem+0x139/0x6e0 [ 2078.996648] out_of_memory+0x79a/0x1280 [ 2079.000629] ? oom_killer_disable+0x280/0x280 [ 2079.005126] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2079.010238] mem_cgroup_out_of_memory+0x99/0xe0 [ 2079.014922] ? memcg_memory_event+0x40/0x40 [ 2079.019261] ? _raw_spin_unlock+0x2d/0x50 [ 2079.023434] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2079.028539] try_charge+0xb4a/0x1570 [ 2079.032249] ? find_held_lock+0x35/0x130 [ 2079.036312] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2079.041161] ? kasan_check_read+0x11/0x20 [ 2079.045312] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2079.050156] mem_cgroup_try_charge+0x24d/0x5e0 [ 2079.054744] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2079.059677] __handle_mm_fault+0x1e26/0x3f20 [ 2079.064087] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2079.068929] ? find_held_lock+0x35/0x130 [ 2079.072992] ? handle_mm_fault+0x322/0xb30 [ 2079.077240] ? kasan_check_read+0x11/0x20 [ 2079.081399] handle_mm_fault+0x43f/0xb30 [ 2079.085474] __do_page_fault+0x5da/0xd60 [ 2079.089544] do_page_fault+0x71/0x581 [ 2079.093342] ? page_fault+0x8/0x30 [ 2079.096886] page_fault+0x1e/0x30 [ 2079.100335] RIP: 0033:0x40f99f [ 2079.103525] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2079.122509] RSP: 002b:00007ffdbd4bad70 EFLAGS: 00010206 [ 2079.127866] RAX: 00007fb6e8193000 RBX: 0000000000020000 RCX: 0000000000457e8a [ 2079.135128] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2079.142395] RBP: 00007ffdbd4bae50 R08: ffffffffffffffff R09: 0000000000000000 [ 2079.149659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdbd4baf30 [ 2079.156920] R13: 00007fb6e81b3700 R14: 0000000000000004 R15: 000000000073c04c [ 2079.168531] memory: usage 291476kB, limit 307200kB, failcnt 3579 [ 2079.174695] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2079.194205] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2079.203656] Memory cgroup stats for /syz5: cache:22928KB rss:246576KB rss_huge:233472KB shmem:22920KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:269528KB inactive_file:0KB active_file:4KB unevictable:0KB [ 2079.228456] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=29451,uid=0 [ 2079.273925] Memory cgroup out of memory: Kill process 29451 (syz-executor5) score 1133 or sacrifice child [ 2079.304875] Killed process 29451 (syz-executor5) total-vm:72580kB, anon-rss:8304kB, file-rss:35812kB, shmem-rss:0kB [ 2079.339512] oom_reaper: reaped process 29451 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 16:44:09 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f00)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0008000880080000000000"], 0x1}}, 0x0) 16:44:09 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x136}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:09 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:09 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xab}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:44:09 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) renameat2(r1, &(0x7f00000003c0)='./file0\x00', r1, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) 16:44:09 executing program 0: ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, &(0x7f0000000800)={0x0, {{0xa, 0x0, 0xc15c, @remote}}}, 0x88) pipe2(&(0x7f00000003c0), 0x800) prlimit64(0x0, 0x0, &(0x7f00000001c0), 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) clone(0x10002102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000005c0)={0xd}) 16:44:09 executing program 1: r0 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x10000, 0x0) setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000002c0)={0x0, 0x5, 0x1, {0x1, @sliced={0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd]}}}) ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f00000001c0)={0x200, 0x0, 0x1000}) ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0xc0205647, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) userfaultfd(0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000b00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$EVIOCGNAME(r4, 0x80404506, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback}) perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f00000004c0)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00\"\x00'}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x10, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xa40, 0x0) syz_open_dev$vcsn(0x0, 0x6, 0x0) mq_unlink(&(0x7f00000005c0)='bctf0\x00\x00\x00\x00\x00\x00\"\x00') openat$nullb(0xffffffffffffff9c, 0x0, 0x802, 0x0) finit_module(r3, &(0x7f0000000740)='nodevkeyringsecurity\x00', 0x1) 16:44:09 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:09 executing program 0: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x4000, 0x0) [ 2079.844165] EXT4-fs warning (device sda1): verify_group_input:104: Cannot add at group 13 (only 16 groups) [ 2079.868212] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2079.918200] CPU: 0 PID: 1860 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2079.925238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2079.934582] Call Trace: [ 2079.937175] dump_stack+0x172/0x1f0 [ 2079.940811] dump_header+0x10f/0xb6c [ 2079.944523] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2079.949629] ? ___ratelimit+0x60/0x595 [ 2079.953514] ? do_raw_spin_unlock+0x57/0x270 [ 2079.957932] oom_kill_process.cold+0x10/0x6f5 [ 2079.962436] ? task_will_free_mem+0x139/0x6e0 [ 2079.966943] out_of_memory+0x79a/0x1280 [ 2079.970921] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2079.976028] ? oom_killer_disable+0x280/0x280 [ 2079.980525] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2079.985644] mem_cgroup_out_of_memory+0x99/0xe0 [ 2079.990314] ? memcg_memory_event+0x40/0x40 [ 2079.994642] ? _raw_spin_unlock+0x2d/0x50 [ 2079.998787] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2080.003891] try_charge+0xfec/0x1570 [ 2080.007603] ? find_held_lock+0x35/0x130 [ 2080.011667] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2080.016512] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2080.021355] ? find_held_lock+0x35/0x130 [ 2080.025426] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2080.030288] memcg_kmem_charge_memcg+0x7c/0x130 [ 2080.034954] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2080.039458] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2080.044312] memcg_kmem_charge+0x13b/0x340 [ 2080.048549] __alloc_pages_nodemask+0x437/0x710 [ 2080.053237] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2080.058254] ? ___might_sleep+0x163/0x280 [ 2080.062411] ? copyin+0xb5/0x100 [ 2080.065777] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2080.071321] alloc_pages_current+0x107/0x210 [ 2080.075763] pipe_write+0xa65/0xfb0 [ 2080.079410] __vfs_write+0x613/0x8e0 [ 2080.083128] ? kernel_read+0x120/0x120 [ 2080.087022] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2080.092575] ? rw_verify_area+0x118/0x360 [ 2080.096725] vfs_write+0x20c/0x580 [ 2080.100285] ksys_write+0xea/0x1f0 [ 2080.103851] ? __ia32_sys_read+0xb0/0xb0 [ 2080.107913] ? do_syscall_64+0x26/0x610 [ 2080.111912] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2080.117304] ? do_syscall_64+0x26/0x610 [ 2080.121281] __x64_sys_write+0x73/0xb0 [ 2080.125174] do_syscall_64+0x103/0x610 [ 2080.129080] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2080.134266] RIP: 0033:0x457e39 [ 2080.137455] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2080.156392] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2080.164097] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2080.171364] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2080.178635] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2080.185900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2080.193164] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:44:10 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:10 executing program 0: openat$vfio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vfio/vfio\x00', 0x0, 0x0) 16:44:10 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000fffffffe) [ 2080.328647] memory: usage 307200kB, limit 307200kB, failcnt 3636 [ 2080.334850] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2080.358308] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2080.366907] Memory cgroup stats for /syz5: cache:23060KB rss:261352KB rss_huge:241664KB shmem:23052KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:148KB active_anon:284396KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2080.390760] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=1824,uid=0 [ 2080.471087] Memory cgroup out of memory: Kill process 1824 (syz-executor5) score 1160 or sacrifice child [ 2080.498336] Killed process 1824 (syz-executor5) total-vm:72712kB, anon-rss:16504kB, file-rss:35832kB, shmem-rss:40kB 16:44:10 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x137}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:10 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendto(r1, &(0x7f00005c8f58), 0xeffdffff, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 16:44:10 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000fffffffe) 16:44:10 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:44:10 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xac}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:10 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000fffffffe) 16:44:11 executing program 1: 16:44:11 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:11 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xad}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:11 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x138}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:11 executing program 1: 16:44:11 executing program 1: 16:44:11 executing program 0: 16:44:11 executing program 1: 16:44:11 executing program 0: 16:44:11 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, 0x0) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:11 executing program 1: 16:44:11 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:11 executing program 0: 16:44:11 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, 0x0) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:12 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xae}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:12 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x139}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:12 executing program 1: 16:44:12 executing program 0: 16:44:12 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:12 executing program 1: 16:44:12 executing program 0: 16:44:12 executing program 1: 16:44:12 executing program 0: 16:44:12 executing program 1: 16:44:12 executing program 0: 16:44:12 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, 0x0) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:13 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xaf}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:13 executing program 1: 16:44:13 executing program 0: 16:44:13 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x13a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:13 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:13 executing program 1: 16:44:13 executing program 0: 16:44:13 executing program 0: 16:44:13 executing program 1: 16:44:13 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:13 executing program 1: 16:44:13 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:13 executing program 0: 16:44:13 executing program 1: 16:44:13 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:13 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb0}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:13 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x13b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:13 executing program 0: 16:44:13 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:13 executing program 1: 16:44:14 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x200004) sendfile(0xffffffffffffffff, r0, 0x0, 0x8000fffffffe) 16:44:14 executing program 0: 16:44:14 executing program 1: 16:44:14 executing program 0: 16:44:14 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x200004) sendfile(0xffffffffffffffff, r0, 0x0, 0x8000fffffffe) 16:44:14 executing program 1: 16:44:14 executing program 0: [ 2084.466656] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2084.485192] CPU: 1 PID: 2046 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2084.492238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2084.501590] Call Trace: [ 2084.504189] dump_stack+0x172/0x1f0 [ 2084.507829] dump_header+0x10f/0xb6c [ 2084.511548] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2084.516649] ? ___ratelimit+0x60/0x595 [ 2084.520543] ? do_raw_spin_unlock+0x57/0x270 [ 2084.524955] oom_kill_process.cold+0x10/0x6f5 [ 2084.529457] ? task_will_free_mem+0x139/0x6e0 [ 2084.533957] out_of_memory+0x79a/0x1280 [ 2084.537940] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2084.543053] ? oom_killer_disable+0x280/0x280 [ 2084.547545] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2084.552654] mem_cgroup_out_of_memory+0x99/0xe0 [ 2084.557325] ? memcg_memory_event+0x40/0x40 [ 2084.561655] ? _raw_spin_unlock+0x2d/0x50 [ 2084.565799] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2084.570903] try_charge+0xfec/0x1570 [ 2084.574610] ? find_held_lock+0x35/0x130 [ 2084.578676] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2084.583521] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2084.588359] ? find_held_lock+0x35/0x130 [ 2084.592452] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2084.597303] memcg_kmem_charge_memcg+0x7c/0x130 [ 2084.601978] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2084.606479] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2084.611325] memcg_kmem_charge+0x13b/0x340 [ 2084.615564] __alloc_pages_nodemask+0x437/0x710 [ 2084.620252] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2084.625270] ? ___might_sleep+0x163/0x280 [ 2084.629467] ? copyin+0xb5/0x100 [ 2084.632849] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2084.638443] alloc_pages_current+0x107/0x210 [ 2084.642855] pipe_write+0xa65/0xfb0 [ 2084.646490] __vfs_write+0x613/0x8e0 [ 2084.650204] ? kernel_read+0x120/0x120 [ 2084.654083] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2084.659643] ? rw_verify_area+0x118/0x360 [ 2084.663789] vfs_write+0x20c/0x580 [ 2084.667365] ksys_write+0xea/0x1f0 [ 2084.670930] ? __ia32_sys_read+0xb0/0xb0 [ 2084.674994] ? do_syscall_64+0x26/0x610 [ 2084.678965] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2084.684332] ? do_syscall_64+0x26/0x610 [ 2084.688305] __x64_sys_write+0x73/0xb0 [ 2084.692188] do_syscall_64+0x103/0x610 [ 2084.696080] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2084.701267] RIP: 0033:0x457e39 [ 2084.704522] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2084.723419] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2084.731135] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2084.738411] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2084.746148] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2084.753420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2084.760689] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:44:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb1}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2084.788276] memory: usage 307200kB, limit 307200kB, failcnt 3684 [ 2084.808504] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2084.825602] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2084.838152] Memory cgroup stats for /syz5: cache:23060KB rss:260884KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:284004KB inactive_file:8KB active_file:4KB unevictable:0KB [ 2084.867877] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2040,uid=0 [ 2084.888494] Memory cgroup out of memory: Kill process 2040 (syz-executor5) score 1143 or sacrifice child [ 2084.903325] Killed process 2040 (syz-executor5) total-vm:72712kB, anon-rss:12140kB, file-rss:34880kB, shmem-rss:0kB [ 2084.923754] oom_reaper: reaped process 2040 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 16:44:14 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x13c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:14 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x200004) sendfile(0xffffffffffffffff, r0, 0x0, 0x8000fffffffe) 16:44:14 executing program 1: 16:44:14 executing program 0: 16:44:14 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:15 executing program 1: 16:44:15 executing program 0: 16:44:15 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:15 executing program 1: 16:44:15 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb2}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:15 executing program 0: 16:44:15 executing program 1: [ 2085.416222] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2085.426839] CPU: 0 PID: 2084 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2085.433871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2085.443222] Call Trace: [ 2085.445820] dump_stack+0x172/0x1f0 [ 2085.449478] dump_header+0x10f/0xb6c [ 2085.453213] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2085.458333] ? ___ratelimit+0x60/0x595 [ 2085.462222] ? do_raw_spin_unlock+0x57/0x270 [ 2085.466635] oom_kill_process.cold+0x10/0x6f5 [ 2085.471140] ? task_will_free_mem+0x139/0x6e0 [ 2085.475644] out_of_memory+0x79a/0x1280 [ 2085.479626] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2085.484733] ? oom_killer_disable+0x280/0x280 [ 2085.489230] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2085.494342] mem_cgroup_out_of_memory+0x99/0xe0 [ 2085.499010] ? memcg_memory_event+0x40/0x40 [ 2085.503338] ? _raw_spin_unlock+0x2d/0x50 [ 2085.507492] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2085.512598] try_charge+0xfec/0x1570 [ 2085.516309] ? find_held_lock+0x35/0x130 [ 2085.520386] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2085.525235] ? kasan_check_read+0x11/0x20 [ 2085.529400] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2085.534245] mem_cgroup_try_charge+0x24d/0x5e0 [ 2085.538836] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2085.543771] wp_page_copy+0x408/0x1740 [ 2085.547660] ? find_held_lock+0x35/0x130 [ 2085.551728] ? pmd_pfn+0x1d0/0x1d0 [ 2085.555267] ? lock_downgrade+0x810/0x810 [ 2085.559417] ? __pte_alloc_kernel+0x220/0x220 [ 2085.563917] ? kasan_check_read+0x11/0x20 [ 2085.568064] ? do_raw_spin_unlock+0x57/0x270 [ 2085.572480] do_wp_page+0x2ed/0x11d0 [ 2085.576197] ? rwlock_bug.part.0+0x90/0x90 [ 2085.580434] ? lock_acquire+0x16f/0x3f0 [ 2085.584417] ? finish_mkwrite_fault+0x540/0x540 [ 2085.589083] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2085.594110] __handle_mm_fault+0x22db/0x3f20 [ 2085.598525] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2085.603365] ? find_held_lock+0x35/0x130 [ 2085.607436] ? handle_mm_fault+0x322/0xb30 [ 2085.612074] ? kasan_check_read+0x11/0x20 [ 2085.616228] handle_mm_fault+0x43f/0xb30 [ 2085.620297] __do_page_fault+0x5da/0xd60 [ 2085.624370] do_page_fault+0x71/0x581 [ 2085.628182] page_fault+0x1e/0x30 [ 2085.631639] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2085.637520] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2085.656425] RSP: 0018:ffff88801bcbfb30 EFLAGS: 00010206 [ 2085.661787] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2085.669050] RDX: 0000000000001000 RSI: ffff888050643e00 RDI: 00000000205d1000 [ 2085.676320] RBP: ffff88801bcbfb68 R08: ffffed100a0c8800 R09: 0000000000000000 [ 2085.683586] R10: ffffed100a0c87ff R11: ffff888050643fff R12: 00000000205d0200 [ 2085.690851] R13: ffff888050643000 R14: 00000000205d1200 R15: 00007ffffffff000 [ 2085.698153] ? copyout+0xe2/0x100 [ 2085.701615] copy_page_to_iter+0x347/0xd00 [ 2085.705864] pipe_read+0x28a/0x940 [ 2085.709427] __vfs_read+0x610/0x8c0 [ 2085.713060] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2085.717660] ? rw_verify_area+0x118/0x360 [ 2085.721813] vfs_read+0x194/0x3e0 [ 2085.725270] ksys_read+0xea/0x1f0 [ 2085.728729] ? kernel_write+0x120/0x120 [ 2085.732711] ? do_syscall_64+0x26/0x610 [ 2085.736690] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2085.742053] ? do_syscall_64+0x26/0x610 [ 2085.746035] __x64_sys_read+0x73/0xb0 [ 2085.749841] do_syscall_64+0x103/0x610 [ 2085.753734] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2085.758924] RIP: 0033:0x457e39 [ 2085.762115] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2085.781024] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2085.788735] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2085.796007] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000006 [ 2085.803273] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 2085.810564] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 2085.817846] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 2085.863004] memory: usage 307104kB, limit 307200kB, failcnt 3756 [ 2085.886239] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2085.907242] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 16:44:15 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x13d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:15 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:15 executing program 1: 16:44:15 executing program 0: [ 2085.948344] Memory cgroup stats for /syz5: cache:23060KB rss:260804KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283884KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2086.013060] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2069,uid=0 [ 2086.042330] Memory cgroup out of memory: Kill process 2069 (syz-executor5) score 1143 or sacrifice child 16:44:16 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:16 executing program 0: 16:44:16 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0) 16:44:16 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2086.075962] Killed process 2079 (syz-executor5) total-vm:72844kB, anon-rss:12208kB, file-rss:35824kB, shmem-rss:0kB [ 2086.092652] oom_reaper: reaped process 2079 (syz-executor5), now anon-rss:0kB, file-rss:34864kB, shmem-rss:40kB 16:44:16 executing program 0: [ 2086.401180] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2086.413055] CPU: 1 PID: 2126 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2086.420082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2086.429438] Call Trace: [ 2086.432036] dump_stack+0x172/0x1f0 [ 2086.435675] dump_header+0x10f/0xb6c [ 2086.439400] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2086.444510] ? ___ratelimit+0x60/0x595 [ 2086.448423] ? do_raw_spin_unlock+0x57/0x270 [ 2086.452863] oom_kill_process.cold+0x10/0x6f5 [ 2086.457373] ? task_will_free_mem+0x139/0x6e0 [ 2086.461891] out_of_memory+0x79a/0x1280 [ 2086.465871] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2086.470982] ? oom_killer_disable+0x280/0x280 [ 2086.475483] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2086.480599] mem_cgroup_out_of_memory+0x99/0xe0 [ 2086.485271] ? memcg_memory_event+0x40/0x40 [ 2086.489607] ? _raw_spin_unlock+0x2d/0x50 [ 2086.493756] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2086.498863] try_charge+0xfec/0x1570 [ 2086.502577] ? find_held_lock+0x35/0x130 [ 2086.506646] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2086.511494] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2086.516340] ? find_held_lock+0x35/0x130 [ 2086.520407] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2086.525270] memcg_kmem_charge_memcg+0x7c/0x130 [ 2086.529943] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2086.534452] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2086.539301] memcg_kmem_charge+0x13b/0x340 [ 2086.543552] __alloc_pages_nodemask+0x437/0x710 [ 2086.548226] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2086.553248] ? ___might_sleep+0x163/0x280 [ 2086.557407] ? copyin+0xb5/0x100 [ 2086.560783] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2086.566332] alloc_pages_current+0x107/0x210 [ 2086.570749] pipe_write+0xa65/0xfb0 [ 2086.574399] __vfs_write+0x613/0x8e0 [ 2086.578113] ? kernel_read+0x120/0x120 [ 2086.582005] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2086.587559] ? rw_verify_area+0x118/0x360 [ 2086.591709] vfs_write+0x20c/0x580 [ 2086.595268] ksys_write+0xea/0x1f0 [ 2086.598809] ? __ia32_sys_read+0xb0/0xb0 [ 2086.602881] ? do_syscall_64+0x26/0x610 [ 2086.606854] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2086.612239] ? do_syscall_64+0x26/0x610 [ 2086.616241] __x64_sys_write+0x73/0xb0 [ 2086.620148] do_syscall_64+0x103/0x610 [ 2086.624044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2086.629232] RIP: 0033:0x457e39 [ 2086.632444] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2086.651374] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2086.659099] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2086.666371] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2086.673659] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2086.680931] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2086.688202] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:44:16 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb3}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:16 executing program 0: 16:44:16 executing program 3: r0 = socket$inet6(0xa, 0x0, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:16 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x13e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2086.699546] memory: usage 307200kB, limit 307200kB, failcnt 3810 [ 2086.705923] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2086.724152] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2086.772745] Memory cgroup stats for /syz5: cache:23060KB rss:260700KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283820KB inactive_file:4KB active_file:0KB unevictable:0KB 16:44:16 executing program 0: 16:44:16 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2086.834464] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2120,uid=0 [ 2086.898390] Memory cgroup out of memory: Kill process 2120 (syz-executor5) score 1142 or sacrifice child [ 2086.917781] Killed process 2120 (syz-executor5) total-vm:72844kB, anon-rss:11876kB, file-rss:34880kB, shmem-rss:0kB 16:44:16 executing program 1: 16:44:16 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2086.957994] oom_reaper: reaped process 2120 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:0kB 16:44:16 executing program 0: 16:44:16 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:17 executing program 0: 16:44:17 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:17 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb4}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:17 executing program 1: 16:44:17 executing program 0: 16:44:17 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x13f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:17 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:17 executing program 1: 16:44:17 executing program 0: [ 2087.492986] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2087.520396] CPU: 0 PID: 2162 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2087.527466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2087.536825] Call Trace: [ 2087.539432] dump_stack+0x172/0x1f0 [ 2087.543079] dump_header+0x10f/0xb6c [ 2087.546803] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2087.551914] ? ___ratelimit+0x60/0x595 [ 2087.555822] ? do_raw_spin_unlock+0x57/0x270 [ 2087.560268] oom_kill_process.cold+0x10/0x6f5 [ 2087.564777] ? task_will_free_mem+0x139/0x6e0 [ 2087.569301] out_of_memory+0x79a/0x1280 [ 2087.573298] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2087.578421] ? oom_killer_disable+0x280/0x280 [ 2087.582924] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2087.588043] mem_cgroup_out_of_memory+0x99/0xe0 [ 2087.592719] ? memcg_memory_event+0x40/0x40 [ 2087.597051] ? _raw_spin_unlock+0x2d/0x50 [ 2087.601204] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2087.606307] try_charge+0xfec/0x1570 [ 2087.610406] ? find_held_lock+0x35/0x130 [ 2087.614483] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2087.619326] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2087.624169] ? find_held_lock+0x35/0x130 [ 2087.628232] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2087.633084] memcg_kmem_charge_memcg+0x7c/0x130 [ 2087.637751] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2087.642254] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2087.647099] memcg_kmem_charge+0x13b/0x340 [ 2087.651336] __alloc_pages_nodemask+0x437/0x710 [ 2087.656006] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2087.661037] ? ___might_sleep+0x163/0x280 [ 2087.665188] ? copyin+0xb5/0x100 [ 2087.668557] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2087.674100] alloc_pages_current+0x107/0x210 [ 2087.678517] pipe_write+0xa65/0xfb0 [ 2087.682158] __vfs_write+0x613/0x8e0 [ 2087.685877] ? kernel_read+0x120/0x120 [ 2087.689759] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2087.695322] ? rw_verify_area+0x118/0x360 [ 2087.699467] vfs_write+0x20c/0x580 [ 2087.703031] ksys_write+0xea/0x1f0 [ 2087.706570] ? __ia32_sys_read+0xb0/0xb0 [ 2087.710633] ? do_syscall_64+0x26/0x610 [ 2087.714607] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2087.719967] ? do_syscall_64+0x26/0x610 [ 2087.723946] __x64_sys_write+0x73/0xb0 [ 2087.727831] do_syscall_64+0x103/0x610 [ 2087.731720] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2087.736906] RIP: 0033:0x457e39 [ 2087.740098] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2087.759000] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2087.766711] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2087.773982] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2087.781252] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2087.788522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2087.795787] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2087.820929] memory: usage 307200kB, limit 307200kB, failcnt 3853 [ 2087.827236] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2087.849404] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2087.864775] Memory cgroup stats for /syz5: cache:23060KB rss:260684KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283756KB inactive_file:4KB active_file:0KB unevictable:0KB 16:44:17 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:17 executing program 1: [ 2087.887395] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2153,uid=0 [ 2087.902719] Memory cgroup out of memory: Kill process 2153 (syz-executor5) score 1142 or sacrifice child [ 2087.915166] Killed process 2162 (syz-executor5) total-vm:72844kB, anon-rss:11944kB, file-rss:35828kB, shmem-rss:0kB [ 2087.933634] oom_reaper: reaped process 2162 (syz-executor5), now anon-rss:0kB, file-rss:34868kB, shmem-rss:40kB 16:44:17 executing program 0: 16:44:18 executing program 1: 16:44:18 executing program 0: 16:44:18 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x140}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:18 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb5}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:18 executing program 1: 16:44:18 executing program 0: 16:44:18 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:18 executing program 1: 16:44:18 executing program 0: [ 2088.680951] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2088.709720] CPU: 0 PID: 2216 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2088.716768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2088.726168] Call Trace: [ 2088.728778] dump_stack+0x172/0x1f0 [ 2088.732438] dump_header+0x10f/0xb6c [ 2088.736156] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2088.741459] ? ___ratelimit+0x60/0x595 [ 2088.745352] ? do_raw_spin_unlock+0x57/0x270 [ 2088.749777] oom_kill_process.cold+0x10/0x6f5 [ 2088.754287] ? task_will_free_mem+0x139/0x6e0 [ 2088.758801] out_of_memory+0x79a/0x1280 [ 2088.762780] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2088.767890] ? oom_killer_disable+0x280/0x280 [ 2088.772392] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2088.772417] mem_cgroup_out_of_memory+0x99/0xe0 [ 2088.772433] ? memcg_memory_event+0x40/0x40 [ 2088.772454] ? _raw_spin_unlock+0x2d/0x50 [ 2088.772468] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2088.772488] try_charge+0xfec/0x1570 [ 2088.799514] ? find_held_lock+0x35/0x130 [ 2088.803580] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2088.803598] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2088.803615] ? find_held_lock+0x35/0x130 [ 2088.817317] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2088.822167] memcg_kmem_charge_memcg+0x7c/0x130 [ 2088.822181] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2088.822200] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2088.822218] memcg_kmem_charge+0x13b/0x340 [ 2088.840403] __alloc_pages_nodemask+0x437/0x710 [ 2088.845075] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2088.850094] ? ___might_sleep+0x163/0x280 [ 2088.854242] ? copyin+0xb5/0x100 [ 2088.857635] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2088.863186] alloc_pages_current+0x107/0x210 [ 2088.867605] pipe_write+0xa65/0xfb0 [ 2088.871236] __vfs_write+0x613/0x8e0 [ 2088.874958] ? kernel_read+0x120/0x120 [ 2088.878877] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2088.884439] ? rw_verify_area+0x118/0x360 [ 2088.888610] vfs_write+0x20c/0x580 [ 2088.892142] ksys_write+0xea/0x1f0 [ 2088.895678] ? __ia32_sys_read+0xb0/0xb0 [ 2088.899741] ? do_syscall_64+0x26/0x610 [ 2088.903721] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2088.909099] ? do_syscall_64+0x26/0x610 [ 2088.913081] __x64_sys_write+0x73/0xb0 [ 2088.916975] do_syscall_64+0x103/0x610 [ 2088.920887] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2088.926078] RIP: 0033:0x457e39 [ 2088.929306] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2088.948212] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2088.955957] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2088.963212] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2088.970462] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2088.977719] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2088.984995] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2088.993467] memory: usage 307200kB, limit 307200kB, failcnt 3910 [ 2088.999716] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2089.006462] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2089.012687] Memory cgroup stats for /syz5: cache:23060KB rss:260632KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283684KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2089.034307] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2192,uid=0 [ 2089.048793] Memory cgroup out of memory: Kill process 2192 (syz-executor5) score 1142 or sacrifice child [ 2089.058623] Killed process 2192 (syz-executor5) total-vm:72712kB, anon-rss:11876kB, file-rss:34880kB, shmem-rss:0kB 16:44:19 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, 0x0, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:19 executing program 1: 16:44:19 executing program 0: 16:44:19 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x141}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:19 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb6}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2089.076184] oom_reaper: reaped process 2192 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB 16:44:19 executing program 1: 16:44:19 executing program 0: 16:44:19 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:19 executing program 0: 16:44:19 executing program 1: 16:44:19 executing program 1: 16:44:19 executing program 0: [ 2089.497611] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2089.545140] CPU: 0 PID: 2243 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2089.552185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2089.561533] Call Trace: [ 2089.564142] dump_stack+0x172/0x1f0 [ 2089.567780] dump_header+0x10f/0xb6c [ 2089.571524] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2089.576633] ? ___ratelimit+0x60/0x595 [ 2089.580528] ? do_raw_spin_unlock+0x57/0x270 [ 2089.584958] oom_kill_process.cold+0x10/0x6f5 [ 2089.589460] ? task_will_free_mem+0x139/0x6e0 [ 2089.593969] out_of_memory+0x79a/0x1280 [ 2089.597968] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2089.603075] ? oom_killer_disable+0x280/0x280 [ 2089.607575] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2089.613097] mem_cgroup_out_of_memory+0x99/0xe0 [ 2089.617759] ? memcg_memory_event+0x40/0x40 [ 2089.622097] ? _raw_spin_unlock+0x2d/0x50 [ 2089.622114] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2089.622129] try_charge+0xfec/0x1570 [ 2089.622143] ? find_held_lock+0x35/0x130 [ 2089.622164] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2089.635114] ? kasan_check_read+0x11/0x20 [ 2089.635142] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2089.635160] mem_cgroup_try_charge+0x24d/0x5e0 [ 2089.657622] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2089.662559] wp_page_copy+0x408/0x1740 [ 2089.666453] ? find_held_lock+0x35/0x130 [ 2089.670530] ? pmd_pfn+0x1d0/0x1d0 [ 2089.670548] ? lock_downgrade+0x810/0x810 [ 2089.670563] ? __pte_alloc_kernel+0x220/0x220 [ 2089.670576] ? mark_held_locks+0x100/0x100 [ 2089.670594] ? kasan_check_read+0x11/0x20 [ 2089.670611] ? do_raw_spin_unlock+0x57/0x270 [ 2089.670629] do_wp_page+0x2ed/0x11d0 [ 2089.670662] ? rwlock_bug.part.0+0x90/0x90 [ 2089.670674] ? lock_acquire+0x16f/0x3f0 [ 2089.670690] ? finish_mkwrite_fault+0x540/0x540 [ 2089.670704] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2089.670727] __handle_mm_fault+0x22db/0x3f20 [ 2089.670747] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2089.670761] ? find_held_lock+0x35/0x130 [ 2089.670776] ? handle_mm_fault+0x322/0xb30 [ 2089.678479] ? kasan_check_read+0x11/0x20 [ 2089.678500] handle_mm_fault+0x43f/0xb30 [ 2089.678525] __do_page_fault+0x5da/0xd60 [ 2089.678550] do_page_fault+0x71/0x581 [ 2089.678570] page_fault+0x1e/0x30 [ 2089.678588] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2089.760180] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2089.779101] RSP: 0018:ffff88803bbefb30 EFLAGS: 00010206 [ 2089.784468] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2089.791749] RDX: 0000000000001000 RSI: ffff888064b5be00 RDI: 0000000020582000 [ 2089.799053] RBP: ffff88803bbefb68 R08: ffffed100c96b800 R09: 0000000000000000 [ 2089.806315] R10: ffffed100c96b7ff R11: ffff888064b5bfff R12: 0000000020581200 [ 2089.813586] R13: ffff888064b5b000 R14: 0000000020582200 R15: 00007ffffffff000 [ 2089.820903] ? copyout+0xe2/0x100 [ 2089.824352] copy_page_to_iter+0x347/0xd00 [ 2089.828597] pipe_read+0x28a/0x940 [ 2089.832170] __vfs_read+0x610/0x8c0 [ 2089.835792] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2089.840397] ? rw_verify_area+0x118/0x360 [ 2089.844544] vfs_read+0x194/0x3e0 [ 2089.847988] ksys_read+0xea/0x1f0 [ 2089.851490] ? kernel_write+0x120/0x120 [ 2089.855496] ? do_syscall_64+0x26/0x610 [ 2089.859480] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2089.864836] ? do_syscall_64+0x26/0x610 [ 2089.868810] __x64_sys_read+0x73/0xb0 [ 2089.872618] do_syscall_64+0x103/0x610 [ 2089.876507] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2089.881679] RIP: 0033:0x457e39 [ 2089.884852] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2089.903753] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2089.911518] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2089.918802] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000006 [ 2089.926075] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 2089.933333] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 2089.940605] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 2089.955564] memory: usage 307200kB, limit 307200kB, failcnt 3951 [ 2089.964165] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2089.977798] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2089.985211] Memory cgroup stats for /syz5: cache:23060KB rss:260500KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283568KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2090.007536] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2228,uid=0 [ 2090.022529] Memory cgroup out of memory: Kill process 2228 (syz-executor5) score 1141 or sacrifice child [ 2090.032479] Killed process 2241 (syz-executor5) total-vm:72844kB, anon-rss:11680kB, file-rss:35824kB, shmem-rss:0kB 16:44:20 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, 0x0, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb7}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:20 executing program 1: 16:44:20 executing program 0: 16:44:20 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x142}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:20 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2090.050115] oom_reaper: reaped process 2241 (syz-executor5), now anon-rss:0kB, file-rss:34864kB, shmem-rss:0kB 16:44:20 executing program 1: 16:44:20 executing program 0: 16:44:20 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, 0x0, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:20 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c8c4}, 0x4) close(r2) close(r1) 16:44:20 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:20 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000080)="0af51f023c123f3188a070") ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x3}}) 16:44:20 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x1d, &(0x7f0000000080), &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x0, 0x32, 0xffffffffffffffff, 0x0) [ 2090.462204] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2090.504595] CPU: 0 PID: 2277 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2090.511626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2090.520974] Call Trace: [ 2090.523602] dump_stack+0x172/0x1f0 [ 2090.527253] dump_header+0x10f/0xb6c [ 2090.530972] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2090.536077] ? ___ratelimit+0x60/0x595 [ 2090.539981] ? do_raw_spin_unlock+0x57/0x270 [ 2090.544400] oom_kill_process.cold+0x10/0x6f5 [ 2090.548902] ? task_will_free_mem+0x139/0x6e0 [ 2090.553413] out_of_memory+0x79a/0x1280 [ 2090.557400] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2090.562516] ? oom_killer_disable+0x280/0x280 [ 2090.567013] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2090.572129] mem_cgroup_out_of_memory+0x99/0xe0 [ 2090.576806] ? memcg_memory_event+0x40/0x40 [ 2090.581139] ? _raw_spin_unlock+0x2d/0x50 [ 2090.585290] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2090.590404] try_charge+0xfec/0x1570 [ 2090.594118] ? find_held_lock+0x35/0x130 [ 2090.598190] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2090.603035] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2090.607892] ? find_held_lock+0x35/0x130 [ 2090.611973] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2090.616833] memcg_kmem_charge_memcg+0x7c/0x130 [ 2090.621529] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2090.626057] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2090.630932] memcg_kmem_charge+0x13b/0x340 [ 2090.635166] __alloc_pages_nodemask+0x437/0x710 [ 2090.639839] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2090.644868] ? ___might_sleep+0x163/0x280 [ 2090.649014] ? copyin+0xb5/0x100 [ 2090.652391] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2090.657931] alloc_pages_current+0x107/0x210 [ 2090.662355] pipe_write+0xa65/0xfb0 [ 2090.666011] __vfs_write+0x613/0x8e0 [ 2090.669727] ? kernel_read+0x120/0x120 [ 2090.673610] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2090.679165] ? rw_verify_area+0x118/0x360 [ 2090.683331] vfs_write+0x20c/0x580 [ 2090.686877] ksys_write+0xea/0x1f0 [ 2090.690436] ? __ia32_sys_read+0xb0/0xb0 [ 2090.694507] ? do_syscall_64+0x26/0x610 [ 2090.698516] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2090.703884] ? do_syscall_64+0x26/0x610 [ 2090.707865] __x64_sys_write+0x73/0xb0 [ 2090.711756] do_syscall_64+0x103/0x610 [ 2090.715696] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2090.720885] RIP: 0033:0x457e39 [ 2090.724078] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2090.743110] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2090.750814] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2090.758092] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2090.765379] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2090.772687] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2090.779961] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2090.805062] memory: usage 307200kB, limit 307200kB, failcnt 4017 [ 2090.812115] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2090.819176] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2090.825464] Memory cgroup stats for /syz5: cache:23060KB rss:260252KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283292KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2090.847238] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2267,uid=0 [ 2090.865921] Memory cgroup out of memory: Kill process 2267 (syz-executor5) score 1133 or sacrifice child [ 2090.875806] Killed process 2267 (syz-executor5) total-vm:72448kB, anon-rss:8336kB, file-rss:35800kB, shmem-rss:0kB 16:44:20 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb8}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:20 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") getsockopt$rose(0xffffffffffffffff, 0x104, 0x7, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001100)=@filter={'filter\x00', 0xe, 0x2, 0x1c8, [0x0, 0x200004c0, 0x200004f0, 0x20000ed8], 0x0, 0x0, &(0x7f00000004c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'veth1_to_team\x00', 'ip_vti0\x00', 'veth1\x00', 'bond_slave_0\x00', @dev, [], @empty, [], 0x70, 0xe8, 0x138}, [@common=@NFLOG={'NFLOG\x00', 0x50, {{0x0, 0x0, 0x0, 0x0, 0x0, "0022b602122e9ab06a78d6b42f641fb44724a2ca340c77ef7706f624a201e1f1791ccfc4746165951ccf177907ffd2d36b54eb7e31e18f9dbff5979c61c20012"}}}]}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}}]}]}, 0x240) 16:44:20 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:20 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x143}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:20 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2090.975879] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2090.987190] CPU: 0 PID: 2277 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2090.994208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2091.003554] Call Trace: [ 2091.006150] dump_stack+0x172/0x1f0 [ 2091.009788] dump_header+0x10f/0xb6c [ 2091.013524] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2091.018640] ? ___ratelimit+0x60/0x595 [ 2091.022548] ? do_raw_spin_unlock+0x57/0x270 [ 2091.026968] oom_kill_process.cold+0x10/0x6f5 [ 2091.031489] ? task_will_free_mem+0x139/0x6e0 [ 2091.035995] out_of_memory+0x79a/0x1280 [ 2091.039989] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2091.040007] ? oom_killer_disable+0x280/0x280 [ 2091.040021] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2091.040044] mem_cgroup_out_of_memory+0x99/0xe0 [ 2091.040060] ? memcg_memory_event+0x40/0x40 [ 2091.040080] ? _raw_spin_unlock+0x2d/0x50 [ 2091.040092] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 16:44:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(0x0, 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2091.040105] try_charge+0xfec/0x1570 [ 2091.040117] ? find_held_lock+0x35/0x130 [ 2091.040141] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2091.054816] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2091.054831] ? find_held_lock+0x35/0x130 [ 2091.054848] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2091.054871] memcg_kmem_charge_memcg+0x7c/0x130 [ 2091.104005] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2091.108524] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2091.113372] memcg_kmem_charge+0x13b/0x340 [ 2091.117622] __alloc_pages_nodemask+0x437/0x710 [ 2091.122299] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2091.127324] ? copyin+0xb5/0x100 [ 2091.130731] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2091.136275] alloc_pages_current+0x107/0x210 [ 2091.136297] pipe_write+0xa65/0xfb0 [ 2091.136325] __vfs_write+0x613/0x8e0 [ 2091.144364] ? kernel_read+0x120/0x120 [ 2091.144378] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2091.144419] ? rw_verify_area+0x118/0x360 [ 2091.144436] vfs_write+0x20c/0x580 [ 2091.165212] ksys_write+0xea/0x1f0 [ 2091.168758] ? __ia32_sys_read+0xb0/0xb0 [ 2091.172841] ? do_syscall_64+0x26/0x610 16:44:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(0x0, 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2091.176835] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2091.182206] ? do_syscall_64+0x26/0x610 [ 2091.186209] __x64_sys_write+0x73/0xb0 [ 2091.190107] do_syscall_64+0x103/0x610 [ 2091.194003] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2091.199207] RIP: 0033:0x457e39 [ 2091.202409] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2091.221307] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2091.229011] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2091.236287] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2091.236297] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2091.250822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2091.258090] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2091.291307] kernel msg: ebtables bug: please report to author: Valid hook without chain [ 2091.333428] kernel msg: ebtables bug: please report to author: Valid hook without chain [ 2091.422926] memory: usage 307200kB, limit 307200kB, failcnt 4059 [ 2091.441413] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2091.450862] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2091.459930] Memory cgroup stats for /syz5: cache:23060KB rss:260308KB rss_huge:245760KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283440KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2091.482813] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2274,uid=0 [ 2091.507728] Memory cgroup out of memory: Kill process 2274 (syz-executor5) score 1141 or sacrifice child [ 2091.524564] Killed process 2277 (syz-executor5) total-vm:72712kB, anon-rss:11740kB, file-rss:35824kB, shmem-rss:40kB 16:44:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(0x0, 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:21 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:21 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xb9}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:21 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040), 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:21 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x144}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2091.575304] oom_reaper: reaped process 2277 (syz-executor5), now anon-rss:0kB, file-rss:34864kB, shmem-rss:40kB 16:44:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:21 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2092.041134] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2092.098345] CPU: 1 PID: 2337 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2092.105417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2092.114766] Call Trace: [ 2092.117362] dump_stack+0x172/0x1f0 [ 2092.121018] dump_header+0x10f/0xb6c [ 2092.124738] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2092.129877] ? ___ratelimit+0x60/0x595 [ 2092.133770] ? do_raw_spin_unlock+0x57/0x270 [ 2092.138229] oom_kill_process.cold+0x10/0x6f5 [ 2092.142756] ? task_will_free_mem+0x139/0x6e0 [ 2092.147277] out_of_memory+0x79a/0x1280 [ 2092.151262] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2092.156405] ? oom_killer_disable+0x280/0x280 [ 2092.160914] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2092.166058] mem_cgroup_out_of_memory+0x99/0xe0 [ 2092.170750] ? memcg_memory_event+0x40/0x40 [ 2092.175080] ? _raw_spin_unlock+0x2d/0x50 [ 2092.179228] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2092.184353] try_charge+0xfec/0x1570 [ 2092.188083] ? find_held_lock+0x35/0x130 [ 2092.192186] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2092.197040] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2092.201906] ? find_held_lock+0x35/0x130 [ 2092.201926] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2092.201948] memcg_kmem_charge_memcg+0x7c/0x130 [ 2092.210833] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2092.210855] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2092.210871] memcg_kmem_charge+0x13b/0x340 [ 2092.210891] __alloc_pages_nodemask+0x437/0x710 [ 2092.210910] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2092.238800] ? ___might_sleep+0x163/0x280 [ 2092.242960] ? copyin+0xb5/0x100 [ 2092.246343] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2092.251893] alloc_pages_current+0x107/0x210 [ 2092.256317] pipe_write+0xa65/0xfb0 [ 2092.259959] __vfs_write+0x613/0x8e0 [ 2092.263689] ? kernel_read+0x120/0x120 [ 2092.267581] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2092.273142] ? rw_verify_area+0x118/0x360 [ 2092.277296] vfs_write+0x20c/0x580 [ 2092.280846] ksys_write+0xea/0x1f0 [ 2092.284405] ? __ia32_sys_read+0xb0/0xb0 [ 2092.288486] ? do_syscall_64+0x26/0x610 [ 2092.292467] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2092.297835] ? do_syscall_64+0x26/0x610 [ 2092.301836] __x64_sys_write+0x73/0xb0 [ 2092.305746] do_syscall_64+0x103/0x610 [ 2092.309641] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2092.314827] RIP: 0033:0x457e39 [ 2092.318018] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2092.336915] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 16:44:22 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r1) r2 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r3, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r3, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r2, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r2, r3, 0x0, 0x80003) 16:44:22 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x145}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xba}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:22 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2092.344620] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2092.351882] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2092.359144] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2092.366412] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2092.373677] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:44:22 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000040)) 16:44:22 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(0xffffffffffffffff, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2092.856719] memory: usage 307104kB, limit 307200kB, failcnt 4113 [ 2092.863813] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2092.899324] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2092.947505] Memory cgroup stats for /syz5: cache:23060KB rss:260228KB rss_huge:247808KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283372KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2092.975359] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2329,uid=0 16:44:22 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040), 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:22 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:22 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) pwritev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, 0xffffffffffffffff) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f00000001c0), 0x526987c9) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, 0xffffffffffffffff, 0x0, 0x80003) 16:44:22 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x146}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:22 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xbb}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2093.001887] Memory cgroup out of memory: Kill process 2329 (syz-executor5) score 1141 or sacrifice child [ 2093.015581] Killed process 2337 (syz-executor5) total-vm:72844kB, anon-rss:11680kB, file-rss:35828kB, shmem-rss:0kB [ 2093.038875] oom_reaper: reaped process 2337 (syz-executor5), now anon-rss:0kB, file-rss:34868kB, shmem-rss:0kB 16:44:23 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:23 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:23 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:23 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x147}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:23 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(0xffffffffffffffff, r1, 0x0, 0x8000fffffffe) 16:44:23 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xbc}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:23 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(0xffffffffffffffff, r1, 0x0, 0x8000fffffffe) [ 2093.776822] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2093.800374] CPU: 0 PID: 2392 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2093.807415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2093.816766] Call Trace: [ 2093.819374] dump_stack+0x172/0x1f0 [ 2093.823024] dump_header+0x10f/0xb6c [ 2093.826743] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2093.831891] ? ___ratelimit+0x60/0x595 [ 2093.835780] ? do_raw_spin_unlock+0x57/0x270 [ 2093.840211] oom_kill_process.cold+0x10/0x6f5 [ 2093.844713] ? task_will_free_mem+0x139/0x6e0 [ 2093.849218] out_of_memory+0x79a/0x1280 [ 2093.853196] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2093.858301] ? oom_killer_disable+0x280/0x280 [ 2093.862800] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2093.867911] mem_cgroup_out_of_memory+0x99/0xe0 [ 2093.872583] ? memcg_memory_event+0x40/0x40 [ 2093.876938] ? _raw_spin_unlock+0x2d/0x50 [ 2093.881080] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2093.886167] try_charge+0xfec/0x1570 [ 2093.889876] ? find_held_lock+0x35/0x130 [ 2093.893959] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2093.898811] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2093.903656] ? find_held_lock+0x35/0x130 [ 2093.907724] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2093.912595] memcg_kmem_charge_memcg+0x7c/0x130 [ 2093.917278] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2093.921780] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2093.926618] memcg_kmem_charge+0x13b/0x340 [ 2093.930850] __alloc_pages_nodemask+0x437/0x710 [ 2093.935530] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2093.940545] ? copyin+0xb5/0x100 [ 2093.943909] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2093.949452] alloc_pages_current+0x107/0x210 [ 2093.949473] pipe_write+0xa65/0xfb0 [ 2093.949512] __vfs_write+0x613/0x8e0 [ 2093.957534] ? kernel_read+0x120/0x120 [ 2093.957548] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2093.957580] ? rw_verify_area+0x118/0x360 [ 2093.957596] vfs_write+0x20c/0x580 [ 2093.978349] ksys_write+0xea/0x1f0 [ 2093.981911] ? __ia32_sys_read+0xb0/0xb0 [ 2093.985977] ? do_syscall_64+0x26/0x610 [ 2093.989957] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2093.995331] ? do_syscall_64+0x26/0x610 [ 2093.999318] __x64_sys_write+0x73/0xb0 [ 2094.003202] do_syscall_64+0x103/0x610 [ 2094.007084] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2094.012254] RIP: 0033:0x457e39 [ 2094.015467] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2094.034367] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2094.042080] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2094.049349] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2094.056600] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2094.063858] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2094.071120] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2094.081850] memory: usage 307104kB, limit 307200kB, failcnt 4153 [ 2094.088188] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2094.095145] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2094.101511] Memory cgroup stats for /syz5: cache:23060KB rss:260112KB rss_huge:239616KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283272KB inactive_file:4KB active_file:0KB unevictable:0KB [ 2094.123836] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2389,uid=0 [ 2094.159074] Memory cgroup out of memory: Kill process 2389 (syz-executor5) score 1140 or sacrifice child 16:44:24 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040), 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:24 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(0xffffffffffffffff, r1, 0x0, 0x8000fffffffe) 16:44:24 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2094.169859] Killed process 2392 (syz-executor5) total-vm:72712kB, anon-rss:11460kB, file-rss:35828kB, shmem-rss:40kB 16:44:24 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x148}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2094.206676] oom_reaper: reaped process 2392 (syz-executor5), now anon-rss:0kB, file-rss:34868kB, shmem-rss:40kB 16:44:24 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000fffffffe) 16:44:24 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000fffffffe) 16:44:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:24 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xbd}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:24 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, 0xffffffffffffffff, 0x0, 0x8000fffffffe) 16:44:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2094.602615] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 16:44:24 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x149}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2094.656039] CPU: 0 PID: 2447 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2094.663081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2094.672443] Call Trace: [ 2094.675036] dump_stack+0x172/0x1f0 [ 2094.678677] dump_header+0x10f/0xb6c [ 2094.682404] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2094.687520] ? ___ratelimit+0x60/0x595 [ 2094.691417] ? do_raw_spin_unlock+0x57/0x270 [ 2094.695836] oom_kill_process.cold+0x10/0x6f5 [ 2094.700339] ? task_will_free_mem+0x139/0x6e0 [ 2094.704872] out_of_memory+0x79a/0x1280 [ 2094.708859] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2094.713967] ? oom_killer_disable+0x280/0x280 [ 2094.718468] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2094.718501] mem_cgroup_out_of_memory+0x99/0xe0 [ 2094.718517] ? memcg_memory_event+0x40/0x40 [ 2094.718537] ? _raw_spin_unlock+0x2d/0x50 [ 2094.718550] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2094.718564] try_charge+0xfec/0x1570 [ 2094.718577] ? find_held_lock+0x35/0x130 [ 2094.718599] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2094.718617] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2094.759462] ? find_held_lock+0x35/0x130 [ 2094.763538] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2094.768408] memcg_kmem_charge_memcg+0x7c/0x130 [ 2094.773082] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2094.777588] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2094.782486] memcg_kmem_charge+0x13b/0x340 [ 2094.786730] __alloc_pages_nodemask+0x437/0x710 [ 2094.791418] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2094.796450] ? ___might_sleep+0x163/0x280 [ 2094.800626] ? copyin+0xb5/0x100 [ 2094.804004] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2094.809553] alloc_pages_current+0x107/0x210 [ 2094.813973] pipe_write+0xa65/0xfb0 [ 2094.817612] __vfs_write+0x613/0x8e0 [ 2094.821346] ? kernel_read+0x120/0x120 [ 2094.825249] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2094.830806] ? rw_verify_area+0x118/0x360 [ 2094.834960] vfs_write+0x20c/0x580 [ 2094.838514] ksys_write+0xea/0x1f0 [ 2094.842064] ? __ia32_sys_read+0xb0/0xb0 [ 2094.846132] ? do_syscall_64+0x26/0x610 [ 2094.850123] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2094.855511] ? do_syscall_64+0x26/0x610 [ 2094.859496] __x64_sys_write+0x73/0xb0 [ 2094.863403] do_syscall_64+0x103/0x610 [ 2094.867299] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2094.872505] RIP: 0033:0x457e39 [ 2094.875703] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2094.894608] RSP: 002b:00007fb6e81f4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2094.902315] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2094.909583] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2094.916848] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2094.924116] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81f56d4 [ 2094.931378] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2094.956028] memory: usage 307200kB, limit 307200kB, failcnt 4225 [ 2094.973461] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2094.991562] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2095.007837] Memory cgroup stats for /syz5: cache:23060KB rss:260168KB rss_huge:245760KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:283176KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2095.060955] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2441,uid=0 [ 2095.105510] Memory cgroup out of memory: Kill process 2441 (syz-executor5) score 1140 or sacrifice child [ 2095.138790] Killed process 2447 (syz-executor5) total-vm:72712kB, anon-rss:11476kB, file-rss:35816kB, shmem-rss:0kB 16:44:25 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:25 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:25 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x0) 16:44:25 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xbe}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2095.172569] oom_reaper: reaped process 2447 (syz-executor5), now anon-rss:0kB, file-rss:34856kB, shmem-rss:40kB 16:44:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:25 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x0) 16:44:25 executing program 1 (fault-call:1 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:25 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x0) [ 2095.411261] FAULT_INJECTION: forcing a failure. [ 2095.411261] name failslab, interval 1, probability 0, space 0, times 0 [ 2095.458340] CPU: 1 PID: 2502 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2095.465402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2095.474751] Call Trace: [ 2095.477362] dump_stack+0x172/0x1f0 [ 2095.481022] should_fail.cold+0xa/0x1b [ 2095.484910] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2095.490023] ? lock_downgrade+0x810/0x810 [ 2095.494171] ? ___might_sleep+0x163/0x280 [ 2095.498329] __should_failslab+0x121/0x190 [ 2095.502565] should_failslab+0x9/0x14 [ 2095.506381] kmem_cache_alloc_node_trace+0x270/0x720 [ 2095.511510] ? mutex_trylock+0x1e0/0x1e0 [ 2095.515592] __kmalloc_node+0x3d/0x70 [ 2095.519417] kvmalloc_node+0x68/0x100 [ 2095.523238] alloc_netdev_mqs+0x98/0xd30 [ 2095.527316] ? slcan_change_mtu+0x10/0x10 [ 2095.531482] slcan_open+0x338/0x940 [ 2095.535111] ? slcan_hangup+0x20/0x20 [ 2095.538952] ? lock_downgrade+0x810/0x810 [ 2095.543109] ? slcan_hangup+0x20/0x20 [ 2095.546922] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2095.551327] tty_set_ldisc+0x2d7/0x690 [ 2095.555219] tty_ioctl+0xe69/0x14d0 [ 2095.558845] ? tty_vhangup+0x30/0x30 [ 2095.562565] ? mark_held_locks+0x100/0x100 [ 2095.566800] ? proc_fail_nth_write+0x9d/0x1e0 [ 2095.571296] ? proc_cwd_link+0x1d0/0x1d0 [ 2095.575364] ? __fget+0x340/0x540 [ 2095.578842] ? ___might_sleep+0x163/0x280 [ 2095.583007] ? __might_sleep+0x95/0x190 [ 2095.587002] ? tty_vhangup+0x30/0x30 [ 2095.590720] do_vfs_ioctl+0xd6e/0x1390 [ 2095.594614] ? selinux_file_ioctl+0x46f/0x5e0 [ 2095.599109] ? selinux_file_ioctl+0x125/0x5e0 [ 2095.603620] ? ioctl_preallocate+0x210/0x210 [ 2095.608029] ? selinux_file_mprotect+0x620/0x620 [ 2095.612964] ? iterate_fd+0x360/0x360 [ 2095.616769] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2095.622307] ? fput+0x128/0x1a0 [ 2095.625589] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2095.631126] ? security_file_ioctl+0x93/0xc0 [ 2095.635539] ksys_ioctl+0xab/0xd0 [ 2095.638996] __x64_sys_ioctl+0x73/0xb0 [ 2095.642942] do_syscall_64+0x103/0x610 [ 2095.646849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2095.652048] RIP: 0033:0x457e39 [ 2095.655247] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2095.674159] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2095.681868] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 [ 2095.689131] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2095.696416] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 16:44:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2095.703682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2095.710942] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 16:44:25 executing program 3 (fault-call:5 fault-nth:0): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2095.840356] FAULT_INJECTION: forcing a failure. [ 2095.840356] name failslab, interval 1, probability 0, space 0, times 0 [ 2095.875186] CPU: 1 PID: 2519 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2095.882237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2095.891590] Call Trace: [ 2095.894189] dump_stack+0x172/0x1f0 [ 2095.897837] should_fail.cold+0xa/0x1b [ 2095.901734] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2095.906905] ? lock_downgrade+0x810/0x810 [ 2095.911057] ? ___might_sleep+0x163/0x280 [ 2095.915220] __should_failslab+0x121/0x190 [ 2095.919464] should_failslab+0x9/0x14 [ 2095.923273] kmem_cache_alloc_trace+0x2d1/0x760 [ 2095.927958] alloc_pipe_info+0xb9/0x430 [ 2095.932007] ? __might_sleep+0x95/0x190 [ 2095.936010] splice_direct_to_actor+0x775/0x970 [ 2095.940686] ? avc_policy_seqno+0xd/0x70 [ 2095.944752] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2095.949778] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2095.954621] ? selinux_file_permission+0x92/0x550 [ 2095.959447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2095.965001] ? do_splice_to+0x190/0x190 [ 2095.968970] ? rw_verify_area+0x118/0x360 [ 2095.973114] do_splice_direct+0x1da/0x2a0 [ 2095.977248] ? splice_direct_to_actor+0x970/0x970 [ 2095.982078] ? rw_verify_area+0x118/0x360 [ 2095.986212] do_sendfile+0x597/0xd00 [ 2095.989915] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2095.994491] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2096.000024] ? fput+0x128/0x1a0 [ 2096.003299] __x64_sys_sendfile64+0x1dd/0x220 [ 2096.007782] ? __ia32_sys_sendfile+0x230/0x230 [ 2096.012367] ? do_syscall_64+0x26/0x610 [ 2096.016360] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2096.020952] ? trace_hardirqs_on+0x67/0x230 [ 2096.025258] do_syscall_64+0x103/0x610 [ 2096.029177] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2096.034361] RIP: 0033:0x457e39 [ 2096.037534] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2096.056420] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2096.064113] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2096.071380] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2096.078651] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 16:44:26 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x14a}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2096.085914] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2096.093181] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 16:44:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:26 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xbf}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:26 executing program 1 (fault-call:1 fault-nth:1): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:26 executing program 3 (fault-call:5 fault-nth:1): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2096.270255] FAULT_INJECTION: forcing a failure. [ 2096.270255] name failslab, interval 1, probability 0, space 0, times 0 [ 2096.292803] FAULT_INJECTION: forcing a failure. [ 2096.292803] name failslab, interval 1, probability 0, space 0, times 0 [ 2096.318327] CPU: 0 PID: 2539 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2096.325406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2096.334776] Call Trace: [ 2096.337372] dump_stack+0x172/0x1f0 [ 2096.341021] should_fail.cold+0xa/0x1b [ 2096.344917] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2096.350047] __should_failslab+0x121/0x190 [ 2096.354294] should_failslab+0x9/0x14 [ 2096.358098] kmem_cache_alloc_trace+0x4b/0x760 [ 2096.362689] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2096.368142] __hw_addr_create_ex+0x5e/0x310 [ 2096.372514] __hw_addr_add_ex+0x1ef/0x2b0 [ 2096.376669] dev_addr_init+0x118/0x200 [ 2096.380557] ? dev_mc_flush+0x40/0x40 [ 2096.384384] ? __kmalloc_node+0x4e/0x70 [ 2096.388370] alloc_netdev_mqs+0x142/0xd30 [ 2096.392526] ? slcan_change_mtu+0x10/0x10 [ 2096.396667] slcan_open+0x338/0x940 [ 2096.400293] ? slcan_hangup+0x20/0x20 [ 2096.404103] ? lock_downgrade+0x810/0x810 [ 2096.408286] ? slcan_hangup+0x20/0x20 [ 2096.412081] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2096.416492] tty_set_ldisc+0x2d7/0x690 [ 2096.420393] tty_ioctl+0xe69/0x14d0 [ 2096.424033] ? tty_vhangup+0x30/0x30 [ 2096.427753] ? mark_held_locks+0x100/0x100 [ 2096.431984] ? proc_fail_nth_write+0x9d/0x1e0 [ 2096.436482] ? proc_cwd_link+0x1d0/0x1d0 [ 2096.440542] ? __fget+0x340/0x540 [ 2096.443995] ? ___might_sleep+0x163/0x280 [ 2096.448145] ? __might_sleep+0x95/0x190 [ 2096.452120] ? tty_vhangup+0x30/0x30 [ 2096.455893] do_vfs_ioctl+0xd6e/0x1390 [ 2096.459803] ? selinux_file_ioctl+0x46f/0x5e0 [ 2096.464310] ? selinux_file_ioctl+0x125/0x5e0 [ 2096.468800] ? ioctl_preallocate+0x210/0x210 [ 2096.473202] ? selinux_file_mprotect+0x620/0x620 [ 2096.477976] ? iterate_fd+0x360/0x360 [ 2096.481780] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2096.487317] ? fput+0x128/0x1a0 [ 2096.490610] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2096.496144] ? security_file_ioctl+0x93/0xc0 [ 2096.500579] ksys_ioctl+0xab/0xd0 [ 2096.504029] __x64_sys_ioctl+0x73/0xb0 [ 2096.507917] do_syscall_64+0x103/0x610 [ 2096.511820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2096.517005] RIP: 0033:0x457e39 [ 2096.520197] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2096.539092] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2096.546801] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 [ 2096.554065] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2096.561334] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2096.568599] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2096.575863] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 [ 2096.591859] CPU: 1 PID: 2535 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2096.598892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2096.608244] Call Trace: [ 2096.610843] dump_stack+0x172/0x1f0 [ 2096.614488] should_fail.cold+0xa/0x1b [ 2096.618414] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2096.623572] ? lock_downgrade+0x810/0x810 [ 2096.627760] ? ___might_sleep+0x163/0x280 [ 2096.631949] __should_failslab+0x121/0x190 [ 2096.636195] should_failslab+0x9/0x14 [ 2096.640002] __kmalloc+0x2dc/0x740 [ 2096.643545] ? kmem_cache_alloc_trace+0x354/0x760 [ 2096.648406] ? alloc_pipe_info+0x199/0x430 [ 2096.652680] alloc_pipe_info+0x199/0x430 [ 2096.656750] splice_direct_to_actor+0x775/0x970 [ 2096.661459] ? avc_policy_seqno+0xd/0x70 [ 2096.665554] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2096.670573] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2096.675430] ? selinux_file_permission+0x92/0x550 [ 2096.680282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2096.685828] ? do_splice_to+0x190/0x190 [ 2096.689806] ? rw_verify_area+0x118/0x360 [ 2096.693973] do_splice_direct+0x1da/0x2a0 [ 2096.698163] ? splice_direct_to_actor+0x970/0x970 [ 2096.703021] ? rw_verify_area+0x118/0x360 [ 2096.707183] do_sendfile+0x597/0xd00 [ 2096.710916] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2096.715497] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2096.721036] ? fput+0x128/0x1a0 [ 2096.724326] __x64_sys_sendfile64+0x1dd/0x220 [ 2096.728835] ? __ia32_sys_sendfile+0x230/0x230 [ 2096.733459] ? do_syscall_64+0x26/0x610 [ 2096.737441] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2096.742597] ? trace_hardirqs_on+0x67/0x230 [ 2096.746930] do_syscall_64+0x103/0x610 [ 2096.750843] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2096.756035] RIP: 0033:0x457e39 16:44:26 executing program 1 (fault-call:1 fault-nth:2): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2096.759261] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2096.778170] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2096.785881] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2096.793145] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2096.800420] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2096.807682] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2096.814942] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 [ 2096.862362] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 2096.916128] CPU: 0 PID: 2541 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2096.923194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2096.932568] Call Trace: [ 2096.935182] dump_stack+0x172/0x1f0 [ 2096.938817] dump_header+0x10f/0xb6c [ 2096.942534] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2096.947641] ? ___ratelimit+0x60/0x595 [ 2096.951531] ? do_raw_spin_unlock+0x57/0x270 [ 2096.955942] oom_kill_process.cold+0x10/0x6f5 [ 2096.960457] ? task_will_free_mem+0x139/0x6e0 [ 2096.964976] out_of_memory+0x79a/0x1280 [ 2096.968952] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2096.974052] ? oom_killer_disable+0x280/0x280 [ 2096.978542] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2096.983654] mem_cgroup_out_of_memory+0x99/0xe0 [ 2096.988339] ? memcg_memory_event+0x40/0x40 [ 2096.992659] ? _raw_spin_unlock+0x2d/0x50 [ 2096.996803] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2097.001903] try_charge+0xfec/0x1570 [ 2097.005612] ? find_held_lock+0x35/0x130 [ 2097.009696] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2097.014552] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2097.019401] ? find_held_lock+0x35/0x130 [ 2097.023472] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2097.028329] memcg_kmem_charge_memcg+0x7c/0x130 [ 2097.032995] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2097.037500] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2097.042344] memcg_kmem_charge+0x13b/0x340 [ 2097.046581] __alloc_pages_nodemask+0x437/0x710 [ 2097.051254] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2097.056269] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2097.060864] ? trace_hardirqs_on+0x67/0x230 [ 2097.065187] copy_process.part.0+0x3e0/0x79a0 [ 2097.069683] ? psi_memstall_leave+0x11c/0x180 [ 2097.074194] ? sched_clock+0x2e/0x50 [ 2097.077919] ? psi_memstall_leave+0x12e/0x180 [ 2097.082417] ? find_held_lock+0x35/0x130 [ 2097.086482] ? __lock_acquire+0x53b/0x4700 [ 2097.090726] ? __cleanup_sighand+0x70/0x70 [ 2097.094956] ? mark_held_locks+0x100/0x100 [ 2097.099224] ? rcu_read_lock_sched_held+0x110/0x130 [ 2097.104238] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2097.109772] ? try_to_free_mem_cgroup_pages+0x410/0x960 [ 2097.115153] _do_fork+0x257/0xfe0 [ 2097.118614] ? fork_idle+0x1d0/0x1d0 [ 2097.122331] ? blkcg_maybe_throttle_current+0x5d4/0xfd0 [ 2097.127690] ? lock_downgrade+0x810/0x810 [ 2097.131840] ? blkcg_exit_queue+0x30/0x30 [ 2097.135989] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2097.140741] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2097.145511] ? do_syscall_64+0x26/0x610 [ 2097.149488] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2097.154847] ? do_syscall_64+0x26/0x610 [ 2097.158820] __x64_sys_clone+0xbf/0x150 [ 2097.162795] do_syscall_64+0x103/0x610 [ 2097.166681] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2097.171867] RIP: 0033:0x45a809 [ 2097.175072] Code: ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8e fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 2097.193967] RSP: 002b:00007ffdbd4bad28 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 2097.201675] RAX: ffffffffffffffda RBX: 00007fb6e8192700 RCX: 000000000045a809 [ 2097.208935] RDX: 00007fb6e81929d0 RSI: 00007fb6e8191db0 RDI: 00000000003d0f00 [ 2097.216200] RBP: 00007ffdbd4baf30 R08: 00007fb6e8192700 R09: 00007fb6e8192700 [ 2097.223464] R10: 00007fb6e81929d0 R11: 0000000000000202 R12: 0000000000000000 [ 2097.230730] R13: 00007ffdbd4baddf R14: 00007fb6e81929c0 R15: 000000000073c0ec [ 2097.248298] memory: usage 307200kB, limit 307200kB, failcnt 4292 [ 2097.255701] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 16:44:27 executing program 3 (fault-call:5 fault-nth:2): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2097.266024] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2097.275698] Memory cgroup stats for /syz5: cache:23060KB rss:259624KB rss_huge:245760KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:282764KB inactive_file:8KB active_file:4KB unevictable:0KB [ 2097.321556] FAULT_INJECTION: forcing a failure. [ 2097.321556] name failslab, interval 1, probability 0, space 0, times 0 [ 2097.330712] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=29919,uid=0 [ 2097.359195] CPU: 0 PID: 2552 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2097.366224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2097.373504] Memory cgroup out of memory: Kill process 29919 (syz-executor5) score 1133 or sacrifice child [ 2097.375574] Call Trace: [ 2097.375606] dump_stack+0x172/0x1f0 [ 2097.375632] should_fail.cold+0xa/0x1b [ 2097.395398] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2097.398881] Killed process 29919 (syz-executor5) total-vm:72580kB, anon-rss:8304kB, file-rss:35812kB, shmem-rss:0kB [ 2097.400507] ? lock_downgrade+0x810/0x810 [ 2097.400527] ? ___might_sleep+0x163/0x280 [ 2097.400552] __should_failslab+0x121/0x190 [ 2097.400573] should_failslab+0x9/0x14 [ 2097.400591] kmem_cache_alloc_node_trace+0x270/0x720 [ 2097.400609] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2097.400627] ? dev_addr_init+0x17f/0x200 [ 2097.400647] __kmalloc_node+0x3d/0x70 [ 2097.400666] kvmalloc_node+0x68/0x100 [ 2097.450104] alloc_netdev_mqs+0x67f/0xd30 [ 2097.454258] ? slcan_change_mtu+0x10/0x10 [ 2097.457211] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2097.458414] slcan_open+0x338/0x940 [ 2097.458431] ? slcan_hangup+0x20/0x20 [ 2097.458446] ? lock_downgrade+0x810/0x810 [ 2097.458464] ? slcan_hangup+0x20/0x20 [ 2097.458488] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2097.458504] tty_set_ldisc+0x2d7/0x690 [ 2097.458527] tty_ioctl+0xe69/0x14d0 [ 2097.458546] ? tty_vhangup+0x30/0x30 [ 2097.458572] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2097.505561] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2097.510318] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2097.514907] ? __fget+0x340/0x540 [ 2097.518369] ? ___might_sleep+0x163/0x280 [ 2097.522534] ? __might_sleep+0x95/0x190 [ 2097.526536] ? tty_vhangup+0x30/0x30 [ 2097.530275] do_vfs_ioctl+0xd6e/0x1390 [ 2097.534171] ? selinux_file_ioctl+0x46f/0x5e0 [ 2097.538670] ? selinux_file_ioctl+0x125/0x5e0 [ 2097.543170] ? ioctl_preallocate+0x210/0x210 [ 2097.547584] ? selinux_file_mprotect+0x620/0x620 [ 2097.552364] ? iterate_fd+0x360/0x360 [ 2097.556181] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2097.561719] ? fput+0x128/0x1a0 [ 2097.565013] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2097.570553] ? security_file_ioctl+0x93/0xc0 [ 2097.574966] ksys_ioctl+0xab/0xd0 [ 2097.578433] __x64_sys_ioctl+0x73/0xb0 [ 2097.582326] do_syscall_64+0x103/0x610 [ 2097.586220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2097.591421] RIP: 0033:0x457e39 [ 2097.594624] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2097.613882] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2097.621589] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 [ 2097.628856] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2097.636123] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2097.643419] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2097.650686] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 16:44:27 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc0}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:27 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2097.671781] FAULT_INJECTION: forcing a failure. [ 2097.671781] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2097.689938] CPU: 1 PID: 2557 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2097.696968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2097.706328] Call Trace: [ 2097.708927] dump_stack+0x172/0x1f0 [ 2097.708949] should_fail.cold+0xa/0x1b [ 2097.708974] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2097.716525] ? ___might_sleep+0x163/0x280 [ 2097.725751] should_fail_alloc_page+0x50/0x60 [ 2097.730252] __alloc_pages_nodemask+0x1a1/0x710 [ 2097.730269] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2097.730288] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2097.730312] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2097.750970] alloc_pages_current+0x107/0x210 [ 2097.755423] __page_cache_alloc+0x2bd/0x460 [ 2097.759754] ? mark_held_locks+0x100/0x100 [ 2097.764006] __do_page_cache_readahead+0x1c6/0x5c0 [ 2097.768946] ? read_pages+0x550/0x550 [ 2097.772762] ? page_cache_sync_readahead+0x1d3/0x520 [ 2097.777894] ondemand_readahead+0x561/0xd40 [ 2097.782227] page_cache_sync_readahead+0x281/0x520 [ 2097.787178] generic_file_read_iter+0x1582/0x2870 [ 2097.792044] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2097.797144] ? kasan_kmalloc+0x9/0x10 [ 2097.800998] ? filemap_write_and_wait_range+0xd0/0xd0 [ 2097.806195] ? mark_held_locks+0x100/0x100 [ 2097.810450] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2097.815305] ? rcu_read_unlock+0x16/0x60 [ 2097.819439] ext4_file_read_iter+0x180/0x3c0 [ 2097.823865] generic_file_splice_read+0x4b2/0x800 [ 2097.828726] ? add_to_pipe+0x350/0x350 [ 2097.832637] ? rw_verify_area+0x118/0x360 [ 2097.836740] FAULT_INJECTION: forcing a failure. [ 2097.836740] name failslab, interval 1, probability 0, space 0, times 0 [ 2097.836791] ? add_to_pipe+0x350/0x350 [ 2097.851864] do_splice_to+0x12a/0x190 [ 2097.855682] splice_direct_to_actor+0x2d2/0x970 [ 2097.860358] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2097.865232] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2097.870775] ? do_splice_to+0x190/0x190 [ 2097.874768] ? rw_verify_area+0x118/0x360 [ 2097.878922] do_splice_direct+0x1da/0x2a0 [ 2097.883076] ? splice_direct_to_actor+0x970/0x970 [ 2097.887934] ? rw_verify_area+0x118/0x360 [ 2097.892106] do_sendfile+0x597/0xd00 [ 2097.895834] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2097.900432] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2097.905971] ? fput+0x128/0x1a0 [ 2097.909286] __x64_sys_sendfile64+0x1dd/0x220 [ 2097.913789] ? __ia32_sys_sendfile+0x230/0x230 [ 2097.918375] ? do_syscall_64+0x26/0x610 [ 2097.922366] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2097.926974] ? trace_hardirqs_on+0x67/0x230 [ 2097.931304] do_syscall_64+0x103/0x610 [ 2097.935211] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2097.940411] RIP: 0033:0x457e39 [ 2097.943607] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2097.962501] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 16:44:27 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x14b}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:27 executing program 1 (fault-call:1 fault-nth:3): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2097.970201] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2097.977464] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003 [ 2097.984749] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2097.992013] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2097.999309] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000006 [ 2098.006596] CPU: 0 PID: 2546 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2098.013621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2098.022969] Call Trace: [ 2098.025565] dump_stack+0x172/0x1f0 [ 2098.029205] dump_header+0x10f/0xb6c [ 2098.032920] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2098.038023] ? ___ratelimit+0x60/0x595 [ 2098.041926] ? do_raw_spin_unlock+0x57/0x270 [ 2098.046343] oom_kill_process.cold+0x10/0x6f5 [ 2098.050842] ? task_will_free_mem+0x139/0x6e0 [ 2098.055349] out_of_memory+0x79a/0x1280 [ 2098.059338] ? oom_killer_disable+0x280/0x280 [ 2098.063867] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2098.069016] mem_cgroup_out_of_memory+0x99/0xe0 [ 2098.073688] ? memcg_memory_event+0x40/0x40 [ 2098.078041] ? _raw_spin_unlock+0x2d/0x50 [ 2098.082232] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2098.087358] try_charge+0xb4a/0x1570 [ 2098.091091] ? find_held_lock+0x35/0x130 [ 2098.095162] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2098.100005] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2098.104850] ? find_held_lock+0x35/0x130 [ 2098.108912] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2098.113762] memcg_kmem_charge_memcg+0x7c/0x130 [ 2098.118434] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2098.122956] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2098.127798] memcg_kmem_charge+0x13b/0x340 [ 2098.132038] __alloc_pages_nodemask+0x437/0x710 [ 2098.136707] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2098.141723] ? ___might_sleep+0x163/0x280 [ 2098.145868] ? copyin+0xb5/0x100 [ 2098.149236] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2098.154772] alloc_pages_current+0x107/0x210 [ 2098.159212] pipe_write+0xa65/0xfb0 [ 2098.162863] __vfs_write+0x613/0x8e0 [ 2098.166579] ? kernel_read+0x120/0x120 [ 2098.170462] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2098.176016] ? rw_verify_area+0x118/0x360 [ 2098.180167] vfs_write+0x20c/0x580 [ 2098.183708] ksys_write+0xea/0x1f0 [ 2098.187247] ? __ia32_sys_read+0xb0/0xb0 [ 2098.191314] ? do_syscall_64+0x26/0x610 [ 2098.195315] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2098.200676] ? do_syscall_64+0x26/0x610 [ 2098.204653] __x64_sys_write+0x73/0xb0 [ 2098.208541] do_syscall_64+0x103/0x610 [ 2098.212434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2098.217618] RIP: 0033:0x457e39 [ 2098.220811] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2098.239707] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2098.247439] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2098.254706] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000007 [ 2098.261982] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2098.269244] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2098.276507] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2098.285939] CPU: 1 PID: 2566 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2098.293005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2098.302351] Call Trace: [ 2098.304947] dump_stack+0x172/0x1f0 [ 2098.308605] should_fail.cold+0xa/0x1b [ 2098.312499] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2098.317645] ? lock_downgrade+0x810/0x810 [ 2098.321807] ? ___might_sleep+0x163/0x280 [ 2098.324680] memory: usage 298652kB, limit 307200kB, failcnt 4292 [ 2098.325966] __should_failslab+0x121/0x190 [ 2098.325994] should_failslab+0x9/0x14 [ 2098.326026] kmem_cache_alloc_node_trace+0x270/0x720 [ 2098.326042] ? kasan_unpoison_shadow+0x35/0x50 [ 2098.332364] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2098.336417] __kmalloc_node+0x3d/0x70 [ 2098.336438] kvmalloc_node+0x68/0x100 [ 2098.336459] alloc_netdev_mqs+0x821/0xd30 [ 2098.336479] slcan_open+0x338/0x940 [ 2098.340449] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2098.345353] ? slcan_hangup+0x20/0x20 [ 2098.345366] ? lock_downgrade+0x810/0x810 [ 2098.345385] ? slcan_hangup+0x20/0x20 [ 2098.345412] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2098.345426] tty_set_ldisc+0x2d7/0x690 [ 2098.350171] Memory cgroup stats for /syz5: cache:23060KB rss:251456KB rss_huge:237568KB shmem:23052KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:104KB active_anon:274452KB inactive_file:8KB active_file:4KB unevictable:0KB [ 2098.356744] tty_ioctl+0xe69/0x14d0 [ 2098.356764] ? tty_vhangup+0x30/0x30 [ 2098.356786] ? mark_held_locks+0x100/0x100 [ 2098.356805] ? proc_fail_nth_write+0x9d/0x1e0 [ 2098.360777] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=28077,uid=0 [ 2098.364368] ? proc_cwd_link+0x1d0/0x1d0 [ 2098.364401] ? __fget+0x340/0x540 [ 2098.364418] ? ___might_sleep+0x163/0x280 [ 2098.364435] ? __might_sleep+0x95/0x190 [ 2098.368723] Memory cgroup out of memory: Kill process 28077 (syz-executor5) score 1133 or sacrifice child [ 2098.372182] ? tty_vhangup+0x30/0x30 [ 2098.372201] do_vfs_ioctl+0xd6e/0x1390 [ 2098.372220] ? selinux_file_ioctl+0x46f/0x5e0 [ 2098.372237] ? selinux_file_ioctl+0x125/0x5e0 [ 2098.372251] ? ioctl_preallocate+0x210/0x210 [ 2098.380684] Killed process 28077 (syz-executor5) total-vm:72448kB, anon-rss:8296kB, file-rss:35816kB, shmem-rss:0kB [ 2098.382182] ? selinux_file_mprotect+0x620/0x620 [ 2098.382202] ? iterate_fd+0x360/0x360 [ 2098.382220] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2098.382236] ? fput+0x128/0x1a0 [ 2098.382256] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2098.382276] ? security_file_ioctl+0x93/0xc0 [ 2098.382293] ksys_ioctl+0xab/0xd0 [ 2098.382311] __x64_sys_ioctl+0x73/0xb0 [ 2098.382332] do_syscall_64+0x103/0x610 [ 2098.450888] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2098.450901] RIP: 0033:0x457e39 [ 2098.450917] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:44:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc1}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:28 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)) 16:44:28 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:28 executing program 3 (fault-call:5 fault-nth:3): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2098.450926] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2098.450940] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 [ 2098.450948] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2098.450956] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2098.450968] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2098.466563] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 16:44:28 executing program 1 (fault-call:1 fault-nth:4): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2098.662911] FAULT_INJECTION: forcing a failure. [ 2098.662911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2098.695631] CPU: 0 PID: 2582 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2098.702658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2098.712006] Call Trace: [ 2098.714620] dump_stack+0x172/0x1f0 [ 2098.718265] should_fail.cold+0xa/0x1b [ 2098.722178] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2098.727327] ? ___might_sleep+0x163/0x280 [ 2098.731492] should_fail_alloc_page+0x50/0x60 [ 2098.735993] __alloc_pages_nodemask+0x1a1/0x710 [ 2098.740667] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2098.746121] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2098.751165] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2098.756712] alloc_pages_current+0x107/0x210 [ 2098.761133] __page_cache_alloc+0x2bd/0x460 [ 2098.765461] ? mark_held_locks+0x100/0x100 [ 2098.769708] __do_page_cache_readahead+0x1c6/0x5c0 [ 2098.774730] ? read_pages+0x550/0x550 [ 2098.778531] ? page_cache_sync_readahead+0x1d3/0x520 [ 2098.783653] ondemand_readahead+0x561/0xd40 [ 2098.788012] page_cache_sync_readahead+0x281/0x520 [ 2098.792995] generic_file_read_iter+0x1582/0x2870 [ 2098.797886] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2098.802993] ? kasan_kmalloc+0x9/0x10 [ 2098.806808] ? filemap_write_and_wait_range+0xd0/0xd0 [ 2098.812013] ? mark_held_locks+0x100/0x100 [ 2098.816266] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2098.821113] ? rcu_read_unlock+0x16/0x60 [ 2098.825200] ext4_file_read_iter+0x180/0x3c0 [ 2098.829630] generic_file_splice_read+0x4b2/0x800 [ 2098.834495] ? add_to_pipe+0x350/0x350 [ 2098.838417] ? rw_verify_area+0x118/0x360 [ 2098.842570] ? add_to_pipe+0x350/0x350 [ 2098.846460] do_splice_to+0x12a/0x190 [ 2098.850267] splice_direct_to_actor+0x2d2/0x970 [ 2098.854937] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2098.859781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2098.865314] ? do_splice_to+0x190/0x190 [ 2098.869291] ? rw_verify_area+0x118/0x360 [ 2098.873459] do_splice_direct+0x1da/0x2a0 [ 2098.877610] ? splice_direct_to_actor+0x970/0x970 [ 2098.882461] ? rw_verify_area+0x118/0x360 [ 2098.886620] do_sendfile+0x597/0xd00 [ 2098.890345] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2098.894936] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2098.900469] ? fput+0x128/0x1a0 [ 2098.903759] __x64_sys_sendfile64+0x1dd/0x220 [ 2098.908252] ? __ia32_sys_sendfile+0x230/0x230 [ 2098.912848] ? do_syscall_64+0x26/0x610 [ 2098.916823] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2098.921409] ? trace_hardirqs_on+0x67/0x230 [ 2098.925729] do_syscall_64+0x103/0x610 [ 2098.929624] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2098.934810] RIP: 0033:0x457e39 [ 2098.937998] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:44:28 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x14c}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2098.956892] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2098.964614] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2098.971879] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2098.979141] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2098.986409] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2098.993672] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 16:44:28 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)) [ 2099.010800] FAULT_INJECTION: forcing a failure. [ 2099.010800] name failslab, interval 1, probability 0, space 0, times 0 [ 2099.022782] CPU: 0 PID: 2586 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2099.029810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2099.039161] Call Trace: [ 2099.041770] dump_stack+0x172/0x1f0 [ 2099.045423] should_fail.cold+0xa/0x1b [ 2099.049320] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2099.054430] ? lock_downgrade+0x810/0x810 [ 2099.058613] ? ___might_sleep+0x163/0x280 [ 2099.062779] __should_failslab+0x121/0x190 [ 2099.067025] should_failslab+0x9/0x14 [ 2099.070831] __kmalloc_track_caller+0x2d8/0x740 [ 2099.075511] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2099.080099] ? trace_hardirqs_on+0x67/0x230 [ 2099.084431] ? kasan_check_read+0x11/0x20 [ 2099.088584] ? kstrdup_const+0x66/0x80 [ 2099.092488] kstrdup+0x3a/0x70 [ 2099.095685] kstrdup_const+0x66/0x80 [ 2099.099453] kvasprintf_const+0x10e/0x190 [ 2099.103629] kobject_set_name_vargs+0x5b/0x150 [ 2099.108216] dev_set_name+0xbd/0xf0 [ 2099.111842] ? device_initialize+0x440/0x440 [ 2099.116282] ? __init_waitqueue_head+0x36/0x90 [ 2099.120884] ? pm_runtime_init+0x364/0x420 [ 2099.125140] netdev_register_kobject+0xcb/0x390 [ 2099.129818] register_netdevice+0x878/0xff0 [ 2099.134143] ? netdev_change_features+0xb0/0xb0 [ 2099.138829] slcan_open+0x628/0x940 [ 2099.142496] ? slcan_hangup+0x20/0x20 [ 2099.146309] ? lock_downgrade+0x810/0x810 [ 2099.150467] ? slcan_hangup+0x20/0x20 [ 2099.154302] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2099.158727] tty_set_ldisc+0x2d7/0x690 [ 2099.162627] tty_ioctl+0xe69/0x14d0 [ 2099.166277] ? tty_vhangup+0x30/0x30 [ 2099.170005] ? mark_held_locks+0x100/0x100 [ 2099.174261] ? proc_fail_nth_write+0x9d/0x1e0 [ 2099.178762] ? proc_cwd_link+0x1d0/0x1d0 [ 2099.182836] ? __fget+0x340/0x540 [ 2099.186317] ? ___might_sleep+0x163/0x280 [ 2099.190479] ? __might_sleep+0x95/0x190 [ 2099.194462] ? tty_vhangup+0x30/0x30 [ 2099.198188] do_vfs_ioctl+0xd6e/0x1390 [ 2099.202086] ? selinux_file_ioctl+0x46f/0x5e0 [ 2099.206591] ? selinux_file_ioctl+0x125/0x5e0 [ 2099.211093] ? ioctl_preallocate+0x210/0x210 [ 2099.215514] ? selinux_file_mprotect+0x620/0x620 [ 2099.220275] ? iterate_fd+0x360/0x360 [ 2099.224089] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2099.224104] ? fput+0x128/0x1a0 [ 2099.224122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2099.224139] ? security_file_ioctl+0x93/0xc0 [ 2099.224168] ksys_ioctl+0xab/0xd0 [ 2099.246383] __x64_sys_ioctl+0x73/0xb0 [ 2099.250311] do_syscall_64+0x103/0x610 [ 2099.254222] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2099.254236] RIP: 0033:0x457e39 16:44:29 executing program 3 (fault-call:5 fault-nth:4): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc2}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:29 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000040)) [ 2099.254251] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2099.254259] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2099.254293] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 [ 2099.281555] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2099.281565] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2099.281574] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2099.281583] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 16:44:29 executing program 1 (fault-call:1 fault-nth:5): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2099.372154] FAULT_INJECTION: forcing a failure. [ 2099.372154] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2099.395145] CPU: 1 PID: 2601 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2099.402185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2099.411534] Call Trace: [ 2099.414148] dump_stack+0x172/0x1f0 [ 2099.417811] should_fail.cold+0xa/0x1b [ 2099.421726] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2099.426831] ? ___might_sleep+0x163/0x280 [ 2099.430996] should_fail_alloc_page+0x50/0x60 [ 2099.435493] __alloc_pages_nodemask+0x1a1/0x710 [ 2099.440170] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2099.445628] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2099.450656] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2099.456235] alloc_pages_current+0x107/0x210 [ 2099.460654] __page_cache_alloc+0x2bd/0x460 [ 2099.464990] ? mark_held_locks+0x100/0x100 [ 2099.465011] __do_page_cache_readahead+0x1c6/0x5c0 [ 2099.465030] ? read_pages+0x550/0x550 [ 2099.478008] ? page_cache_sync_readahead+0x1d3/0x520 [ 2099.483130] ondemand_readahead+0x561/0xd40 [ 2099.487460] page_cache_sync_readahead+0x281/0x520 [ 2099.492428] generic_file_read_iter+0x1582/0x2870 [ 2099.492455] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2099.502388] ? kasan_kmalloc+0x9/0x10 [ 2099.506204] ? filemap_write_and_wait_range+0xd0/0xd0 [ 2099.511420] ? mark_held_locks+0x100/0x100 [ 2099.515660] ? mark_held_locks+0x100/0x100 [ 2099.519896] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2099.519914] ? rcu_read_unlock+0x16/0x60 [ 2099.519939] ext4_file_read_iter+0x180/0x3c0 [ 2099.533220] generic_file_splice_read+0x4b2/0x800 [ 2099.538098] ? add_to_pipe+0x350/0x350 [ 2099.542041] ? rw_verify_area+0x118/0x360 [ 2099.546203] ? add_to_pipe+0x350/0x350 [ 2099.550104] do_splice_to+0x12a/0x190 [ 2099.553915] splice_direct_to_actor+0x2d2/0x970 [ 2099.558607] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2099.563466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2099.569023] ? do_splice_to+0x190/0x190 [ 2099.573019] ? rw_verify_area+0x118/0x360 [ 2099.577180] do_splice_direct+0x1da/0x2a0 [ 2099.581342] ? splice_direct_to_actor+0x970/0x970 [ 2099.586239] ? rw_verify_area+0x118/0x360 [ 2099.590437] do_sendfile+0x597/0xd00 [ 2099.592374] FAULT_INJECTION: forcing a failure. [ 2099.592374] name failslab, interval 1, probability 0, space 0, times 0 [ 2099.594166] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2099.594191] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2099.615645] ? fput+0x128/0x1a0 [ 2099.618936] __x64_sys_sendfile64+0x1dd/0x220 [ 2099.623436] ? __ia32_sys_sendfile+0x230/0x230 [ 2099.628023] ? do_syscall_64+0x26/0x610 [ 2099.632004] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2099.636591] ? trace_hardirqs_on+0x67/0x230 [ 2099.640922] do_syscall_64+0x103/0x610 [ 2099.644830] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2099.650019] RIP: 0033:0x457e39 [ 2099.653215] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2099.672114] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2099.679837] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2099.687098] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2099.694371] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2099.701650] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2099.708915] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 [ 2099.716205] CPU: 0 PID: 2610 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2099.723229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2099.732582] Call Trace: [ 2099.735179] dump_stack+0x172/0x1f0 [ 2099.738818] should_fail.cold+0xa/0x1b [ 2099.742717] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2099.747820] ? lock_downgrade+0x810/0x810 [ 2099.751984] ? ___might_sleep+0x163/0x280 [ 2099.756158] __should_failslab+0x121/0x190 [ 2099.760438] should_failslab+0x9/0x14 [ 2099.764247] kmem_cache_alloc_trace+0x2d1/0x760 [ 2099.768930] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2099.774479] ? refcount_inc_checked+0x2b/0x70 [ 2099.778982] device_add+0xfb6/0x1870 [ 2099.782702] ? device_initialize+0x440/0x440 [ 2099.787114] ? get_device_parent.isra.0+0x570/0x570 [ 2099.792126] ? __init_waitqueue_head+0x36/0x90 [ 2099.796709] ? pm_runtime_init+0x364/0x420 [ 2099.800951] netdev_register_kobject+0x18c/0x390 [ 2099.805710] register_netdevice+0x878/0xff0 [ 2099.810034] ? netdev_change_features+0xb0/0xb0 [ 2099.814707] slcan_open+0x628/0x940 [ 2099.818358] ? slcan_hangup+0x20/0x20 [ 2099.822158] ? lock_downgrade+0x810/0x810 [ 2099.826306] ? slcan_hangup+0x20/0x20 [ 2099.830119] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2099.834524] tty_set_ldisc+0x2d7/0x690 [ 2099.838438] tty_ioctl+0xe69/0x14d0 [ 2099.842069] ? tty_vhangup+0x30/0x30 [ 2099.845784] ? mark_held_locks+0x100/0x100 [ 2099.850034] ? proc_fail_nth_write+0x9d/0x1e0 [ 2099.854530] ? proc_cwd_link+0x1d0/0x1d0 [ 2099.858596] ? __fget+0x340/0x540 [ 2099.862046] ? ___might_sleep+0x163/0x280 [ 2099.866190] ? __might_sleep+0x95/0x190 [ 2099.870176] ? tty_vhangup+0x30/0x30 [ 2099.873888] do_vfs_ioctl+0xd6e/0x1390 [ 2099.877774] ? selinux_file_ioctl+0x46f/0x5e0 [ 2099.882265] ? selinux_file_ioctl+0x125/0x5e0 [ 2099.886770] ? ioctl_preallocate+0x210/0x210 [ 2099.891173] ? selinux_file_mprotect+0x620/0x620 [ 2099.895944] ? iterate_fd+0x360/0x360 [ 2099.899744] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2099.905305] ? fput+0x128/0x1a0 [ 2099.908590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2099.914127] ? security_file_ioctl+0x93/0xc0 [ 2099.918550] ksys_ioctl+0xab/0xd0 [ 2099.922000] __x64_sys_ioctl+0x73/0xb0 [ 2099.925902] do_syscall_64+0x103/0x610 [ 2099.929787] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2099.934965] RIP: 0033:0x457e39 [ 2099.938152] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2099.957049] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2099.964769] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 16:44:29 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc3}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2099.972037] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2099.979303] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2099.986581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2099.993842] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 16:44:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(0x0, 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:30 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x14d}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:30 executing program 3 (fault-call:5 fault-nth:5): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2100.344813] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2100.371573] CPU: 0 PID: 2629 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2100.378612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2100.387967] Call Trace: [ 2100.390582] dump_stack+0x172/0x1f0 16:44:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2100.394238] dump_header+0x10f/0xb6c [ 2100.397963] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2100.403080] ? ___ratelimit+0x60/0x595 [ 2100.406976] ? do_raw_spin_unlock+0x57/0x270 [ 2100.411402] oom_kill_process.cold+0x10/0x6f5 [ 2100.415908] ? task_will_free_mem+0x139/0x6e0 [ 2100.420425] out_of_memory+0x79a/0x1280 [ 2100.424425] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2100.429548] ? oom_killer_disable+0x280/0x280 [ 2100.434055] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2100.439183] mem_cgroup_out_of_memory+0x99/0xe0 [ 2100.443857] ? memcg_memory_event+0x40/0x40 [ 2100.448184] ? _raw_spin_unlock+0x2d/0x50 [ 2100.452338] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2100.457441] try_charge+0xfec/0x1570 [ 2100.461185] ? find_held_lock+0x35/0x130 [ 2100.465266] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2100.470119] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2100.474963] ? find_held_lock+0x35/0x130 [ 2100.479025] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2100.483886] memcg_kmem_charge_memcg+0x7c/0x130 [ 2100.488554] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2100.493049] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2100.497894] memcg_kmem_charge+0x13b/0x340 [ 2100.502135] __alloc_pages_nodemask+0x437/0x710 [ 2100.506816] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2100.511829] ? ___might_sleep+0x163/0x280 [ 2100.515973] ? copyin+0xb5/0x100 [ 2100.519336] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2100.524878] alloc_pages_current+0x107/0x210 [ 2100.529303] pipe_write+0xa65/0xfb0 [ 2100.532970] __vfs_write+0x613/0x8e0 [ 2100.536687] ? kernel_read+0x120/0x120 [ 2100.540577] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2100.546141] ? rw_verify_area+0x118/0x360 [ 2100.550301] vfs_write+0x20c/0x580 [ 2100.553845] ksys_write+0xea/0x1f0 [ 2100.557379] ? __ia32_sys_read+0xb0/0xb0 [ 2100.561465] ? do_syscall_64+0x26/0x610 [ 2100.565447] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2100.570806] ? do_syscall_64+0x26/0x610 [ 2100.574784] __x64_sys_write+0x73/0xb0 [ 2100.578673] do_syscall_64+0x103/0x610 [ 2100.582560] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2100.587765] RIP: 0033:0x457e39 [ 2100.590956] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2100.609848] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2100.617559] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2100.624823] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000008 [ 2100.632089] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2100.639356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2100.646617] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff [ 2100.687752] FAULT_INJECTION: forcing a failure. [ 2100.687752] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2100.717705] CPU: 1 PID: 2641 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2100.724737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2100.734081] Call Trace: [ 2100.734109] dump_stack+0x172/0x1f0 [ 2100.734132] should_fail.cold+0xa/0x1b [ 2100.734152] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2100.749809] ? ___might_sleep+0x163/0x280 [ 2100.753967] should_fail_alloc_page+0x50/0x60 [ 2100.758520] __alloc_pages_nodemask+0x1a1/0x710 [ 2100.763196] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2100.768658] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2100.773703] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2100.779266] alloc_pages_current+0x107/0x210 [ 2100.783701] __page_cache_alloc+0x2bd/0x460 [ 2100.784958] memory: usage 307200kB, limit 307200kB, failcnt 4333 [ 2100.788028] ? mark_held_locks+0x100/0x100 [ 2100.788049] __do_page_cache_readahead+0x1c6/0x5c0 [ 2100.788075] ? read_pages+0x550/0x550 [ 2100.807164] ? page_cache_sync_readahead+0x1d3/0x520 [ 2100.808269] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2100.812290] ondemand_readahead+0x561/0xd40 [ 2100.812314] page_cache_sync_readahead+0x281/0x520 [ 2100.823846] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2100.828278] generic_file_read_iter+0x1582/0x2870 [ 2100.828308] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2100.828321] ? kasan_kmalloc+0x9/0x10 [ 2100.828342] ? filemap_write_and_wait_range+0xd0/0xd0 [ 2100.834647] Memory cgroup stats for /syz5: cache:23060KB rss:259440KB rss_huge:245760KB shmem:23184KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:132KB active_anon:282532KB inactive_file:8KB active_file:0KB unevictable:0KB [ 2100.839329] ? mark_held_locks+0x100/0x100 [ 2100.839350] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2100.839368] ? rcu_read_unlock+0x16/0x60 [ 2100.839418] ext4_file_read_iter+0x180/0x3c0 [ 2100.846514] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2621,uid=0 [ 2100.848286] generic_file_splice_read+0x4b2/0x800 [ 2100.848307] ? add_to_pipe+0x350/0x350 [ 2100.848338] ? rw_verify_area+0x118/0x360 [ 2100.853619] Memory cgroup out of memory: Kill process 2621 (syz-executor5) score 1141 or sacrifice child [ 2100.875003] ? add_to_pipe+0x350/0x350 [ 2100.875021] do_splice_to+0x12a/0x190 [ 2100.875040] splice_direct_to_actor+0x2d2/0x970 [ 2100.875058] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2100.881225] Killed process 2626 (syz-executor5) total-vm:72448kB, anon-rss:6288kB, file-rss:34816kB, shmem-rss:0kB [ 2100.884108] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2100.884126] ? do_splice_to+0x190/0x190 [ 2100.884144] ? rw_verify_area+0x118/0x360 [ 2100.970712] do_splice_direct+0x1da/0x2a0 [ 2100.974867] ? splice_direct_to_actor+0x970/0x970 [ 2100.979720] ? rw_verify_area+0x118/0x360 [ 2100.983893] do_sendfile+0x597/0xd00 [ 2100.987620] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2100.992210] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2100.997757] ? fput+0x128/0x1a0 [ 2101.001063] __x64_sys_sendfile64+0x1dd/0x220 [ 2101.005569] ? __ia32_sys_sendfile+0x230/0x230 [ 2101.010176] ? do_syscall_64+0x26/0x610 [ 2101.014170] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2101.018758] ? trace_hardirqs_on+0x67/0x230 [ 2101.023093] do_syscall_64+0x103/0x610 [ 2101.027005] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2101.032194] RIP: 0033:0x457e39 [ 2101.035400] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2101.054308] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2101.062021] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2101.069316] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2101.076598] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 16:44:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc4}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:30 executing program 1 (fault-call:1 fault-nth:6): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:31 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x14e}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:31 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(0x0, 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2101.083867] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2101.091146] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 [ 2101.131428] FAULT_INJECTION: forcing a failure. [ 2101.131428] name failslab, interval 1, probability 0, space 0, times 0 [ 2101.222197] CPU: 0 PID: 2650 Comm: syz-executor1 Not tainted 5.0.0-rc5 #60 [ 2101.229251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2101.238600] Call Trace: [ 2101.241195] dump_stack+0x172/0x1f0 [ 2101.244848] should_fail.cold+0xa/0x1b [ 2101.248743] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2101.253852] ? lock_downgrade+0x810/0x810 [ 2101.258013] ? ___might_sleep+0x163/0x280 [ 2101.262198] __should_failslab+0x121/0x190 [ 2101.266435] should_failslab+0x9/0x14 [ 2101.270230] __kmalloc_track_caller+0x2d8/0x740 [ 2101.274920] ? find_held_lock+0x35/0x130 [ 2101.278986] ? console_unlock+0x714/0x10a0 [ 2101.283226] ? kstrdup_const+0x66/0x80 [ 2101.287132] kstrdup+0x3a/0x70 [ 2101.290344] kstrdup_const+0x66/0x80 [ 2101.294061] __kernfs_new_node+0xb0/0x690 [ 2101.298217] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2101.302983] ? map_id_range_down+0x1ee/0x370 [ 2101.307418] ? __put_user_ns+0x70/0x70 [ 2101.311323] ? debug_smp_processor_id+0x1c/0x20 [ 2101.315994] ? tick_nohz_tick_stopped+0x1a/0x90 [ 2101.320664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2101.326202] ? make_kgid+0x23/0x30 [ 2101.329746] kernfs_new_node+0x99/0x130 [ 2101.333729] kernfs_create_dir_ns+0x52/0x160 [ 2101.338145] sysfs_create_dir_ns+0x131/0x2a0 [ 2101.342582] ? sysfs_create_mount_point+0xa0/0xa0 [ 2101.347457] ? net_namespace+0xd/0x40 [ 2101.351282] ? device_namespace+0x9d/0xd0 [ 2101.355436] kobject_add_internal.cold+0xe5/0x5d4 [ 2101.360288] kobject_add+0x150/0x1c0 [ 2101.364011] ? kset_create_and_add+0x1a0/0x1a0 [ 2101.368608] ? kasan_check_read+0x11/0x20 16:44:31 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x14f}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:31 executing program 3 (fault-call:5 fault-nth:6): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2101.372761] ? mutex_unlock+0xd/0x10 [ 2101.376489] device_add+0x3d5/0x1870 [ 2101.380207] ? device_initialize+0x440/0x440 [ 2101.384621] ? get_device_parent.isra.0+0x570/0x570 [ 2101.389655] ? __init_waitqueue_head+0x36/0x90 [ 2101.394274] ? pm_runtime_init+0x364/0x420 [ 2101.398534] netdev_register_kobject+0x18c/0x390 [ 2101.403300] register_netdevice+0x878/0xff0 [ 2101.407625] ? netdev_change_features+0xb0/0xb0 [ 2101.412299] slcan_open+0x628/0x940 [ 2101.415928] ? slcan_hangup+0x20/0x20 [ 2101.419729] ? lock_downgrade+0x810/0x810 [ 2101.423877] ? slcan_hangup+0x20/0x20 [ 2101.427683] tty_ldisc_open.isra.0+0x8b/0xe0 [ 2101.432106] tty_set_ldisc+0x2d7/0x690 [ 2101.436016] tty_ioctl+0xe69/0x14d0 [ 2101.439655] ? tty_vhangup+0x30/0x30 [ 2101.443387] ? mark_held_locks+0x100/0x100 [ 2101.443417] ? proc_fail_nth_write+0x9d/0x1e0 [ 2101.443434] ? proc_cwd_link+0x1d0/0x1d0 [ 2101.443454] ? __fget+0x340/0x540 [ 2101.452190] ? ___might_sleep+0x163/0x280 [ 2101.452207] ? __might_sleep+0x95/0x190 [ 2101.452222] ? tty_vhangup+0x30/0x30 [ 2101.452239] do_vfs_ioctl+0xd6e/0x1390 [ 2101.452257] ? selinux_file_ioctl+0x46f/0x5e0 [ 2101.452273] ? selinux_file_ioctl+0x125/0x5e0 [ 2101.471531] ? ioctl_preallocate+0x210/0x210 [ 2101.471548] ? selinux_file_mprotect+0x620/0x620 [ 2101.471584] ? iterate_fd+0x360/0x360 [ 2101.471602] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2101.471619] ? fput+0x128/0x1a0 [ 2101.488854] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2101.488872] ? security_file_ioctl+0x93/0xc0 [ 2101.488888] ksys_ioctl+0xab/0xd0 [ 2101.488906] __x64_sys_ioctl+0x73/0xb0 [ 2101.488926] do_syscall_64+0x103/0x610 [ 2101.488945] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2101.532558] RIP: 0033:0x457e39 [ 2101.535768] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2101.554682] RSP: 002b:00007fca973a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2101.562431] RAX: ffffffffffffffda RBX: 00007fca973a3c90 RCX: 0000000000457e39 16:44:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2101.569703] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 2101.576967] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2101.584236] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca973a46d4 [ 2101.591543] R13: 00000000004c2146 R14: 00000000004d4958 R15: 0000000000000004 [ 2101.631207] FAULT_INJECTION: forcing a failure. [ 2101.631207] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2101.666370] CPU: 0 PID: 2678 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2101.673412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2101.682765] Call Trace: [ 2101.685359] dump_stack+0x172/0x1f0 [ 2101.688992] should_fail.cold+0xa/0x1b [ 2101.692880] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2101.697983] ? ___might_sleep+0x163/0x280 [ 2101.702138] should_fail_alloc_page+0x50/0x60 [ 2101.706636] __alloc_pages_nodemask+0x1a1/0x710 [ 2101.711304] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2101.716758] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2101.721799] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2101.727356] alloc_pages_current+0x107/0x210 [ 2101.731769] __page_cache_alloc+0x2bd/0x460 [ 2101.736137] ? mark_held_locks+0x100/0x100 [ 2101.740372] __do_page_cache_readahead+0x1c6/0x5c0 [ 2101.745312] ? read_pages+0x550/0x550 [ 2101.749113] ? page_cache_sync_readahead+0x1d3/0x520 [ 2101.754222] ondemand_readahead+0x561/0xd40 [ 2101.758556] page_cache_sync_readahead+0x281/0x520 [ 2101.763494] generic_file_read_iter+0x1582/0x2870 [ 2101.768434] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2101.773546] ? kasan_kmalloc+0x9/0x10 [ 2101.777367] ? filemap_write_and_wait_range+0xd0/0xd0 [ 2101.782559] ? mark_held_locks+0x100/0x100 [ 2101.786794] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2101.792249] ? cache_grow_end+0xa4/0x190 [ 2101.796321] ext4_file_read_iter+0x180/0x3c0 [ 2101.800738] generic_file_splice_read+0x4b2/0x800 [ 2101.805585] ? add_to_pipe+0x350/0x350 [ 2101.809495] ? rw_verify_area+0x118/0x360 [ 2101.813641] ? add_to_pipe+0x350/0x350 [ 2101.817530] do_splice_to+0x12a/0x190 [ 2101.821363] splice_direct_to_actor+0x2d2/0x970 [ 2101.826039] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2101.830889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2101.836431] ? do_splice_to+0x190/0x190 [ 2101.840415] ? rw_verify_area+0x118/0x360 [ 2101.844572] do_splice_direct+0x1da/0x2a0 [ 2101.848724] ? splice_direct_to_actor+0x970/0x970 [ 2101.853574] ? rw_verify_area+0x118/0x360 [ 2101.857721] do_sendfile+0x597/0xd00 [ 2101.861451] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2101.866035] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2101.871587] ? fput+0x128/0x1a0 [ 2101.874870] __x64_sys_sendfile64+0x1dd/0x220 [ 2101.879366] ? __ia32_sys_sendfile+0x230/0x230 [ 2101.883958] ? do_syscall_64+0x26/0x610 [ 2101.887928] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2101.892528] ? trace_hardirqs_on+0x67/0x230 [ 2101.896855] do_syscall_64+0x103/0x610 [ 2101.900761] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2101.905943] RIP: 0033:0x457e39 [ 2101.909137] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:44:31 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:31 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc5}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2101.928032] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2101.935744] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2101.943003] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2101.950278] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2101.957542] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2101.964821] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 16:44:31 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(0x0, 0x141042, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2102.005566] kobject_add_internal failed for slcan0 (error: -12 parent: net) 16:44:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2102.140630] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2102.178461] CPU: 0 PID: 2688 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2102.185505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2102.194853] Call Trace: [ 2102.197445] dump_stack+0x172/0x1f0 [ 2102.201131] dump_header+0x10f/0xb6c [ 2102.204866] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2102.209966] ? ___ratelimit+0x60/0x595 [ 2102.209983] ? do_raw_spin_unlock+0x57/0x270 [ 2102.210003] oom_kill_process.cold+0x10/0x6f5 [ 2102.210022] ? task_will_free_mem+0x139/0x6e0 [ 2102.210044] out_of_memory+0x79a/0x1280 [ 2102.210063] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2102.210077] ? oom_killer_disable+0x280/0x280 [ 2102.210091] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2102.210113] mem_cgroup_out_of_memory+0x99/0xe0 [ 2102.245991] ? memcg_memory_event+0x40/0x40 [ 2102.246013] ? _raw_spin_unlock+0x2d/0x50 [ 2102.246028] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2102.264216] try_charge+0xfec/0x1570 [ 2102.267937] ? find_held_lock+0x35/0x130 [ 2102.272020] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2102.272039] ? kasan_check_read+0x11/0x20 [ 2102.281026] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2102.285903] mem_cgroup_try_charge+0x24d/0x5e0 16:44:32 executing program 3 (fault-call:5 fault-nth:7): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) [ 2102.290500] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2102.290518] do_huge_pmd_wp_page+0x11b1/0x3550 [ 2102.290542] ? __split_huge_pmd+0x2c00/0x2c00 [ 2102.290575] ? __lock_acquire+0x53b/0x4700 [ 2102.290591] ? __might_fault+0x12b/0x1e0 [ 2102.312802] ? pmd_val+0x85/0x100 [ 2102.316251] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2102.321272] __handle_mm_fault+0x1651/0x3f20 [ 2102.325830] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2102.330676] ? find_held_lock+0x35/0x130 [ 2102.334742] ? handle_mm_fault+0x322/0xb30 [ 2102.338986] ? kasan_check_read+0x11/0x20 [ 2102.339006] handle_mm_fault+0x43f/0xb30 [ 2102.339030] __do_page_fault+0x5da/0xd60 [ 2102.339053] do_page_fault+0x71/0x581 [ 2102.339068] ? page_fault+0x8/0x30 [ 2102.339082] page_fault+0x1e/0x30 [ 2102.339094] RIP: 0033:0x43f131 [ 2102.339109] Code: 8d 15 33 5c 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 2102.339120] RSP: 002b:00007ffdbd4bae58 EFLAGS: 00010202 16:44:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2102.351340] RAX: 0000000020000140 RBX: 000000000073c900 RCX: 000000000000002c [ 2102.351349] RDX: 0000000000000003 RSI: 00000000007408f8 RDI: 0000000020000140 [ 2102.351357] RBP: 000000000073c900 R08: 000000005de92db6 R09: 000000005de92dba [ 2102.351365] R10: 00007ffdbd4baf20 R11: 0000000000000246 R12: fffffffffffffffe [ 2102.351374] R13: 0000000000201359 R14: 00000000000003e8 R15: 000000000073bf0c [ 2102.476176] memory: usage 307200kB, limit 307200kB, failcnt 4345 [ 2102.485008] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2102.505198] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2102.553181] Memory cgroup stats for /syz5: cache:23060KB rss:259356KB rss_huge:247808KB shmem:23184KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60KB active_anon:282276KB inactive_file:8KB active_file:0KB unevictable:0KB 16:44:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:32 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x150}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2102.590512] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=28488,uid=0 [ 2102.612567] Memory cgroup out of memory: Kill process 28488 (syz-executor5) score 1133 or sacrifice child 16:44:32 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc6}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) [ 2102.679270] Killed process 28488 (syz-executor5) total-vm:72448kB, anon-rss:8296kB, file-rss:35808kB, shmem-rss:4kB 16:44:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:32 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x2, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:33 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x4b47, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2103.210063] FAULT_INJECTION: forcing a failure. [ 2103.210063] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2103.286860] CPU: 0 PID: 2743 Comm: syz-executor3 Not tainted 5.0.0-rc5 #60 [ 2103.293912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2103.303258] Call Trace: [ 2103.305859] dump_stack+0x172/0x1f0 [ 2103.309515] should_fail.cold+0xa/0x1b [ 2103.313421] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 2103.318532] ? ___might_sleep+0x163/0x280 [ 2103.322691] should_fail_alloc_page+0x50/0x60 [ 2103.327222] __alloc_pages_nodemask+0x1a1/0x710 [ 2103.331900] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 2103.337371] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2103.342424] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2103.347976] alloc_pages_current+0x107/0x210 [ 2103.352404] __page_cache_alloc+0x2bd/0x460 [ 2103.356731] ? mark_held_locks+0x100/0x100 [ 2103.360976] __do_page_cache_readahead+0x1c6/0x5c0 [ 2103.365935] ? read_pages+0x550/0x550 [ 2103.369744] ? page_cache_sync_readahead+0x1d3/0x520 [ 2103.374861] ondemand_readahead+0x561/0xd40 [ 2103.379196] page_cache_sync_readahead+0x281/0x520 [ 2103.384133] generic_file_read_iter+0x1582/0x2870 [ 2103.389026] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 2103.394128] ? kasan_kmalloc+0x9/0x10 [ 2103.397942] ? filemap_write_and_wait_range+0xd0/0xd0 [ 2103.403138] ? mark_held_locks+0x100/0x100 [ 2103.407388] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2103.412249] ? rcu_read_unlock+0x16/0x60 [ 2103.416343] ext4_file_read_iter+0x180/0x3c0 [ 2103.420764] generic_file_splice_read+0x4b2/0x800 [ 2103.425627] ? add_to_pipe+0x350/0x350 [ 2103.429553] ? rw_verify_area+0x118/0x360 [ 2103.433703] ? add_to_pipe+0x350/0x350 [ 2103.437597] do_splice_to+0x12a/0x190 [ 2103.441419] splice_direct_to_actor+0x2d2/0x970 [ 2103.446108] ? generic_pipe_buf_nosteal+0x10/0x10 [ 2103.450962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2103.456514] ? do_splice_to+0x190/0x190 [ 2103.460516] ? rw_verify_area+0x118/0x360 [ 2103.464681] do_splice_direct+0x1da/0x2a0 [ 2103.468846] ? splice_direct_to_actor+0x970/0x970 [ 2103.473700] ? rw_verify_area+0x118/0x360 [ 2103.477855] do_sendfile+0x597/0xd00 [ 2103.481589] ? do_compat_pwritev64+0x1c0/0x1c0 [ 2103.486180] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2103.491724] ? fput+0x128/0x1a0 [ 2103.495020] __x64_sys_sendfile64+0x1dd/0x220 [ 2103.499530] ? __ia32_sys_sendfile+0x230/0x230 [ 2103.504129] ? do_syscall_64+0x26/0x610 [ 2103.508113] ? lockdep_hardirqs_on+0x415/0x5d0 [ 2103.512705] ? trace_hardirqs_on+0x67/0x230 [ 2103.517038] do_syscall_64+0x103/0x610 [ 2103.520944] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2103.526137] RIP: 0033:0x457e39 [ 2103.529336] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2103.548251] RSP: 002b:00007fbc58f5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2103.555962] RAX: ffffffffffffffda RBX: 00007fbc58f5dc90 RCX: 0000000000457e39 [ 2103.563250] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2103.570533] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2103.577809] R10: 00008000fffffffe R11: 0000000000000246 R12: 00007fbc58f5e6d4 [ 2103.585077] R13: 00000000004c4d71 R14: 00000000004d8930 R15: 0000000000000005 [ 2103.775022] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2103.838524] CPU: 1 PID: 2757 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2103.845589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2103.854948] Call Trace: [ 2103.857560] dump_stack+0x172/0x1f0 [ 2103.861209] dump_header+0x10f/0xb6c [ 2103.864938] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2103.870058] ? ___ratelimit+0x60/0x595 [ 2103.873956] ? do_raw_spin_unlock+0x57/0x270 [ 2103.878385] oom_kill_process.cold+0x10/0x6f5 [ 2103.882905] ? task_will_free_mem+0x139/0x6e0 [ 2103.887430] out_of_memory+0x79a/0x1280 [ 2103.891427] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2103.896543] ? oom_killer_disable+0x280/0x280 [ 2103.901046] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2103.906166] mem_cgroup_out_of_memory+0x99/0xe0 [ 2103.910845] ? memcg_memory_event+0x40/0x40 [ 2103.915186] ? _raw_spin_unlock+0x2d/0x50 [ 2103.919343] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2103.924456] try_charge+0xfec/0x1570 [ 2103.928176] ? find_held_lock+0x35/0x130 [ 2103.932252] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2103.937105] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2103.941953] ? find_held_lock+0x35/0x130 [ 2103.946030] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 2103.950885] memcg_kmem_charge_memcg+0x7c/0x130 [ 2103.955576] ? memcg_kmem_put_cache+0xb0/0xb0 [ 2103.960083] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2103.964937] memcg_kmem_charge+0x13b/0x340 [ 2103.969187] __alloc_pages_nodemask+0x437/0x710 [ 2103.969209] ? __alloc_pages_slowpath+0x2900/0x2900 [ 2103.969226] ? ___might_sleep+0x163/0x280 [ 2103.969245] ? copyin+0xb5/0x100 [ 2103.969268] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2103.969291] alloc_pages_current+0x107/0x210 [ 2103.969312] pipe_write+0xa65/0xfb0 [ 2103.979573] __vfs_write+0x613/0x8e0 [ 2103.979592] ? kernel_read+0x120/0x120 [ 2103.979607] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2103.979636] ? rw_verify_area+0x118/0x360 [ 2103.987143] vfs_write+0x20c/0x580 [ 2103.997061] ksys_write+0xea/0x1f0 [ 2104.004373] ? __ia32_sys_read+0xb0/0xb0 [ 2104.004419] ? do_syscall_64+0x26/0x610 [ 2104.004437] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 16:44:33 executing program 3 (fault-call:5 fault-nth:8): r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:33 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x151}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:33 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc7}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x4b49, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2104.029111] ? do_syscall_64+0x26/0x610 [ 2104.029132] __x64_sys_write+0x73/0xb0 [ 2104.029150] do_syscall_64+0x103/0x610 [ 2104.029168] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2104.029182] RIP: 0033:0x457e39 [ 2104.055383] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2104.055401] RSP: 002b:00007fb6e81d3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2104.055417] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2104.055426] RDX: 00000000526987c9 RSI: 00000000200001c0 RDI: 0000000000000008 [ 2104.055436] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 2104.055445] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81d46d4 [ 2104.055454] R13: 00000000004c3b8d R14: 00000000004dc278 R15: 00000000ffffffff 16:44:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5409, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:34 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x8000fffffffe) 16:44:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x540b, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) [ 2104.315515] Bluetooth: hci0: Frame reassembly failed (-84) [ 2104.321695] Bluetooth: hci0: Frame reassembly failed (-84) 16:44:34 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x800000000002) [ 2104.385778] memory: usage 307200kB, limit 307200kB, failcnt 4367 [ 2104.423009] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2104.449357] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2104.462493] Memory cgroup stats for /syz5: cache:23060KB rss:259216KB rss_huge:247808KB shmem:23184KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:56KB active_anon:282308KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2104.496652] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=28500,uid=0 [ 2104.533907] Memory cgroup out of memory: Kill process 28500 (syz-executor5) score 1133 or sacrifice child [ 2104.574781] Killed process 28500 (syz-executor5) total-vm:72448kB, anon-rss:8296kB, file-rss:35812kB, shmem-rss:0kB [ 2104.590733] oom_reaper: reaped process 28500 (syz-executor5), now anon-rss:0kB, file-rss:34852kB, shmem-rss:4kB [ 2104.605955] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2104.627429] CPU: 1 PID: 2750 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2104.634453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2104.643800] Call Trace: [ 2104.646458] dump_stack+0x172/0x1f0 [ 2104.650186] dump_header+0x10f/0xb6c [ 2104.650204] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2104.650220] ? ___ratelimit+0x60/0x595 [ 2104.650236] ? do_raw_spin_unlock+0x57/0x270 [ 2104.650255] oom_kill_process.cold+0x10/0x6f5 [ 2104.671784] ? task_will_free_mem+0x139/0x6e0 [ 2104.676291] out_of_memory+0x79a/0x1280 [ 2104.680278] ? oom_killer_disable+0x280/0x280 [ 2104.684761] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2104.689857] mem_cgroup_out_of_memory+0x99/0xe0 [ 2104.694512] ? memcg_memory_event+0x40/0x40 [ 2104.698824] ? _raw_spin_unlock+0x2d/0x50 [ 2104.702955] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2104.708040] try_charge+0xb4a/0x1570 [ 2104.711753] ? find_held_lock+0x35/0x130 [ 2104.715803] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2104.720633] ? kasan_check_read+0x11/0x20 [ 2104.724772] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2104.729598] mem_cgroup_try_charge+0x24d/0x5e0 [ 2104.734229] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2104.739148] __handle_mm_fault+0x1e26/0x3f20 [ 2104.743559] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2104.748407] ? find_held_lock+0x35/0x130 [ 2104.752467] ? handle_mm_fault+0x322/0xb30 [ 2104.756706] ? kasan_check_read+0x11/0x20 [ 2104.760839] handle_mm_fault+0x43f/0xb30 [ 2104.764907] __do_page_fault+0x5da/0xd60 [ 2104.768966] do_page_fault+0x71/0x581 [ 2104.772758] ? page_fault+0x8/0x30 [ 2104.776309] page_fault+0x1e/0x30 [ 2104.779746] RIP: 0033:0x45a7ed [ 2104.782938] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 e0 8e fb ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 2104.801827] RSP: 002b:00007ffdbd4bad28 EFLAGS: 00010202 [ 2104.807174] RAX: ffffffffffffffea RBX: 00007fb6e81b3700 RCX: 00007fb6e81b3700 [ 2104.814423] RDX: 00000000003d0f00 RSI: 00007fb6e81b2db0 RDI: 000000000040ed90 [ 2104.821676] RBP: 00007ffdbd4baf30 R08: 00007fb6e81b39d0 R09: 00007fb6e81b3700 [ 2104.828927] R10: 00007fb6e81b2dc0 R11: 0000000000000246 R12: 0000000000000000 [ 2104.836181] R13: 00007ffdbd4baddf R14: 00007fb6e81b39c0 R15: 000000000073c04c [ 2104.843739] memory: usage 298772kB, limit 307200kB, failcnt 4367 [ 2104.850084] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2104.856838] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2104.863181] Memory cgroup stats for /syz5: cache:23060KB rss:251032KB rss_huge:239616KB shmem:23184KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:48KB active_anon:274008KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2104.884730] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=27908,uid=0 [ 2104.899315] Memory cgroup out of memory: Kill process 27908 (syz-executor5) score 1127 or sacrifice child [ 2104.909173] Killed process 27908 (syz-executor5) total-vm:72448kB, anon-rss:6288kB, file-rss:35820kB, shmem-rss:0kB [ 2104.922790] oom_reaper: reaped process 27908 (syz-executor5), now anon-rss:0kB, file-rss:34860kB, shmem-rss:0kB 16:44:35 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) 16:44:35 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc8}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x540c, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:35 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x152}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) [ 2105.369516] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2105.380055] CPU: 0 PID: 2819 Comm: syz-executor5 Not tainted 5.0.0-rc5 #60 [ 2105.387089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2105.396440] Call Trace: [ 2105.399041] dump_stack+0x172/0x1f0 [ 2105.402672] dump_header+0x10f/0xb6c [ 2105.406386] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 2105.411512] ? ___ratelimit+0x60/0x595 [ 2105.415434] ? do_raw_spin_unlock+0x57/0x270 [ 2105.419845] oom_kill_process.cold+0x10/0x6f5 [ 2105.424347] ? task_will_free_mem+0x139/0x6e0 [ 2105.428848] out_of_memory+0x79a/0x1280 [ 2105.432869] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2105.437982] ? oom_killer_disable+0x280/0x280 [ 2105.442478] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2105.447597] mem_cgroup_out_of_memory+0x99/0xe0 [ 2105.452282] ? memcg_memory_event+0x40/0x40 [ 2105.456625] ? _raw_spin_unlock+0x2d/0x50 [ 2105.460773] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 2105.465874] try_charge+0xfec/0x1570 [ 2105.469582] ? find_held_lock+0x35/0x130 [ 2105.473650] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 2105.478502] ? kasan_check_read+0x11/0x20 [ 2105.482660] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 2105.487507] mem_cgroup_try_charge+0x24d/0x5e0 [ 2105.492092] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 2105.497024] wp_page_copy+0x408/0x1740 [ 2105.500905] ? find_held_lock+0x35/0x130 [ 2105.504966] ? pmd_pfn+0x1d0/0x1d0 [ 2105.508511] ? lock_downgrade+0x810/0x810 [ 2105.512655] ? __pte_alloc_kernel+0x220/0x220 [ 2105.517150] ? kasan_check_read+0x11/0x20 [ 2105.521295] ? do_raw_spin_unlock+0x57/0x270 [ 2105.525704] do_wp_page+0x2ed/0x11d0 [ 2105.529455] ? rwlock_bug.part.0+0x90/0x90 [ 2105.533687] ? lock_acquire+0x16f/0x3f0 [ 2105.537657] ? finish_mkwrite_fault+0x540/0x540 [ 2105.542334] ? add_mm_counter_fast.part.0+0x40/0x40 [ 2105.547355] __handle_mm_fault+0x22db/0x3f20 [ 2105.551766] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 2105.556608] ? find_held_lock+0x35/0x130 [ 2105.560672] ? handle_mm_fault+0x322/0xb30 [ 2105.564917] ? kasan_check_read+0x11/0x20 [ 2105.569067] handle_mm_fault+0x43f/0xb30 [ 2105.573130] __do_page_fault+0x5da/0xd60 [ 2105.577195] do_page_fault+0x71/0x581 [ 2105.580998] page_fault+0x1e/0x30 [ 2105.584465] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 2105.590383] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 2105.609732] RSP: 0018:ffff88801da4fb30 EFLAGS: 00010206 [ 2105.615119] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000200 [ 2105.622387] RDX: 0000000000001000 RSI: ffff88801d4c0e00 RDI: 0000000020821000 [ 2105.629655] RBP: ffff88801da4fb68 R08: ffffed1003a98200 R09: 0000000000000000 [ 2105.636914] R10: ffffed1003a981ff R11: ffff88801d4c0fff R12: 0000000020820200 [ 2105.644172] R13: ffff88801d4c0000 R14: 0000000020821200 R15: 00007ffffffff000 [ 2105.651456] ? copyout+0xe2/0x100 [ 2105.654931] copy_page_to_iter+0x347/0xd00 [ 2105.659182] pipe_read+0x28a/0x940 [ 2105.662730] __vfs_read+0x610/0x8c0 [ 2105.666371] ? vfs_copy_file_range+0xbb0/0xbb0 [ 2105.671004] ? rw_verify_area+0x118/0x360 [ 2105.675155] vfs_read+0x194/0x3e0 [ 2105.678611] ksys_read+0xea/0x1f0 [ 2105.682065] ? kernel_write+0x120/0x120 [ 2105.686044] ? do_syscall_64+0x26/0x610 [ 2105.690010] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2105.695367] ? do_syscall_64+0x26/0x610 [ 2105.699382] __x64_sys_read+0x73/0xb0 [ 2105.703211] do_syscall_64+0x103/0x610 [ 2105.707097] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2105.712277] RIP: 0033:0x457e39 [ 2105.715468] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2105.735141] RSP: 002b:00007fb6e81b2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2105.742843] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2105.750106] RDX: 0000000050c7e3e3 RSI: 0000000020000200 RDI: 0000000000000007 [ 2105.757371] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 [ 2105.764655] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6e81b36d4 [ 2105.771917] R13: 00000000004c3911 R14: 00000000004d82a0 R15: 00000000ffffffff [ 2105.791944] memory: usage 307200kB, limit 307200kB, failcnt 4409 [ 2105.798458] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2105.805383] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2105.813537] Memory cgroup stats for /syz5: cache:23060KB rss:259292KB rss_huge:247808KB shmem:23184KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:48KB active_anon:282320KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2105.835680] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz5,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz-executor5,pid=2809,uid=0 [ 2105.850534] Memory cgroup out of memory: Kill process 2809 (syz-executor5) score 1153 or sacrifice child [ 2105.860665] Killed process 2815 (syz-executor5) total-vm:72448kB, anon-rss:6288kB, file-rss:34816kB, shmem-rss:0kB [ 2105.872142] oom_reaper: reaped process 2815 (syz-executor5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 2106.348161] Bluetooth: hci0: command 0x1003 tx timeout [ 2106.353591] Bluetooth: hci0: sending frame failed (-49) [ 2108.428239] Bluetooth: hci0: command 0x1001 tx timeout [ 2108.433762] Bluetooth: hci0: sending frame failed (-49) [ 2110.508320] Bluetooth: hci0: command 0x1009 tx timeout 16:44:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 16:44:44 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x200004) sendfile(r0, r1, 0x0, 0x800000000003) 16:44:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x540d, &(0x7f0000000140)=0x11) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) 16:44:44 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0xb, &(0x7f0000000080)={0x0, 0xc9}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:44 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b91c2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f0000000080)={0x0, 0x153}, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x2, 0x32, 0xffffffffffffffff, 0x0) 16:44:44 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) syncfs(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000003, &(0x7f0000000300)=0x1, 0x4) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e26, @rand_addr=0x5}, 0x35c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1}, 0xfffffdd3) sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000100)) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000040)=0x9, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) close(r2) r3 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082) r4 = memfd_create(&(0x7f0000000140)=',!\x00', 0x0) pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000340)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r2, 0x0) socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) read(r4, &(0x7f0000001440)=""/184, 0xb8) fcntl$setstatus(r3, 0x4, 0x42800) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write(r6, &(0x7f00000001c0), 0x526987c9) read(r5, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendfile(r3, r4, 0x0, 0x80003) [ 2114.685591] Bluetooth: hci0: Frame reassembly failed (-84) [ 2114.691862] Bluetooth: hci0: Frame reassembly failed (-84) [ 2114.701191] BUG: unable to handle kernel paging request at ffffffffffffffd6 [ 2114.708297] #PF error: [normal kernel read fault] [ 2114.713133] PGD 8874067 P4D 8874067 PUD 8876067 PMD 0 [ 2114.718447] Oops: 0000 [#1] PREEMPT SMP KASAN [ 2114.722941] CPU: 0 PID: 2834 Comm: syz-executor0 Not tainted 5.0.0-rc5 #60 [ 2114.729946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2114.739788] RIP: 0010:h4_recv_buf+0x1ea/0xda0 [ 2114.744460] Code: b6 14 10 48 89 c8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d7 0a 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 45 d0 4c 8d 60 70 <0f> b7 58 2a 4c 89 e0 48 c1 e8 03 0f b6 04 10 84 c0 74 08 3c 03 0f [ 2114.763374] RSP: 0018:ffff88803d42fa30 EFLAGS: 00010246 [ 2114.768763] RAX: ffffffffffffffac RBX: 0000000000000000 RCX: ffffffffffffffd6 [ 2114.776027] RDX: dffffc0000000000 RSI: ffffffff84ecf372 RDI: 0000000000000005 [ 2114.783287] RBP: ffff88803d42fab8 R08: ffff88800f90c480 R09: 0000000000000003 [ 2114.790545] R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: 000000000000001c [ 2114.797805] R13: ffff88808bcee340 R14: ffff88803d42fb98 R15: 0000000000000001 [ 2114.805066] FS: 00007f0a5a1da700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 2114.813277] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2114.819148] CR2: ffffffffffffffd6 CR3: 0000000082a60000 CR4: 00000000001426f0 [ 2114.826435] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2114.833726] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2114.840998] Call Trace: [ 2114.843585] ? __lock_is_held+0xb6/0x140 [ 2114.847640] ? check_preemption_disabled+0x48/0x290 [ 2114.852655] h4_recv+0xe4/0x200 [ 2114.855928] hci_uart_tty_receive+0x22b/0x530 [ 2114.860418] ? hci_uart_write_work+0x710/0x710 [ 2114.864993] tty_ioctl+0x936/0x14d0 [ 2114.868618] ? tty_vhangup+0x30/0x30 [ 2114.872323] ? mark_held_locks+0x100/0x100 [ 2114.876566] ? __fget+0x340/0x540 [ 2114.880018] ? ___might_sleep+0x163/0x280 [ 2114.884160] ? __might_sleep+0x95/0x190 [ 2114.888130] ? tty_vhangup+0x30/0x30 [ 2114.891835] do_vfs_ioctl+0xd6e/0x1390 [ 2114.895714] ? selinux_file_ioctl+0x46f/0x5e0 [ 2114.900219] ? selinux_file_ioctl+0x125/0x5e0 [ 2114.904705] ? ioctl_preallocate+0x210/0x210 [ 2114.909122] ? selinux_file_mprotect+0x620/0x620 [ 2114.913873] ? iterate_fd+0x360/0x360 [ 2114.917678] ? nsecs_to_jiffies+0x30/0x30 [ 2114.921852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2114.927381] ? security_file_ioctl+0x93/0xc0 [ 2114.931802] ksys_ioctl+0xab/0xd0 [ 2114.935248] __x64_sys_ioctl+0x73/0xb0 [ 2114.939132] do_syscall_64+0x103/0x610 [ 2114.943013] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2114.948191] RIP: 0033:0x457e39 [ 2114.951373] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2114.970270] RSP: 002b:00007f0a5a1d9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2114.977970] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 [ 2114.985232] RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000003 [ 2114.992499] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 2114.999762] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a5a1da6d4 [ 2115.007021] R13: 00000000004c2146 R14: 00000000004d4958 R15: 00000000ffffffff [ 2115.014284] Modules linked in: [ 2115.017485] CR2: ffffffffffffffd6 [ 2115.020942] ---[ end trace 19c2d89c02b9b5b5 ]--- [ 2115.025707] RIP: 0010:h4_recv_buf+0x1ea/0xda0 [ 2115.030190] Code: b6 14 10 48 89 c8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d7 0a 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 45 d0 4c 8d 60 70 <0f> b7 58 2a 4c 89 e0 48 c1 e8 03 0f b6 04 10 84 c0 74 08 3c 03 0f [ 2115.049079] RSP: 0018:ffff88803d42fa30 EFLAGS: 00010246 [ 2115.054431] RAX: ffffffffffffffac RBX: 0000000000000000 RCX: ffffffffffffffd6 [ 2115.061691] RDX: dffffc0000000000 RSI: ffffffff84ecf372 RDI: 0000000000000005 [ 2115.068951] RBP: ffff88803d42fab8 R08: ffff88800f90c480 R09: 0000000000000003 [ 2115.076211] R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: 000000000000001c [ 2115.083470] R13: ffff88808bcee340 R14: ffff88803d42fb98 R15: 0000000000000001 [ 2115.090734] FS: 00007f0a5a1da700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 2115.098947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2115.104817] CR2: ffffffffffffffd6 CR3: 0000000082a60000 CR4: 00000000001426f0 [ 2115.112081] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2115.119339] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2115.126595] Kernel panic - not syncing: Fatal exception [ 2115.133058] Kernel Offset: disabled [ 2115.136680] Rebooting in 86400 seconds..