spec64+0x110/0x280
[ 1211.806125]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1211.810864]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1211.815870]  ? trace_hardirqs_on+0xbd/0x310
[ 1211.820183]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1211.825707]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1211.830275]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1211.835714]  __ia32_sys_sendto+0xdf/0x1a0
[ 1211.839854]  do_fast_syscall_32+0x34d/0xfb2
[ 1211.844170]  ? do_int80_syscall_32+0x890/0x890
[ 1211.848743]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1211.853310]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1211.858325]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1211.863156]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1211.868176]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1211.873184]  ? recalc_sigpending_tsk+0x180/0x180
[ 1211.877936]  ? kasan_check_write+0x14/0x20
[ 1211.882170]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1211.887015]  entry_SYSENTER_compat+0x70/0x7f
[ 1211.891411] RIP: 0023:0xf7f56ca9
[ 1211.894766] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
15:25:23 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x1000000})

15:25:23 executing program 5:
syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x4004550c, &(0x7f0000000100)={0x800000a0})

[ 1211.913651] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1211.921348] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1211.928605] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1211.935860] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1211.943116] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1211.950369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:23 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x2})

15:25:23 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:23 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x4, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1212.032810] Task in /syz4 killed as a result of limit of /syz4
[ 1212.075224] memory: usage 204800kB, limit 204800kB, failcnt 113
[ 1212.081595] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1212.090737] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1212.101576] Memory cgroup stats for /syz4: cache:152KB rss:8536KB rss_huge:8192KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:8540KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000001300)='/dev/dmmidi#\x00', 0x4, 0x400)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000012c0)={0x0, 0xffffffffffffffff, 0xffffffffffffff9b, 0x7, @buffer={0x0, 0xf8, &(0x7f00000000c0)=""/248}, &(0x7f0000001340)="fec8ace0d26fed3bd28b1d2ebfdfeb1a5bef5167352ca2ec79fc14ca5cec22fedc643cdd5a1e3f7c81c79d61e0c5f09c3f850e4cf173fc1e2787013c0047acefb68cd8185689d7485f22d638c08cca11a4170acdfb93cb7440941b9e12f27218e7bd50aada7d6d943eac30ad4191977227b2ba1e57889673addf1d2c8000dff35510006629896936cd950e4bb81902c6d423b372550bfc2708bea9882d5f4b00a98de94815024ac0bf62e0", &(0x7f0000000280)=""/4096, 0x5, 0x10002, 0x1, &(0x7f0000000080)})
iopl(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1212.124974] Memory cgroup out of memory: Kill process 23498 (syz-executor4) score 181 or sacrifice child
[ 1212.140090] Killed process 23498 (syz-executor4) total-vm:70252kB, anon-rss:4196kB, file-rss:32768kB, shmem-rss:0kB
15:25:23 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xe803000000000000}, 0x6)

15:25:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = open(&(0x7f0000000080)='./file0\x00', 0x100, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x40}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x800)

15:25:23 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x100000000000000})

15:25:23 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x3c, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1212.177451] oom_reaper: reaped process 23498 (syz-executor4), now anon-rss:0kB, file-rss:32788kB, shmem-rss:0kB
15:25:23 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x800000000000000})

15:25:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x80000, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000540)=<r3=>0x0)
stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000640)={0x0, 0x0, <r5=>0x0}, &(0x7f0000000680)=0xc)
r6 = getpgid(0xffffffffffffffff)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000006c0)={{{@in=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{}, 0x0, @in6=@local}}, &(0x7f00000007c0)=0xe8)
r8 = getegid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000840)={<r9=>0x0, 0xffffffffffffff9c, 0x0, 0x2, &(0x7f0000000800)=')\x00', 0xffffffffffffffff}, 0x30)
r10 = geteuid()
fstat(r1, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
r12 = getpid()
r13 = getuid()
fstat(r0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000980)={<r15=>0xffffffffffffffff})
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000009c0)=<r16=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000a00)={{{@in=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in6=@loopback}, 0x0, @in6}}, &(0x7f0000000b00)=0xe8)
getgroups(0x5, &(0x7f0000000b40)=[0xee00, 0xee00, 0xee00, 0xee01, <r18=>0xee01])
sendmsg$unix(r2, &(0x7f0000000c80)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000200)="53ddebcdb2899ad983702cb9e4bed2d45bfdf376d5cf7d040123283ec7469b9b9d31cfe79e615c3a48b21d8e08a42ecc2b5c522593f43d1f57b6f62048780b1eb67fa4f5a862ae72bbfb80a508e86304bb808c9a82870931e5fd7c64b8ffcbdd679d0baf", 0x64}, {&(0x7f0000000280)="e01c454fdc94ec640fd61ea9c46def1ca9fe19eacda189e0a8817c71a5791bde00b50222e61c4951eba9ac1b86dd345734a880d850f9be26e937d4094f6e99634d013532e08b1ea731d882afde7a74e17b72c9387764446287258d833a87120a30cc34c53f48ad783276c6f765b7467ab3ecbe2d8bcde1e84833f7fe216959bf3e11798d1984931c99fce1d970a14011b118cbc668e6abb607e4c166370c4603a016608c5d1ada69ccb6bb1217", 0xad}, {&(0x7f0000000340)="96ee4d", 0x3}, {&(0x7f0000000380)="e39a3611395712b5525045a26203ed2f638621aae92242e4bd89e43c85b3643af85abba543b3dbfddb5360f5907783ea591d2328837b37c11da2438d5a0d731721cf2055665b090817c5b562923e0efc2a267e9786f5934511958cfe48c650bb884274103c48322da4bcb2b849d204cf685d045bf3d27da2a0239daa3e3081311df2ded5f1c21dd09ef4b9141d8b5617db5bde5b2c47e95d4abf2185737c9f7be0a26c7b9e67338c3b85615656db15211c677471dd905475566ced6f95bf7817e2ec6fba1979ae999f86ec62bae5961df942450503bd39bf9cdcdf63", 0xdc}, {&(0x7f0000000480)="bbb6f53cbb075d0bbee54e0c7b660ce303ae929ad3dc3dedbb0506ee875c5cb80b65793956d0610c2937e5a6ac41bc028bb03dbffc1e0e728b03095c82811ada39f56925fdb14d6a9139b00ab14b26b31c792f3a506d63bd0d13d4852d73bf3691c7be710013512ec05bf726b3ba13f231e9", 0x72}], 0x5, &(0x7f0000000b80)=[@cred={0x18, 0x1, 0x2, r3, r4, r5}, @cred={0x18, 0x1, 0x2, r6, r7, r8}, @cred={0x18, 0x1, 0x2, r9, r10, r11}, @cred={0x18, 0x1, 0x2, r12, r13, r14}, @rights={0x24, 0x1, 0x1, [r1, r0, r1, r1, r0, r1]}, @rights={0x1c, 0x1, 0x1, [r15, r0, r1, r0]}, @rights={0x18, 0x1, 0x1, [r1, r0, r0]}, @rights={0x10, 0x1, 0x1, [r0]}, @cred={0x18, 0x1, 0x2, r16, r17, r18}, @rights={0x18, 0x1, 0x1, [r1, r1, r0]}], 0xf8, 0x840}, 0x20008000)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0x0, 0x3, 0xd0, 0x7})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0x40)

15:25:23 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x3000000, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:23 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x40, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x13f, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x200, @remote, 0x7fffffff}, {0xa, 0x4e21, 0x3, @mcast2}, r3, 0xfffffffffffffffe}}, 0x48)

[ 1212.288925] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1212.330469] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1212.340809] CPU: 1 PID: 23552 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1212.348192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1212.357551] Call Trace:
[ 1212.360154]  dump_stack+0x1c4/0x2b4
[ 1212.363793]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1212.369091]  ? mark_held_locks+0x130/0x130
[ 1212.373323]  ? mark_held_locks+0x130/0x130
[ 1212.377549]  dump_header+0x27b/0xf72
[ 1212.381254]  ? debug_smp_processor_id+0x1c/0x20
[ 1212.385915]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.392397]  ? pagefault_out_of_memory+0x197/0x197
[ 1212.397316]  ? debug_smp_processor_id+0x1c/0x20
[ 1212.401975]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1212.406894]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1212.411813]  ? perf_trace_lock+0x7a0/0x7a0
[ 1212.416035]  ? perf_trace_lock+0x7a0/0x7a0
[ 1212.420271]  ? debug_smp_processor_id+0x1c/0x20
[ 1212.424932]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1212.429854]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.435386]  ? perf_trace_lock+0x7a0/0x7a0
[ 1212.439607]  ? task_will_free_mem+0x239/0xb30
[ 1212.444097]  ? ___ratelimit+0x36f/0x655
[ 1212.448066]  ? lock_downgrade+0x900/0x900
[ 1212.452203]  ? trace_hardirqs_on+0xbd/0x310
[ 1212.456509]  ? kasan_check_read+0x11/0x20
[ 1212.460644]  ? ___ratelimit+0x36f/0x655
[ 1212.464606]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1212.470044]  ? trace_hardirqs_on+0x310/0x310
[ 1212.474440]  ? lock_downgrade+0x900/0x900
[ 1212.478580]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1212.483668]  ? ___ratelimit+0xaa/0x655
[ 1212.487543]  ? idr_get_free+0xec0/0xec0
[ 1212.491501]  ? kasan_check_write+0x14/0x20
[ 1212.495722]  ? do_raw_spin_lock+0xc1/0x200
[ 1212.499961]  oom_kill_process.cold.27+0x10/0x903
[ 1212.504708]  ? kasan_check_write+0x14/0x20
[ 1212.508941]  ? do_raw_spin_lock+0xc1/0x200
[ 1212.513163]  ? oom_evaluate_task+0x540/0x540
[ 1212.517561]  ? cgroup_procs_next+0x70/0x70
[ 1212.521783]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1212.526266]  ? oom_badness+0xaa0/0xaa0
[ 1212.530146]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1212.534894]  ? mem_cgroup_iter_break+0x30/0x30
[ 1212.539489]  ? cgroup_file_notify+0x226/0x2f0
[ 1212.543972]  out_of_memory+0xa84/0x1430
[ 1212.547950]  ? kasan_check_read+0x11/0x20
[ 1212.552089]  ? oom_killer_disable+0x3a0/0x3a0
[ 1212.556581]  ? kasan_check_write+0x14/0x20
[ 1212.560803]  ? do_raw_spin_lock+0xc1/0x200
[ 1212.565031]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1212.569860]  ? memcg_memory_event+0x40/0x40
[ 1212.574185]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1212.579116]  ? page_counter_try_charge+0x1c1/0x220
[ 1212.584032]  try_charge+0xc43/0x1690
[ 1212.587737]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1212.593782]  ? tcp_sendmsg+0x2f/0x50
[ 1212.597481]  ? sock_sendmsg+0xd5/0x120
[ 1212.601352]  ? __sys_sendto+0x3d7/0x670
[ 1212.605314]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1212.609622]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1212.614113]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1212.618683]  ? fs_reclaim_acquire+0x20/0x20
[ 1212.622992]  ? lock_downgrade+0x900/0x900
[ 1212.627129]  ? ___might_sleep+0x1ed/0x300
[ 1212.631266]  ? trace_hardirqs_on+0xbd/0x310
[ 1212.635573]  ? lock_downgrade+0x900/0x900
[ 1212.639707]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1212.644797]  ? kasan_unpoison_shadow+0x35/0x50
[ 1212.649371]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1212.654465]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1212.659905]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1212.665431]  ? check_preemption_disabled+0x48/0x200
[ 1212.670440]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1212.675184]  ? mem_cgroup_sk_free+0x90/0x90
[ 1212.679498]  __sk_mem_raise_allocated+0x642/0x1800
[ 1212.684418]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1212.688729]  ? arch_local_save_flags+0x40/0x40
[ 1212.693305]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1212.698310]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1212.702971]  ? sock_kzfree_s+0x60/0x60
[ 1212.706844]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1212.711852]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1212.716430]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1212.721432]  ? skb_entail+0x618/0x8c0
[ 1212.725224]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1212.730405]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1212.735064]  __sk_mem_schedule+0x6d/0xe0
[ 1212.739123]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1212.744649]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1212.749145]  ? tcp_sendpage+0x60/0x60
[ 1212.752936]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1212.758463]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1212.762782]  ? aa_profile_af_perm+0x410/0x410
[ 1212.767272]  ? ksys_dup3+0x680/0x680
[ 1212.770988]  ? lock_acquire+0x1ed/0x520
[ 1212.774953]  ? tcp_sendmsg+0x21/0x50
[ 1212.778654]  ? trace_hardirqs_on+0xbd/0x310
[ 1212.782966]  ? lock_release+0x970/0x970
[ 1212.786930]  ? lock_sock_nested+0xe2/0x120
[ 1212.791153]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1212.796593]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.802121]  ? check_preemption_disabled+0x48/0x200
[ 1212.807126]  ? lock_sock_nested+0x9a/0x120
[ 1212.811351]  ? lock_sock_nested+0x9a/0x120
[ 1212.815578]  ? __local_bh_enable_ip+0x160/0x260
[ 1212.820242]  tcp_sendmsg+0x2f/0x50
[ 1212.823772]  inet_sendmsg+0x1a1/0x690
[ 1212.827562]  ? ipip_gro_receive+0x100/0x100
[ 1212.832308]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1212.837052]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.842580]  ? security_socket_sendmsg+0x94/0xc0
[ 1212.847326]  ? ipip_gro_receive+0x100/0x100
[ 1212.851655]  sock_sendmsg+0xd5/0x120
[ 1212.855360]  __sys_sendto+0x3d7/0x670
[ 1212.859149]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1212.863810]  ? arch_local_save_flags+0x40/0x40
[ 1212.868381]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1212.873833]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1212.879363]  ? compat_put_timespec64+0x110/0x280
[ 1212.884111]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1212.888861]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1212.893780]  ? trace_hardirqs_on+0xbd/0x310
[ 1212.898521]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.904048]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1212.908628]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1212.914068]  __ia32_sys_sendto+0xdf/0x1a0
[ 1212.918212]  do_fast_syscall_32+0x34d/0xfb2
[ 1212.922525]  ? do_int80_syscall_32+0x890/0x890
[ 1212.927108]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1212.931678]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1212.936694]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1212.941524]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1212.946528]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1212.951530]  ? recalc_sigpending_tsk+0x180/0x180
[ 1212.956273]  ? kasan_check_write+0x14/0x20
[ 1212.960498]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1212.965332]  entry_SYSENTER_compat+0x70/0x7f
[ 1212.969728] RIP: 0023:0xf7f56ca9
[ 1212.973095] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1212.991983] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1212.999675] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1213.006930] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1213.014185] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1213.021442] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
15:25:24 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x300, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1213.028699] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:24 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0xfdfdffff00000000})

15:25:24 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xffffffff00000000}, 0x6)

[ 1213.068355] Task in /syz4 killed as a result of limit of /syz4
[ 1213.091878] memory: usage 204784kB, limit 204800kB, failcnt 140
[ 1213.099242] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1213.109925] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:24 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0xb00, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1213.117305] Memory cgroup stats for /syz4: cache:152KB rss:6488KB rss_huge:6144KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:6500KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1213.155721] Memory cgroup out of memory: Kill process 25079 (syz-executor4) score 171 or sacrifice child
[ 1213.166351] Killed process 25079 (syz-executor4) total-vm:70120kB, anon-rss:2188kB, file-rss:32768kB, shmem-rss:0kB
[ 1213.191913] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1213.213962] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1213.219163] CPU: 0 PID: 23551 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1213.226518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1213.235855] Call Trace:
[ 1213.238437]  dump_stack+0x1c4/0x2b4
[ 1213.242061]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1213.247240]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.251899]  dump_header+0x27b/0xf72
[ 1213.255602]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.261134]  ? pagefault_out_of_memory+0x197/0x197
[ 1213.266057]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.270712]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.275627]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.280558]  ? perf_trace_lock+0x7a0/0x7a0
[ 1213.284778]  ? perf_trace_lock+0x7a0/0x7a0
[ 1213.289000]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.293655]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.298572]  ? mark_held_locks+0x130/0x130
[ 1213.302796]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.308333]  ? perf_trace_lock+0x7a0/0x7a0
[ 1213.312558]  ? task_will_free_mem+0x239/0xb30
[ 1213.317073]  ? ___ratelimit+0x36f/0x655
[ 1213.321034]  ? lock_downgrade+0x900/0x900
[ 1213.325180]  ? trace_hardirqs_on+0xbd/0x310
[ 1213.329487]  ? kasan_check_read+0x11/0x20
[ 1213.333618]  ? ___ratelimit+0x36f/0x655
[ 1213.337580]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1213.343019]  ? trace_hardirqs_on+0x310/0x310
[ 1213.347429]  ? lock_downgrade+0x900/0x900
[ 1213.351566]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1213.356656]  ? ___ratelimit+0xaa/0x655
[ 1213.360543]  ? idr_get_free+0xec0/0xec0
[ 1213.364507]  ? kasan_check_write+0x14/0x20
[ 1213.368730]  ? do_raw_spin_lock+0xc1/0x200
[ 1213.372957]  oom_kill_process.cold.27+0x10/0x903
[ 1213.377706]  ? kasan_check_write+0x14/0x20
[ 1213.381929]  ? do_raw_spin_lock+0xc1/0x200
[ 1213.386153]  ? oom_evaluate_task+0x540/0x540
[ 1213.390551]  ? cgroup_procs_next+0x70/0x70
[ 1213.394784]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1213.399265]  ? oom_badness+0xaa0/0xaa0
[ 1213.403143]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1213.407888]  ? mem_cgroup_iter_break+0x30/0x30
[ 1213.412464]  ? cgroup_file_notify+0x226/0x2f0
[ 1213.416954]  out_of_memory+0xa84/0x1430
[ 1213.420919]  ? kasan_check_read+0x11/0x20
[ 1213.425065]  ? oom_killer_disable+0x3a0/0x3a0
[ 1213.429544]  ? kasan_check_write+0x14/0x20
[ 1213.433766]  ? do_raw_spin_lock+0xc1/0x200
[ 1213.437993]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1213.442819]  ? memcg_memory_event+0x40/0x40
[ 1213.447136]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1213.451980]  ? page_counter_try_charge+0x1c1/0x220
[ 1213.456915]  try_charge+0xc43/0x1690
[ 1213.460616]  ? lock_downgrade+0x900/0x900
[ 1213.464755]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1213.470801]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1213.476590]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1213.482111]  ? should_fail+0x22d/0xd01
[ 1213.485987]  ? percpu_ref_tryget_live+0x168/0x460
[ 1213.490816]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1213.495645]  ? lock_downgrade+0x900/0x900
[ 1213.499780]  ? lock_release+0x970/0x970
[ 1213.503744]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1213.509529]  ? __kernel_text_address+0xd/0x40
[ 1213.514015]  ? __save_stack_trace+0x8d/0xf0
[ 1213.518345]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1213.523174]  ? fs_reclaim_acquire+0x20/0x20
[ 1213.527485]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1213.532147]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1213.536632]  ? entry_INT80_compat+0x74/0x7e
[ 1213.540945]  memcg_kmem_charge+0x135/0x300
[ 1213.545169]  __alloc_pages_nodemask+0x72e/0xde0
[ 1213.549826]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1213.554833]  ? percpu_ref_put_many+0x13e/0x260
[ 1213.559401]  ? trace_hardirqs_on+0xbd/0x310
[ 1213.563720]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1213.569085]  ? kasan_kmalloc+0xc7/0xe0
[ 1213.572959]  ? kasan_slab_alloc+0x12/0x20
[ 1213.577094]  ? kmem_cache_alloc_node+0x303/0x730
[ 1213.581836]  ? kasan_check_write+0x14/0x20
[ 1213.586058]  ? do_raw_spin_lock+0xc1/0x200
[ 1213.590279]  copy_process+0xa09/0x8780
[ 1213.594168]  ? check_preemption_disabled+0x48/0x200
[ 1213.599172]  ? check_preemption_disabled+0x48/0x200
[ 1213.604179]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.609714]  ? check_preemption_disabled+0x48/0x200
[ 1213.614716]  ? native_load_gs_index+0x10/0x30
[ 1213.619203]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.623857]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.628772]  ? perf_sched_cb_inc+0x350/0x350
[ 1213.633170]  ? __cleanup_sighand+0x70/0x70
[ 1213.637389]  ? lock_downgrade+0x900/0x900
[ 1213.641520]  ? finish_task_switch+0x1b5/0x900
[ 1213.646002]  ? trace_hardirqs_on+0xbd/0x310
[ 1213.650313]  ? kasan_check_read+0x11/0x20
[ 1213.654455]  ? finish_task_switch+0x1f5/0x900
[ 1213.658941]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1213.664384]  ? check_preemption_disabled+0x48/0x200
[ 1213.669387]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.674046]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.678968]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1213.684680]  ? lock_downgrade+0x900/0x900
[ 1213.688813]  ? perf_trace_lock+0x7a0/0x7a0
[ 1213.693046]  ? mark_held_locks+0x130/0x130
[ 1213.697268]  ? trace_hardirqs_on+0xbd/0x310
[ 1213.701576]  ? kasan_check_read+0x11/0x20
[ 1213.705713]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1213.711497]  ? mark_held_locks+0x130/0x130
[ 1213.715719]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1213.721152]  ? kasan_check_write+0x14/0x20
[ 1213.725378]  ? mark_held_locks+0x130/0x130
[ 1213.730125]  ? check_preemption_disabled+0x48/0x200
[ 1213.735136]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.739793]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.744705]  ? mark_held_locks+0x130/0x130
[ 1213.748930]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.754452]  ? check_preemption_disabled+0x48/0x200
[ 1213.759455]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.764111]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.769033]  ? mark_held_locks+0x130/0x130
[ 1213.773254]  ? perf_trace_lock+0x7a0/0x7a0
[ 1213.777479]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1213.782485]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1213.787314]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.792842]  ? check_preemption_disabled+0x48/0x200
[ 1213.797851]  ? debug_smp_processor_id+0x1c/0x20
[ 1213.802504]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1213.807418]  ? lock_downgrade+0x900/0x900
[ 1213.811553]  ? perf_trace_lock+0x7a0/0x7a0
[ 1213.815777]  ? change_protection+0x1718/0x29a0
[ 1213.820347]  ? lock_downgrade+0x900/0x900
[ 1213.824482]  ? kasan_check_read+0x11/0x20
[ 1213.828614]  ? ___might_sleep+0x1ed/0x300
[ 1213.832747]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1213.837315]  ? arch_local_save_flags+0x40/0x40
[ 1213.841881]  ? kasan_check_write+0x14/0x20
[ 1213.846103]  ? do_raw_spin_lock+0xc1/0x200
[ 1213.850326]  ? perf_iterate_sb+0x189/0xc60
[ 1213.854548]  ? lock_downgrade+0x900/0x900
[ 1213.858687]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1213.864475]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.869999]  ? check_preemption_disabled+0x48/0x200
[ 1213.875022]  ? perf_iterate_sb+0x1b0/0xc60
[ 1213.879245]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1213.884166]  ? perf_event_comm_output+0x750/0x750
[ 1213.888996]  ? find_get_context.isra.94+0x730/0x730
[ 1213.894011]  ? validate_mm+0x386/0x630
[ 1213.897883]  ? lock_downgrade+0x900/0x900
[ 1213.902026]  ? kasan_check_read+0x11/0x20
[ 1213.906161]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1213.910557]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1213.915127]  ? kfree+0x1bf/0x230
[ 1213.918483]  ? perf_event_mmap+0x134/0x1350
[ 1213.922794]  ? perf_event_fork+0x30/0x30
[ 1213.926854]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.932373]  ? vma_set_page_prot+0x243/0x320
[ 1213.936770]  ? vma_wants_writenotify+0x510/0x510
[ 1213.941515]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1213.945828]  _do_fork+0x1cb/0x11d0
[ 1213.949359]  ? fork_idle+0x1d0/0x1d0
[ 1213.953060]  ? up_write+0x7b/0x220
[ 1213.956585]  ? up_read+0x110/0x110
[ 1213.960113]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1213.965736]  ? apparmor_file_mprotect+0xde/0x110
[ 1213.970480]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.976008]  ? security_file_mprotect+0x94/0xc0
[ 1213.980666]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1213.984980]  ? trace_hardirqs_off+0xb8/0x310
[ 1213.989381]  ? mprotect_fixup+0xc60/0xc60
[ 1213.993513]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1213.998080]  ? trace_hardirqs_on+0x310/0x310
[ 1214.002475]  ? trace_hardirqs_on+0xbd/0x310
[ 1214.006784]  ? entry_INT80_compat+0x74/0x7e
[ 1214.011090]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1214.016528]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1214.021536]  do_int80_syscall_32+0x1fe/0x890
[ 1214.025933]  ? entry_INT80_compat+0x6c/0x7e
[ 1214.030241]  ? do_syscall_64+0x820/0x820
[ 1214.034310]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1214.039142]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1214.044148]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1214.049153]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1214.053984]  entry_INT80_compat+0x74/0x7e
[ 1214.058125] RIP: 0023:0x8081a44
[ 1214.061390] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1214.080296] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1214.088007] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f31224
[ 1214.095264] RDX: 00000000f5f31ba8 RSI: 000000000845fb80 RDI: 00000000f5f31ba8
[ 1214.102518] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1214.109771] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1214.117028] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1214.200059] Task in /syz4 killed as a result of limit of /syz4
[ 1214.207515] memory: usage 203116kB, limit 204800kB, failcnt 140
[ 1214.214023] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1214.221575] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1214.228212] Memory cgroup stats for /syz4: cache:152KB rss:4360KB rss_huge:4096KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:4364KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:25 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080)=0x4)

15:25:25 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x300})

15:25:25 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x2202, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:25 executing program 3:
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000140)=<r0=>0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000300)='/dev/full\x00', 0x200000, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x7d02, 0x2, 0x400, 0x7f, 0x0, 0x6, 0x200, 0x0, 0xbd9, 0x7ff, 0x2b5f, 0x1, 0x0, 0x2, 0x5, 0xfff, 0x2c6, 0x1, 0x126, 0x7f, 0x7, 0xfffffffffffffeff, 0x1, 0x0, 0x5, 0x408, 0x7fffffff, 0x9, 0x8, 0x8000, 0x8, 0x100, 0x7, 0x400, 0x1, 0x0, 0x0, 0x1afc6753, 0x1, @perf_bp={&(0x7f0000000080), 0x4}, 0x900c, 0x9, 0x18, 0x0, 0x8000, 0x1, 0xfff}, r0, 0x6, r1, 0x9)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))

15:25:25 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xffffffe0}, 0x6)

15:25:25 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x300}, 0x6)

[ 1214.249490] Memory cgroup out of memory: Kill process 25139 (syz-executor4) score 171 or sacrifice child
[ 1214.263033] Killed process 25139 (syz-executor4) total-vm:70120kB, anon-rss:2188kB, file-rss:32768kB, shmem-rss:0kB
15:25:25 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x3c00, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:25 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x10})

15:25:25 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = open(&(0x7f0000000080)='./file0\x00', 0x208000, 0x194)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000180)={&(0x7f0000ffb000/0x4000)=nil, 0x4000})
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505331, &(0x7f00000000c0)={{0x1, 0x80000000}, {0x3, 0x8}, 0x0, 0x2, 0x4})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x400, 0x0)

15:25:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x1fe, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400, 0x0)
ioctl$VT_RELDISP(r1, 0x5605)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0x100, 0xbf5a, 0x3, 0x7, 0x5, 0xc, 0x0, 0x10, 0x60f, 0x7, 0x80000000, 0x63f991f6, 0x5, 0xffffffffffffffff, 0x5, 0x900000000000], 0x0, 0x8000})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xfffffffffffffffe)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
ioctl$KVM_NMI(r3, 0xae9a)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000080)={<r4=>0x0, 0x7e1, 0x7, 0xfff}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000140)={r4, @in={{0x2, 0x4e24, @broadcast}}}, 0x84)

15:25:25 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x300000000000000, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1214.464435] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
15:25:25 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x200000000000000})

[ 1214.506490] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1214.524808] CPU: 1 PID: 23601 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1214.532197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1214.541552] Call Trace:
[ 1214.544165]  dump_stack+0x1c4/0x2b4
[ 1214.547797]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1214.552999]  ? mark_held_locks+0x130/0x130
[ 1214.557234]  ? mark_held_locks+0x130/0x130
[ 1214.557255]  dump_header+0x27b/0xf72
[ 1214.565177]  ? debug_smp_processor_id+0x1c/0x20
[ 1214.565194]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1214.565210]  ? pagefault_out_of_memory+0x197/0x197
[ 1214.565233]  ? debug_smp_processor_id+0x1c/0x20
[ 1214.584966]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1214.589883]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1214.594814]  ? perf_trace_lock+0x7a0/0x7a0
[ 1214.599033]  ? perf_trace_lock+0x7a0/0x7a0
[ 1214.603266]  ? debug_smp_processor_id+0x1c/0x20
[ 1214.607920]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1214.612850]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1214.618388]  ? perf_trace_lock+0x7a0/0x7a0
[ 1214.622625]  ? task_will_free_mem+0x239/0xb30
[ 1214.627114]  ? ___ratelimit+0x36f/0x655
[ 1214.631074]  ? lock_downgrade+0x900/0x900
[ 1214.635213]  ? trace_hardirqs_on+0xbd/0x310
[ 1214.639522]  ? kasan_check_read+0x11/0x20
[ 1214.643659]  ? ___ratelimit+0x36f/0x655
[ 1214.647619]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1214.653055]  ? trace_hardirqs_on+0x310/0x310
[ 1214.657451]  ? lock_downgrade+0x900/0x900
[ 1214.661601]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1214.666702]  ? ___ratelimit+0xaa/0x655
[ 1214.670585]  ? idr_get_free+0xec0/0xec0
[ 1214.674544]  ? kasan_check_write+0x14/0x20
[ 1214.678777]  ? do_raw_spin_lock+0xc1/0x200
[ 1214.683000]  oom_kill_process.cold.27+0x10/0x903
[ 1214.687743]  ? kasan_check_write+0x14/0x20
[ 1214.691969]  ? do_raw_spin_lock+0xc1/0x200
[ 1214.696197]  ? oom_evaluate_task+0x540/0x540
[ 1214.700594]  ? cgroup_procs_next+0x70/0x70
[ 1214.704818]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1214.709298]  ? oom_badness+0xaa0/0xaa0
[ 1214.713171]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1214.717928]  ? mem_cgroup_iter_break+0x30/0x30
[ 1214.722514]  ? cgroup_file_notify+0x226/0x2f0
[ 1214.726997]  out_of_memory+0xa84/0x1430
[ 1214.730961]  ? kasan_check_read+0x11/0x20
[ 1214.735096]  ? oom_killer_disable+0x3a0/0x3a0
[ 1214.739577]  ? kasan_check_write+0x14/0x20
[ 1214.743798]  ? do_raw_spin_lock+0xc1/0x200
[ 1214.748026]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1214.752860]  ? memcg_memory_event+0x40/0x40
[ 1214.757171]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1214.762091]  ? page_counter_try_charge+0x1c1/0x220
[ 1214.767021]  try_charge+0xc43/0x1690
[ 1214.770733]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1214.776798]  ? tcp_sendmsg+0x2f/0x50
[ 1214.780502]  ? sock_sendmsg+0xd5/0x120
[ 1214.784381]  ? __sys_sendto+0x3d7/0x670
[ 1214.788339]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1214.792651]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1214.797133]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1214.801706]  ? lock_downgrade+0x900/0x900
[ 1214.805843]  ? kasan_check_read+0x11/0x20
[ 1214.809981]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1214.814380]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1214.818955]  ? trace_hardirqs_on+0xbd/0x310
[ 1214.823263]  ? kasan_check_write+0x14/0x20
[ 1214.827492]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1214.832582]  ? kasan_unpoison_shadow+0x35/0x50
[ 1214.837155]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1214.842252]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1214.847689]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1214.853231]  ? check_preemption_disabled+0x48/0x200
[ 1214.858239]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1214.862986]  ? mem_cgroup_sk_free+0x90/0x90
[ 1214.867301]  __sk_mem_raise_allocated+0x642/0x1800
[ 1214.872220]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1214.876534]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1214.881535]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1214.886191]  ? sock_kzfree_s+0x60/0x60
[ 1214.890064]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1214.895545]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1214.900119]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1214.905119]  ? skb_entail+0x618/0x8c0
[ 1214.908906]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1214.914088]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1214.918750]  __sk_mem_schedule+0x6d/0xe0
[ 1214.922796]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1214.928320]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1214.932813]  ? tcp_sendpage+0x60/0x60
[ 1214.936610]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1214.942139]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1214.946453]  ? aa_profile_af_perm+0x410/0x410
[ 1214.950951]  ? ksys_dup3+0x680/0x680
[ 1214.954656]  ? lock_acquire+0x1ed/0x520
[ 1214.958715]  ? tcp_sendmsg+0x21/0x50
[ 1214.962418]  ? trace_hardirqs_on+0xbd/0x310
[ 1214.966724]  ? lock_release+0x970/0x970
[ 1214.970690]  ? lock_sock_nested+0xe2/0x120
[ 1214.974923]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1214.980363]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1214.985892]  ? check_preemption_disabled+0x48/0x200
[ 1214.990901]  ? lock_sock_nested+0x9a/0x120
[ 1214.995128]  ? lock_sock_nested+0x9a/0x120
[ 1214.999351]  ? __local_bh_enable_ip+0x160/0x260
[ 1215.004008]  tcp_sendmsg+0x2f/0x50
[ 1215.007537]  inet_sendmsg+0x1a1/0x690
[ 1215.011327]  ? ipip_gro_receive+0x100/0x100
[ 1215.015635]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1215.020389]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.025921]  ? security_socket_sendmsg+0x94/0xc0
[ 1215.030665]  ? ipip_gro_receive+0x100/0x100
[ 1215.034980]  sock_sendmsg+0xd5/0x120
[ 1215.038691]  __sys_sendto+0x3d7/0x670
[ 1215.042479]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1215.047141]  ? arch_local_save_flags+0x40/0x40
[ 1215.051712]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1215.057164]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1215.062693]  ? compat_put_timespec64+0x110/0x280
[ 1215.067440]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1215.072181]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1215.077099]  ? trace_hardirqs_on+0xbd/0x310
[ 1215.081414]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.086942]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1215.091512]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1215.096962]  __ia32_sys_sendto+0xdf/0x1a0
[ 1215.101103]  do_fast_syscall_32+0x34d/0xfb2
[ 1215.105412]  ? do_int80_syscall_32+0x890/0x890
[ 1215.109983]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1215.114551]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1215.119554]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1215.124381]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1215.129386]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1215.134389]  ? recalc_sigpending_tsk+0x180/0x180
[ 1215.139129]  ? kasan_check_write+0x14/0x20
[ 1215.143352]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1215.148184]  entry_SYSENTER_compat+0x70/0x7f
[ 1215.152579] RIP: 0023:0xf7f56ca9
[ 1215.155955] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1215.174854] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1215.182550] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1215.189814] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1215.197070] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
15:25:26 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x101, 0x2, 0x10001, 0x80000001, 0x40000000000, 0xbd, 0x2, 0x100000000, 0x3, 0x5, 0x3, 0x8dd2, 0x7}, {0x1f, 0x400, 0xffffffff, 0x3, 0x9, 0x49f2b23b, 0x40, 0x1eaf, 0x9, 0x3, 0x40, 0x1000, 0x3}, {0x10001, 0x7, 0xffff, 0x0, 0x3, 0x1, 0x1, 0x2, 0xaf, 0x1, 0x8, 0x8d4d, 0x7fff}], 0x5})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000100))
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000140)=0x7, 0x4, 0x3)
r2 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x7fff, 0x20000)
ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f00000001c0)={0x8001, 0x7, 0x63d, 0x5})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={<r3=>0x0, r2, 0x0, 0x8, &(0x7f0000000200)='cpuset.\x00'}, 0x30)
ptrace$peekuser(0x3, r3, 0x100000000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x20000, 0x0)

15:25:26 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x6000000, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1215.204324] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1215.211577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1215.222910] Task in /syz4 killed as a result of limit of /syz4
[ 1215.235968] memory: usage 204792kB, limit 204800kB, failcnt 153
[ 1215.250422] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000080)={0x2, 0x0, [0x100, 0x7, 0xffffffff, 0x2, 0x5, 0x6, 0x7fffffff, 0xfffffffffffffffe]})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1215.269931] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1215.276245] Memory cgroup stats for /syz4: cache:152KB rss:2284KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:2196KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:26 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x5580}, 0x6)

15:25:26 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x300000000000000})

15:25:26 executing program 1:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f00000000c0)=0x4)
bind$vsock_dgram(r0, &(0x7f0000000180), 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
ioctl$KVM_GET_EMULATED_CPUID(r2, 0xc008ae09, &(0x7f0000000100)=""/125)

15:25:26 executing program 5 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

[ 1215.371493] Memory cgroup out of memory: Kill process 23599 (syz-executor4) score 171 or sacrifice child
[ 1215.384227] Killed process 23599 (syz-executor4) total-vm:70120kB, anon-rss:2148kB, file-rss:32768kB, shmem-rss:0kB
[ 1215.396398] oom_reaper: reaped process 23599 (syz-executor4), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB
15:25:26 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x10000000000000})

[ 1215.500555] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1215.516182] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1215.526805] CPU: 1 PID: 23644 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1215.534191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1215.534197] Call Trace:
[ 1215.534230]  dump_stack+0x1c4/0x2b4
[ 1215.549783]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1215.554982]  ? mark_held_locks+0x130/0x130
[ 1215.559207]  ? mark_held_locks+0x130/0x130
[ 1215.563430]  dump_header+0x27b/0xf72
[ 1215.567138]  ? debug_smp_processor_id+0x1c/0x20
[ 1215.571797]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.577323]  ? pagefault_out_of_memory+0x197/0x197
[ 1215.582258]  ? debug_smp_processor_id+0x1c/0x20
[ 1215.586914]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1215.591831]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1215.596751]  ? perf_trace_lock+0x7a0/0x7a0
[ 1215.600969]  ? perf_trace_lock+0x7a0/0x7a0
[ 1215.605196]  ? debug_smp_processor_id+0x1c/0x20
[ 1215.609850]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1215.614774]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.620313]  ? perf_trace_lock+0x7a0/0x7a0
[ 1215.624538]  ? task_will_free_mem+0x239/0xb30
[ 1215.629038]  ? ___ratelimit+0x36f/0x655
[ 1215.632999]  ? lock_downgrade+0x900/0x900
[ 1215.637137]  ? trace_hardirqs_on+0xbd/0x310
[ 1215.641453]  ? kasan_check_read+0x11/0x20
[ 1215.645588]  ? ___ratelimit+0x36f/0x655
[ 1215.649548]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1215.654997]  ? trace_hardirqs_on+0x310/0x310
[ 1215.659391]  ? lock_downgrade+0x900/0x900
[ 1215.663529]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1215.668620]  ? ___ratelimit+0xaa/0x655
[ 1215.672497]  ? idr_get_free+0xec0/0xec0
[ 1215.676460]  ? kasan_check_write+0x14/0x20
[ 1215.680683]  ? do_raw_spin_lock+0xc1/0x200
[ 1215.684911]  oom_kill_process.cold.27+0x10/0x903
[ 1215.689655]  ? kasan_check_write+0x14/0x20
[ 1215.693888]  ? do_raw_spin_lock+0xc1/0x200
[ 1215.698138]  ? oom_evaluate_task+0x540/0x540
[ 1215.702538]  ? cgroup_procs_next+0x70/0x70
[ 1215.706763]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1215.711248]  ? oom_badness+0xaa0/0xaa0
[ 1215.715133]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1215.719891]  ? mem_cgroup_iter_break+0x30/0x30
[ 1215.724471]  ? cgroup_file_notify+0x226/0x2f0
[ 1215.729352]  out_of_memory+0xa84/0x1430
[ 1215.733317]  ? kasan_check_read+0x11/0x20
[ 1215.737452]  ? oom_killer_disable+0x3a0/0x3a0
[ 1215.741934]  ? kasan_check_write+0x14/0x20
[ 1215.746159]  ? do_raw_spin_lock+0xc1/0x200
[ 1215.750386]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1215.755214]  ? memcg_memory_event+0x40/0x40
[ 1215.759520]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1215.764438]  ? page_counter_try_charge+0x1c1/0x220
[ 1215.769355]  try_charge+0xc43/0x1690
[ 1215.773062]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1215.779110]  ? tcp_sendmsg+0x2f/0x50
[ 1215.782815]  ? sock_sendmsg+0xd5/0x120
[ 1215.786694]  ? __sys_sendto+0x3d7/0x670
[ 1215.790657]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1215.794974]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1215.799454]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1215.804042]  ? fs_reclaim_acquire+0x20/0x20
[ 1215.808351]  ? lock_downgrade+0x900/0x900
[ 1215.812495]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.818020]  ? check_preemption_disabled+0x48/0x200
[ 1215.823027]  ? ___might_sleep+0x1ed/0x300
[ 1215.827172]  ? debug_smp_processor_id+0x1c/0x20
[ 1215.831829]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1215.836761]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1215.841858]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1215.847295]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1215.852819]  ? check_preemption_disabled+0x48/0x200
[ 1215.857837]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1215.862586]  ? mem_cgroup_sk_free+0x90/0x90
[ 1215.866907]  __sk_mem_raise_allocated+0x642/0x1800
[ 1215.871826]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1215.876142]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1215.881669]  ? alloc_pages_current+0x114/0x210
[ 1215.886242]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1215.890906]  ? sock_kzfree_s+0x60/0x60
[ 1215.895267]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1215.899923]  ? tcp_chrono_start+0x190/0x1e0
[ 1215.904234]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1215.909241]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1215.914422]  ? iov_iter_advance+0x1460/0x1460
[ 1215.918908]  __sk_mem_schedule+0x6d/0xe0
[ 1215.922959]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1215.928488]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1215.932989]  ? tcp_sendpage+0x60/0x60
[ 1215.936790]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1215.942314]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1215.946627]  ? aa_profile_af_perm+0x410/0x410
[ 1215.951115]  ? ksys_dup3+0x680/0x680
[ 1215.954819]  ? lock_acquire+0x1ed/0x520
[ 1215.958787]  ? tcp_sendmsg+0x21/0x50
[ 1215.962491]  ? trace_hardirqs_on+0xbd/0x310
[ 1215.966799]  ? lock_release+0x970/0x970
[ 1215.970761]  ? lock_sock_nested+0xe2/0x120
[ 1215.974985]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1215.980435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.985960]  ? check_preemption_disabled+0x48/0x200
[ 1215.990962]  ? lock_sock_nested+0x9a/0x120
[ 1215.995183]  ? lock_sock_nested+0x9a/0x120
[ 1215.999405]  ? __local_bh_enable_ip+0x160/0x260
[ 1216.004067]  tcp_sendmsg+0x2f/0x50
[ 1216.007595]  inet_sendmsg+0x1a1/0x690
[ 1216.011390]  ? ipip_gro_receive+0x100/0x100
[ 1216.015702]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1216.020459]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.025984]  ? security_socket_sendmsg+0x94/0xc0
[ 1216.030727]  ? ipip_gro_receive+0x100/0x100
[ 1216.035039]  sock_sendmsg+0xd5/0x120
[ 1216.038743]  __sys_sendto+0x3d7/0x670
[ 1216.042534]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1216.047192]  ? arch_local_save_flags+0x40/0x40
[ 1216.051762]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1216.057222]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1216.062759]  ? compat_put_timespec64+0x110/0x280
[ 1216.067501]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1216.072241]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1216.077160]  ? trace_hardirqs_on+0xbd/0x310
[ 1216.081469]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.087006]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1216.091573]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1216.097016]  __ia32_sys_sendto+0xdf/0x1a0
[ 1216.101154]  do_fast_syscall_32+0x34d/0xfb2
[ 1216.105466]  ? do_int80_syscall_32+0x890/0x890
[ 1216.110037]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1216.114610]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1216.119616]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1216.124446]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1216.129452]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1216.134457]  ? recalc_sigpending_tsk+0x180/0x180
[ 1216.139198]  ? kasan_check_write+0x14/0x20
[ 1216.143423]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1216.148255]  entry_SYSENTER_compat+0x70/0x7f
[ 1216.152650] RIP: 0023:0xf7f56ca9
[ 1216.156006] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1216.174892] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1216.182601] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1216.189855] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
15:25:27 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x29000000, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1216.197111] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1216.204364] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1216.211627] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:27 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x100000})

15:25:27 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x3c000000, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x181000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1216.263420] Task in /syz4 killed as a result of limit of /syz4
[ 1216.271412] FAULT_INJECTION: forcing a failure.
[ 1216.271412] name fail_futex, interval 1, probability 0, space 0, times 1
[ 1216.282932] memory: usage 204800kB, limit 204800kB, failcnt 169
[ 1216.297116] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1216.323941] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1216.336045] Memory cgroup stats for /syz4: cache:152KB rss:2200KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:2196KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1216.336830] CPU: 1 PID: 23639 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #175
[ 1216.364290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1216.368494] Memory cgroup out of memory: Kill process 23642 (syz-executor4) score 171 or sacrifice child
[ 1216.373638] Call Trace:
[ 1216.373660]  dump_stack+0x1c4/0x2b4
[ 1216.373678]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1216.373702]  should_fail.cold.4+0xa/0x17
[ 1216.386671] Killed process 23642 (syz-executor4) total-vm:70120kB, anon-rss:2148kB, file-rss:32768kB, shmem-rss:0kB
[ 1216.389490]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1216.389508]  ? rb_next+0x140/0x140
[ 1216.396004] oom_reaper: reaped process 23642 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
[ 1216.398738]  ? mark_held_locks+0x130/0x130
[ 1216.429329]  ? rb_erase_cached+0xc78/0x3720
[ 1216.429347]  ? rb_next+0x140/0x140
[ 1216.429364]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.429378]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1216.429390]  ? mark_held_locks+0x130/0x130
[ 1216.429410]  get_futex_key+0x127d/0x21b0
[ 1216.459300]  ? check_preemption_disabled+0x48/0x200
[ 1216.464353]  ? futex_lock_pi_atomic+0x3a0/0x3a0
[ 1216.469034]  ? perf_trace_lock_acquire+0x15b/0x800
15:25:27 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x3})

15:25:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
prctl$intptr(0x18, 0xcd)

15:25:27 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xe0ffffffffffffff}, 0x6)

[ 1216.469055]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1216.469074]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1216.478600] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
[ 1216.479000]  ? is_bpf_text_address+0xac/0x170
[ 1216.496203]  ? lock_downgrade+0x900/0x900
[ 1216.496225]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1216.496239]  ? kasan_check_read+0x11/0x20
[ 1216.496253]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[ 1216.496266]  ? rcu_bh_qs+0xc0/0xc0
15:25:27 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x2000000, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1216.496278]  ? unwind_dump+0x190/0x190
[ 1216.496294]  ? mark_held_locks+0x130/0x130
[ 1216.496306]  ? kernel_text_address+0x79/0xf0
[ 1216.496318]  ? __update_load_avg_se+0x664/0xb90
[ 1216.496330]  ? mark_held_locks+0x130/0x130
[ 1216.496348]  ? unwind_get_return_address+0x61/0xa0
[ 1216.504967]  ? __update_load_avg_blocked_se+0x730/0x730
[ 1216.514984]  ? __update_load_avg_se+0xb90/0xb90
[ 1216.514999]  ? mark_held_locks+0x130/0x130
[ 1216.515014]  ? check_preemption_disabled+0x48/0x200
[ 1216.515036]  ? update_load_avg+0x387/0x2470
[ 1216.522977] syz-executor4 cpuset=
[ 1216.523820]  ? update_load_avg+0x387/0x2470
[ 1216.534867] syz4
[ 1216.536307]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1216.545187]  ? perf_trace_lock+0x7a0/0x7a0
[ 1216.545205]  ? attach_entity_load_avg+0x860/0x860
[ 1216.545219]  ? attach_entity_load_avg+0x860/0x860
[ 1216.545240]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.555492]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1216.555507]  ? mark_held_locks+0x130/0x130
[ 1216.555522]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.555539]  ? perf_trace_lock+0x7a0/0x7a0
[ 1216.555554]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1216.555582]  ? task_fork_fair+0x6d0/0x6d0
[ 1216.564453]  futex_wake+0x1ac/0x760
[ 1216.564472]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1216.564490]  ? cgroup_rstat_updated+0xe6/0x470
[ 1216.575706]  mems_allowed=0
[ 1216.577243]  ? get_futex_key+0x21b0/0x21b0
[ 1216.577268]  ? mark_held_locks+0x130/0x130
[ 1216.588455]  do_futex+0x2e4/0x26d0
[ 1216.588474]  ? mark_held_locks+0x130/0x130
[ 1216.597519]  ? debug_smp_processor_id+0x1c/0x20
15:25:27 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1216.629749]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.629768]  ? exit_robust_list+0x280/0x280
[ 1216.655013]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.655029]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.655044]  ? check_preemption_disabled+0x48/0x200
[ 1216.655062]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1216.655074]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.655090]  ? perf_trace_lock+0x7a0/0x7a0
[ 1216.662838]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.662858]  ? __delayacct_add_tsk+0x54b/0x650
[ 1216.662882]  ? lock_downgrade+0x900/0x900
15:25:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1216.686234]  ? __might_fault+0x12b/0x1e0
[ 1216.686252]  ? lock_downgrade+0x900/0x900
[ 1216.686267]  ? lock_release+0x970/0x970
[ 1216.686281]  ? arch_local_save_flags+0x40/0x40
[ 1216.686305]  mm_release+0x46a/0x5f0
[ 1216.701832]  ? mm_access+0x160/0x160
[ 1216.744370]  ? kasan_check_write+0x14/0x20
[ 1216.744390]  ? do_raw_spin_lock+0xc1/0x200
[ 1216.756534]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1216.761044]  do_exit+0x56b/0x2610
[ 1216.764509]  ? __bpf_trace_preemptirq_template+0x1/0x30
[ 1216.769873]  ? mm_update_next_owner+0x990/0x990
[ 1216.774555]  ? debug_object_active_state+0x2f5/0x4d0
[ 1216.779664]  ? lock_downgrade+0x900/0x900
[ 1216.783820]  ? trace_hardirqs_on+0xbd/0x310
[ 1216.788154]  ? kasan_check_read+0x11/0x20
[ 1216.792307]  ? mark_held_locks+0x130/0x130
[ 1216.796553]  ? kasan_check_write+0x14/0x20
[ 1216.800799]  ? do_raw_spin_lock+0xc1/0x200
[ 1216.805043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.810588]  ? check_preemption_disabled+0x48/0x200
[ 1216.815618]  ? mark_held_locks+0x130/0x130
[ 1216.819860]  ? call_rcu+0x12/0x20
[ 1216.823317]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.827987]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1216.832915]  ? check_preemption_disabled+0x48/0x200
[ 1216.837937]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.843478]  ? check_preemption_disabled+0x48/0x200
[ 1216.848498]  ? debug_smp_processor_id+0x1c/0x20
[ 1216.853245]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1216.853260]  ? kzfree+0x28/0x30
[ 1216.853279]  ? perf_trace_lock+0x7a0/0x7a0
[ 1216.853295]  ? check_preemption_disabled+0x48/0x200
[ 1216.853313]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.861490]  ? percpu_counter_add_batch+0x141/0x190
[ 1216.861505]  ? memset+0x31/0x40
[ 1216.861522]  ? __dequeue_signal+0xf9/0x7d0
[ 1216.888750]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1216.894790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.900317]  ? get_signal+0x95b/0x1980
[ 1216.904193]  ? lock_downgrade+0x900/0x900
[ 1216.908332]  do_group_exit+0x177/0x440
[ 1216.912210]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1216.917649]  ? __ia32_sys_exit+0x50/0x50
[ 1216.921698]  ? kasan_check_write+0x14/0x20
[ 1216.925920]  ? do_raw_spin_lock+0xc1/0x200
[ 1216.930146]  get_signal+0x8b0/0x1980
[ 1216.933852]  ? ptrace_notify+0x130/0x130
[ 1216.937899]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1216.943689]  ? __f_unlock_pos+0x19/0x20
[ 1216.947650]  ? lock_downgrade+0x900/0x900
[ 1216.951788]  ? __fget+0x4d1/0x740
[ 1216.955234]  do_signal+0x9c/0x21e0
[ 1216.958771]  ? kasan_check_write+0x14/0x20
[ 1216.962993]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1216.967907]  ? fsnotify+0xaae/0x12f0
[ 1216.971608]  ? setup_sigcontext+0x7d0/0x7d0
[ 1216.975915]  ? lock_release+0x970/0x970
[ 1216.979876]  ? check_preemption_disabled+0x48/0x200
[ 1216.984877]  ? fsnotify_first_mark+0x350/0x350
[ 1216.989443]  ? __fsnotify_parent+0xcc/0x420
[ 1216.993755]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.999290]  ? check_preemption_disabled+0x48/0x200
[ 1217.004410]  ? cpumask_weight.constprop.5+0x3f/0x3f
[ 1217.009420]  exit_to_usermode_loop+0x2e5/0x380
[ 1217.013993]  ? syscall_slow_exit_work+0x520/0x520
[ 1217.018823]  ? __ia32_compat_sys_ioctl+0x17a/0x630
[ 1217.023761]  do_fast_syscall_32+0xcd5/0xfb2
[ 1217.028074]  ? do_int80_syscall_32+0x890/0x890
[ 1217.032645]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1217.037215]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1217.042216]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1217.047048]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1217.051878]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1217.056882]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1217.061885]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1217.066892]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1217.071722]  entry_SYSENTER_compat+0x70/0x7f
[ 1217.076113] RIP: 0023:0xf7f2cca9
[ 1217.079465] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1217.098351] RSP: 002b:00000000f5f280cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1217.106043] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 000000004004550c
[ 1217.113296] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1217.120564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1217.127820] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1217.135076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1217.145282] CPU: 1 PID: 23663 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1217.152661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1217.162004] Call Trace:
[ 1217.164596]  dump_stack+0x1c4/0x2b4
[ 1217.168214]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1217.173395]  ? debug_smp_processor_id+0x1c/0x20
[ 1217.178054]  dump_header+0x27b/0xf72
[ 1217.181772]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1217.187296]  ? pagefault_out_of_memory+0x197/0x197
[ 1217.192211]  ? debug_smp_processor_id+0x1c/0x20
[ 1217.196870]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1217.201785]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1217.206704]  ? perf_trace_lock+0x7a0/0x7a0
[ 1217.210924]  ? perf_trace_lock+0x7a0/0x7a0
[ 1217.215147]  ? debug_smp_processor_id+0x1c/0x20
[ 1217.219803]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1217.224718]  ? mark_held_locks+0x130/0x130
[ 1217.228948]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1217.234473]  ? perf_trace_lock+0x7a0/0x7a0
[ 1217.238695]  ? task_will_free_mem+0x239/0xb30
[ 1217.243185]  ? ___ratelimit+0x36f/0x655
[ 1217.247149]  ? lock_downgrade+0x900/0x900
[ 1217.251284]  ? trace_hardirqs_on+0xbd/0x310
[ 1217.255588]  ? kasan_check_read+0x11/0x20
[ 1217.259730]  ? ___ratelimit+0x36f/0x655
[ 1217.263702]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1217.269138]  ? trace_hardirqs_on+0x310/0x310
[ 1217.273530]  ? lock_downgrade+0x900/0x900
[ 1217.277670]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1217.282761]  ? ___ratelimit+0xaa/0x655
[ 1217.286634]  ? idr_get_free+0xec0/0xec0
[ 1217.290596]  ? kasan_check_write+0x14/0x20
[ 1217.294816]  ? do_raw_spin_lock+0xc1/0x200
[ 1217.299043]  oom_kill_process.cold.27+0x10/0x903
[ 1217.303784]  ? kasan_check_write+0x14/0x20
[ 1217.308011]  ? do_raw_spin_lock+0xc1/0x200
[ 1217.312239]  ? oom_evaluate_task+0x540/0x540
[ 1217.316640]  ? cgroup_procs_next+0x70/0x70
[ 1217.320863]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1217.325342]  ? oom_badness+0xaa0/0xaa0
[ 1217.329221]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1217.333967]  ? mem_cgroup_iter_break+0x30/0x30
[ 1217.338541]  ? cgroup_file_notify+0x226/0x2f0
[ 1217.343135]  out_of_memory+0xa84/0x1430
[ 1217.347099]  ? kasan_check_read+0x11/0x20
[ 1217.351233]  ? oom_killer_disable+0x3a0/0x3a0
[ 1217.355712]  ? kasan_check_write+0x14/0x20
[ 1217.359947]  ? do_raw_spin_lock+0xc1/0x200
[ 1217.364173]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1217.369007]  ? memcg_memory_event+0x40/0x40
[ 1217.373316]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1217.378150]  ? page_counter_try_charge+0x1c1/0x220
[ 1217.383064]  try_charge+0xc43/0x1690
[ 1217.386763]  ? lock_downgrade+0x900/0x900
[ 1217.390900]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1217.396948]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1217.402470]  ? should_fail+0x22d/0xd01
[ 1217.406361]  ? percpu_ref_tryget_live+0x168/0x460
[ 1217.411202]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1217.416033]  ? lock_downgrade+0x900/0x900
[ 1217.420179]  ? lock_release+0x970/0x970
[ 1217.424140]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1217.429925]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1217.435454]  ? split_huge_pages_set+0xa90/0xa90
[ 1217.440115]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1217.444956]  ? fs_reclaim_acquire+0x20/0x20
[ 1217.449269]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1217.453925]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1217.458417]  ? __put_compound_page+0xe0/0xe0
[ 1217.462816]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1217.468350]  memcg_kmem_charge+0x135/0x300
[ 1217.472574]  __alloc_pages_nodemask+0x72e/0xde0
[ 1217.477233]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1217.482756]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1217.487764]  ? do_huge_pmd_anonymous_page+0x45e/0x17e0
[ 1217.493025]  ? unlock_page+0x2c2/0x4c0
[ 1217.496904]  ? __thp_get_unmapped_area+0x180/0x180
[ 1217.501823]  ? mark_held_locks+0x130/0x130
[ 1217.506042]  ? vm_mmap+0xc0/0xc0
[ 1217.509399]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1217.514925]  alloc_pages_current+0x10c/0x210
[ 1217.519332]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1217.524859]  pte_alloc_one+0x1b/0x1a0
[ 1217.528651]  __pte_alloc+0x2a/0x350
[ 1217.532265]  __handle_mm_fault+0x41f5/0x53e0
[ 1217.536665]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1217.541511]  ? lock_acquire+0x1ed/0x520
[ 1217.545476]  ? handle_mm_fault+0x42a/0xc70
[ 1217.549704]  ? lock_downgrade+0x900/0x900
[ 1217.553854]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1217.559640]  ? __do_page_fault+0x67d/0xed0
[ 1217.563863]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1217.569298]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1217.574823]  ? check_preemption_disabled+0x48/0x200
[ 1217.579829]  handle_mm_fault+0x54f/0xc70
[ 1217.583880]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1217.588448]  ? find_vma+0x34/0x190
[ 1217.591979]  __do_page_fault+0x67d/0xed0
[ 1217.596033]  ? mm_fault_error+0x380/0x380
[ 1217.600169]  ? trace_hardirqs_on+0x310/0x310
[ 1217.604566]  ? entry_INT80_compat+0x74/0x7e
[ 1217.608875]  do_page_fault+0xf2/0x7e0
[ 1217.612661]  ? vmalloc_sync_all+0x30/0x30
[ 1217.616794]  ? error_entry+0x70/0xd0
[ 1217.620500]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1217.625502]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1217.630419]  ? do_syscall_64+0x820/0x820
[ 1217.634465]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1217.639302]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1217.644311]  ? trace_hardirqs_off+0x310/0x310
[ 1217.648796]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1217.654322]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1217.659334]  ? page_fault+0x8/0x30
[ 1217.662868]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1217.667702]  ? page_fault+0x8/0x30
[ 1217.671235]  page_fault+0x1e/0x30
[ 1217.674674] RIP: 0023:0x806a9d6
[ 1217.677944] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1217.696830] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1217.702181] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1217.709448] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1217.716723] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1217.723977] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1217.731719] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1217.743607] Task in /syz4 killed as a result of limit of /syz4
[ 1217.752310] memory: usage 204796kB, limit 204800kB, failcnt 182
[ 1217.759173] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1217.766269] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1217.772459] Memory cgroup stats for /syz4: cache:152KB rss:2180KB rss_huge:2048KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:2192KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1217.793801] Memory cgroup out of memory: Kill process 23663 (syz-executor4) score 171 or sacrifice child
[ 1217.803815] Killed process 23663 (syz-executor4) total-vm:70120kB, anon-rss:2148kB, file-rss:32768kB, shmem-rss:0kB
15:25:28 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:28 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x6, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
readahead(r0, 0x37a65297, 0x178)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x471, 0x40000)
io_setup(0xffffffff, &(0x7f00000001c0)=<r3=>0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcs\x00', 0x4000, 0x0)
r5 = syz_open_dev$dmmidi(&(0x7f0000000440)='/dev/dmmidi#\x00', 0x0, 0x200000)
io_submit(r3, 0x7, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x6, 0x0, r1, &(0x7f0000000200)="da7eb2f198ecc73144a1ae27969b4f4a8fde8126227e3d31031afbf533759efbe63438d185", 0x25, 0x1, 0x0, 0x2, r4}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x7, 0x80, r1, &(0x7f00000002c0)="9926051dcd546a4db6c1f83342b159530d61dfa4767b74178e68827a2a118dd187a42bcf441275db605db3963ae38c3201fc817590941bd02cb12b205ca0341fc9d6d49e0a008212b3638865c9ed223101bd55ebef48c87dd233b7050fb3787334d46df1e22a6f7215e248efffe30a644c0d328ac724551170758d9e7f892ac5d5b2c61262522d7d1308ee5286b7a841b10ca52d63a8c0535387fde09db97186f4ea76baea84fcaad1a4f29811f709958e5c45a0740a04bff594a62b80ec9d11fc3a552c26d1666fa2", 0xc9, 0x80000000, 0x0, 0x0, r2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x10000, r2, &(0x7f0000000400)="0bd3047a0a25563126cc77d2a6c47e415d8a", 0x12, 0xffffffffffffff44, 0x0, 0x0, r5}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x5, 0x80, r1, &(0x7f00000004c0)="30859259dc7d6ffcb24d25f5d79c94f34114bfeeb3eb405b25aa2fdd62180e5fcb9d1d18ed8ca7f0ba8acd8c6a75d481d067166c712892b53d7d8220066edb652318a801e66cbc05878297e51f25b0c5f41c51100cd0e7b759de44c9223878b214a6df5810917e1e46018e45d4bd7d1016c182516d4641c87162a67cd16023285d497399af3968ecec6bb66e2b7a453a73185960d8c3fa3826de6847dc1675a056dfddc36099da056ef771863b3381278d7fb0d305b0d1edc5b2450ffa6d4a3ef212fd1d864b283f946ff7d67282baa888891a48822f91e307e720983c64", 0xde, 0x2, 0x0, 0x3, 0xffffffffffffff9c}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0xb3, r1, &(0x7f0000000600), 0x0, 0x5, 0x0, 0x3}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x6, 0x3, r2, &(0x7f0000000680)="f334ec5a663a364dead564c5d89fd42f57e7ce2d97a6bf1ec8997eaece40030e5e0a44c656039bd99f9dbb81ba27e98ae9802edc7314d0ba099a931d1874d53e80b19424b7a7cadc94392ec6eb6c2d9b4d93c1d1fb2334f927a43afb283d43a93ea3a2c2659d9451ae21c2046320a9ca2e3a50c8aed21e79134c923b17826c1ff1fb1e2ee25f4fb32c5643c8d3eda5422825c273ab2924a82b1d0432d4d00e67a4ee809b4c10e6483af0d1de5118b8bf3f4b69ed50ab7aef6b55babe70d9d3251f3228685c666d3162", 0xc9, 0x7fff, 0x0, 0x0, r2}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x7, 0x8, r1, &(0x7f00000007c0)="1f963710c019c009d8b4515e912c1406e513de8fbec388c24e2eaafa5a6d6cf5aea3bb86648ac8594f7bf41cee49661227dd0ddc126817c15008e8e4923a5cf16978a716d46a794ee87f4f72eae9212ffe8e38c73787b52b71764c90b9780714742cf200409cf3709a8870878ba6a66cc04b9b0bf15427e1b22bc853457d7124e90a83ff9745bd2887d02dfe330b300d37391e64b9c58e332df6d6e747b05b563789374291bc4d78a8d388f3a288e13e54932543cf7d664f98baa5fe", 0xbc, 0x4, 0x0, 0x2, r2}])
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f00000000c0)={<r6=>0x0, 0x4, 0x30}, &(0x7f0000000100)=0xc)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000140)={r6, 0x1}, &(0x7f0000000180)=0x8)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffff)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:28 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0xfffffdfd})

15:25:28 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x300000000000000}, 0x6)

15:25:28 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505331, &(0x7f0000000100)={{0x8001, 0x6}, {0x9, 0x10001}, 0x2, 0x4, 0x9101})
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x4)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)

15:25:28 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x600000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:28 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x8000000})

[ 1217.929708] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1217.967919] Unknown ioctl 1079006001
15:25:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000080))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x80000, 0x0)
readlinkat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=""/161, 0xa1)
ftruncate(r1, 0xbcc)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
readahead(r1, 0xf8000, 0x8)

15:25:29 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x8})

[ 1217.975540] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1217.984721] Unknown ioctl 1079006001
[ 1217.994231] CPU: 1 PID: 23688 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1218.001610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1218.010964] Call Trace:
[ 1218.013559]  dump_stack+0x1c4/0x2b4
[ 1218.017193]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1218.022385]  ? mark_held_locks+0x130/0x130
15:25:29 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x29, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1218.026620]  ? mark_held_locks+0x130/0x130
[ 1218.030865]  dump_header+0x27b/0xf72
[ 1218.034597]  ? debug_smp_processor_id+0x1c/0x20
[ 1218.039277]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1218.044823]  ? pagefault_out_of_memory+0x197/0x197
[ 1218.049758]  ? debug_smp_processor_id+0x1c/0x20
[ 1218.049774]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1218.049791]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1218.064292]  ? perf_trace_lock+0x7a0/0x7a0
[ 1218.064306]  ? perf_trace_lock+0x7a0/0x7a0
[ 1218.064325]  ? debug_smp_processor_id+0x1c/0x20
15:25:29 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0xffffffff00000000})

[ 1218.064338]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1218.064353]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1218.064369]  ? perf_trace_lock+0x7a0/0x7a0
[ 1218.087911]  ? task_will_free_mem+0x239/0xb30
[ 1218.087936]  ? ___ratelimit+0x36f/0x655
[ 1218.087958]  ? lock_downgrade+0x900/0x900
[ 1218.100628]  ? trace_hardirqs_on+0xbd/0x310
[ 1218.109086]  ? kasan_check_read+0x11/0x20
[ 1218.113249]  ? ___ratelimit+0x36f/0x655
[ 1218.117240]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1218.122707]  ? trace_hardirqs_on+0x310/0x310
[ 1218.127123]  ? lock_downgrade+0x900/0x900
[ 1218.131261]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1218.136351]  ? ___ratelimit+0xaa/0x655
[ 1218.140227]  ? idr_get_free+0xec0/0xec0
[ 1218.144190]  ? kasan_check_write+0x14/0x20
[ 1218.148415]  ? do_raw_spin_lock+0xc1/0x200
[ 1218.152646]  oom_kill_process.cold.27+0x10/0x903
[ 1218.157574]  ? kasan_check_write+0x14/0x20
[ 1218.161800]  ? do_raw_spin_lock+0xc1/0x200
[ 1218.166025]  ? oom_evaluate_task+0x540/0x540
[ 1218.170426]  ? cgroup_procs_next+0x70/0x70
[ 1218.174681]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1218.179163]  ? oom_badness+0xaa0/0xaa0
[ 1218.183041]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1218.187803]  ? mem_cgroup_iter_break+0x30/0x30
[ 1218.192389]  ? cgroup_file_notify+0x226/0x2f0
[ 1218.196872]  out_of_memory+0xa84/0x1430
[ 1218.200833]  ? kasan_check_read+0x11/0x20
[ 1218.204966]  ? oom_killer_disable+0x3a0/0x3a0
[ 1218.209457]  ? kasan_check_write+0x14/0x20
[ 1218.213689]  ? do_raw_spin_lock+0xc1/0x200
[ 1218.217916]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1218.222743]  ? memcg_memory_event+0x40/0x40
[ 1218.227053]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1218.231973]  ? page_counter_try_charge+0x1c1/0x220
[ 1218.236892]  try_charge+0xc43/0x1690
[ 1218.240599]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1218.246643]  ? tcp_sendmsg+0x2f/0x50
[ 1218.250349]  ? sock_sendmsg+0xd5/0x120
[ 1218.254222]  ? __sys_sendto+0x3d7/0x670
[ 1218.258184]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1218.262495]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1218.266989]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1218.271649]  ? fs_reclaim_acquire+0x20/0x20
[ 1218.275965]  ? lock_downgrade+0x900/0x900
[ 1218.280188]  ? ___might_sleep+0x1ed/0x300
[ 1218.284324]  ? trace_hardirqs_on+0xbd/0x310
[ 1218.288628]  ? lock_downgrade+0x900/0x900
[ 1218.292768]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1218.297859]  ? kasan_unpoison_shadow+0x35/0x50
[ 1218.302434]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1218.307526]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1218.312966]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1218.318492]  ? check_preemption_disabled+0x48/0x200
[ 1218.323507]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1218.328266]  ? mem_cgroup_sk_free+0x90/0x90
[ 1218.332583]  __sk_mem_raise_allocated+0x642/0x1800
[ 1218.337501]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1218.341817]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1218.346821]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1218.351480]  ? sock_kzfree_s+0x60/0x60
[ 1218.355357]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1218.360362]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1218.364937]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1218.369939]  ? skb_entail+0x618/0x8c0
[ 1218.373729]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1218.378905]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1218.383564]  __sk_mem_schedule+0x6d/0xe0
[ 1218.387611]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1218.393147]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1218.397643]  ? tcp_sendpage+0x60/0x60
[ 1218.401441]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1218.406964]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1218.411277]  ? aa_profile_af_perm+0x410/0x410
[ 1218.415766]  ? ksys_dup3+0x680/0x680
[ 1218.419471]  ? lock_acquire+0x1ed/0x520
[ 1218.423434]  ? tcp_sendmsg+0x21/0x50
[ 1218.427149]  ? trace_hardirqs_on+0xbd/0x310
[ 1218.431544]  ? lock_release+0x970/0x970
[ 1218.435504]  ? lock_sock_nested+0xe2/0x120
[ 1218.439729]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1218.445170]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1218.450696]  ? check_preemption_disabled+0x48/0x200
[ 1218.455699]  ? lock_sock_nested+0x9a/0x120
[ 1218.459919]  ? lock_sock_nested+0x9a/0x120
[ 1218.464146]  ? __local_bh_enable_ip+0x160/0x260
[ 1218.468804]  tcp_sendmsg+0x2f/0x50
[ 1218.472339]  inet_sendmsg+0x1a1/0x690
[ 1218.476127]  ? ipip_gro_receive+0x100/0x100
[ 1218.480435]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1218.485178]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1218.490704]  ? security_socket_sendmsg+0x94/0xc0
[ 1218.495446]  ? ipip_gro_receive+0x100/0x100
[ 1218.499753]  sock_sendmsg+0xd5/0x120
[ 1218.503458]  __sys_sendto+0x3d7/0x670
[ 1218.507246]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1218.511903]  ? arch_local_save_flags+0x40/0x40
[ 1218.516477]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1218.521930]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1218.527456]  ? compat_put_timespec64+0x110/0x280
[ 1218.532215]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1218.536958]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1218.541878]  ? trace_hardirqs_on+0xbd/0x310
[ 1218.546198]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1218.551721]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1218.556289]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1218.561731]  __ia32_sys_sendto+0xdf/0x1a0
[ 1218.565868]  do_fast_syscall_32+0x34d/0xfb2
[ 1218.570188]  ? do_int80_syscall_32+0x890/0x890
[ 1218.574763]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1218.579334]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1218.584337]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1218.589180]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1218.594183]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1218.599185]  ? recalc_sigpending_tsk+0x180/0x180
[ 1218.603949]  ? kasan_check_write+0x14/0x20
[ 1218.608183]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1218.613021]  entry_SYSENTER_compat+0x70/0x7f
[ 1218.617414] RIP: 0023:0xf7f56ca9
[ 1218.620770] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1218.639742] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1218.647438] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1218.654696] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1218.661952] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1218.669208] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1218.676474] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:29 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x402c582a, &(0x7f0000000100))

15:25:29 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2b000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:29 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x2000000})

15:25:29 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x22020000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1218.787567] Task in /syz4 killed as a result of limit of /syz4
[ 1218.815021] memory: usage 204748kB, limit 204800kB, failcnt 208
[ 1218.851888] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1218.865443] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1218.879361] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:30 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x7000000}, 0x6)

15:25:30 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4008550c, &(0x7f0000000100))

15:25:30 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2202, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:30 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x3000000})

15:25:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

15:25:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0xfffffffffffffffd)

[ 1218.912239] Memory cgroup out of memory: Kill process 23687 (syz-executor4) score 161 or sacrifice child
[ 1218.922620] Killed process 23687 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1218.935382] oom_reaper: reaped process 23687 (syz-executor4), now anon-rss:0kB, file-rss:32796kB, shmem-rss:0kB
15:25:30 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:30 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2c00000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1219.004269] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1219.029706] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1219.057775] CPU: 1 PID: 23747 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1219.065177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1219.074525] Call Trace:
[ 1219.074548]  dump_stack+0x1c4/0x2b4
[ 1219.074566]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1219.085946]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.085964]  dump_header+0x27b/0xf72
[ 1219.094338]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.099883]  ? pagefault_out_of_memory+0x197/0x197
15:25:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x2, 0x0)
sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20008004)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x20000, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r3, 0x111, 0x3, 0x1, 0x4)

[ 1219.104816]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.104832]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.104844]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.104862]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.114426]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.114446]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.114459]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.114472]  ? mark_held_locks+0x130/0x130
[ 1219.114484]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.114500]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.151359]  ? task_will_free_mem+0x239/0xb30
[ 1219.155850]  ? ___ratelimit+0x36f/0x655
[ 1219.159812]  ? lock_downgrade+0x900/0x900
[ 1219.163948]  ? trace_hardirqs_on+0xbd/0x310
[ 1219.168256]  ? kasan_check_read+0x11/0x20
[ 1219.172388]  ? ___ratelimit+0x36f/0x655
[ 1219.176350]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1219.181802]  ? trace_hardirqs_on+0x310/0x310
[ 1219.186197]  ? lock_downgrade+0x900/0x900
[ 1219.190333]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1219.195511]  ? ___ratelimit+0xaa/0x655
[ 1219.199388]  ? idr_get_free+0xec0/0xec0
[ 1219.203365]  ? kasan_check_write+0x14/0x20
[ 1219.207592]  ? do_raw_spin_lock+0xc1/0x200
[ 1219.211819]  oom_kill_process.cold.27+0x10/0x903
[ 1219.216566]  ? kasan_check_write+0x14/0x20
[ 1219.220896]  ? do_raw_spin_lock+0xc1/0x200
[ 1219.225121]  ? oom_evaluate_task+0x540/0x540
[ 1219.229516]  ? cgroup_procs_next+0x70/0x70
[ 1219.233737]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1219.238218]  ? oom_badness+0xaa0/0xaa0
[ 1219.242095]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1219.246839]  ? mem_cgroup_iter_break+0x30/0x30
[ 1219.251416]  ? cgroup_file_notify+0x226/0x2f0
[ 1219.255912]  out_of_memory+0xa84/0x1430
[ 1219.259872]  ? kasan_check_read+0x11/0x20
[ 1219.264006]  ? oom_killer_disable+0x3a0/0x3a0
[ 1219.268489]  ? kasan_check_write+0x14/0x20
[ 1219.272709]  ? do_raw_spin_lock+0xc1/0x200
[ 1219.276941]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1219.281767]  ? memcg_memory_event+0x40/0x40
[ 1219.286080]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1219.290911]  ? page_counter_try_charge+0x1c1/0x220
[ 1219.295826]  try_charge+0xc43/0x1690
[ 1219.299528]  ? lock_downgrade+0x900/0x900
[ 1219.303666]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1219.309709]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1219.315495]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1219.321020]  ? should_fail+0x22d/0xd01
[ 1219.324899]  ? percpu_ref_tryget_live+0x168/0x460
[ 1219.329728]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1219.334555]  ? lock_downgrade+0x900/0x900
[ 1219.338706]  ? lock_release+0x970/0x970
[ 1219.342668]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1219.348451]  ? __kernel_text_address+0xd/0x40
[ 1219.352947]  ? __save_stack_trace+0x8d/0xf0
[ 1219.357260]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1219.362088]  ? fs_reclaim_acquire+0x20/0x20
[ 1219.366397]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1219.371051]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1219.375531]  ? entry_INT80_compat+0x74/0x7e
[ 1219.379843]  memcg_kmem_charge+0x135/0x300
[ 1219.384065]  __alloc_pages_nodemask+0x72e/0xde0
[ 1219.388725]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1219.393731]  ? percpu_ref_put_many+0x13e/0x260
[ 1219.398297]  ? trace_hardirqs_on+0xbd/0x310
[ 1219.402607]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1219.407956]  ? kasan_kmalloc+0xc7/0xe0
[ 1219.411829]  ? kasan_slab_alloc+0x12/0x20
[ 1219.415978]  ? kmem_cache_alloc_node+0x303/0x730
[ 1219.420721]  ? kasan_check_write+0x14/0x20
[ 1219.424940]  ? do_raw_spin_lock+0xc1/0x200
[ 1219.429162]  copy_process+0xa09/0x8780
[ 1219.433211]  ? mark_held_locks+0x130/0x130
[ 1219.437433]  ? percpu_ref_get_many+0x121/0x240
[ 1219.442087]  ? lock_downgrade+0x900/0x900
[ 1219.446228]  ? __cleanup_sighand+0x70/0x70
[ 1219.450460]  ? bio_cur_bytes+0x1e0/0x1e0
[ 1219.454510]  ? mark_held_locks+0x130/0x130
[ 1219.458731]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.464257]  ? check_preemption_disabled+0x48/0x200
[ 1219.469261]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.473913]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.478826]  ? try_charge+0x112a/0x1690
[ 1219.482790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.488314]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.492539]  ? mark_held_locks+0x130/0x130
[ 1219.496771]  ? mark_held_locks+0x130/0x130
[ 1219.501002]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.505222]  ? mark_held_locks+0x130/0x130
[ 1219.509444]  ? check_preemption_disabled+0x48/0x200
[ 1219.514448]  ? blk_init_request_from_bio+0x3c0/0x3c0
[ 1219.519539]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.524196]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.529111]  ? mark_held_locks+0x130/0x130
[ 1219.533350]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.538874]  ? check_preemption_disabled+0x48/0x200
[ 1219.543879]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.548533]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.553455]  ? mark_held_locks+0x130/0x130
[ 1219.557673]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.561896]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1219.566899]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1219.571640]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.577179]  ? check_preemption_disabled+0x48/0x200
[ 1219.582185]  ? debug_smp_processor_id+0x1c/0x20
[ 1219.586944]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1219.591859]  ? lock_downgrade+0x900/0x900
[ 1219.595995]  ? perf_trace_lock+0x7a0/0x7a0
[ 1219.600217]  ? change_protection+0x1718/0x29a0
[ 1219.604787]  ? lock_downgrade+0x900/0x900
[ 1219.608923]  ? kasan_check_read+0x11/0x20
[ 1219.613068]  ? ___might_sleep+0x1ed/0x300
[ 1219.617205]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1219.621774]  ? arch_local_save_flags+0x40/0x40
[ 1219.626341]  ? kasan_check_write+0x14/0x20
[ 1219.630568]  ? do_raw_spin_lock+0xc1/0x200
[ 1219.634794]  ? perf_iterate_sb+0x189/0xc60
[ 1219.639014]  ? lock_downgrade+0x900/0x900
[ 1219.643154]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1219.648943]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.654469]  ? check_preemption_disabled+0x48/0x200
[ 1219.659474]  ? perf_iterate_sb+0x1b0/0xc60
[ 1219.663693]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1219.668612]  ? perf_event_comm_output+0x750/0x750
[ 1219.673441]  ? find_get_context.isra.94+0x730/0x730
[ 1219.678450]  ? validate_mm+0x386/0x630
[ 1219.682337]  ? lock_downgrade+0x900/0x900
[ 1219.686474]  ? kasan_check_read+0x11/0x20
[ 1219.690609]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1219.695011]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1219.699581]  ? kfree+0x1bf/0x230
[ 1219.702939]  ? perf_event_mmap+0x134/0x1350
[ 1219.707258]  ? perf_event_fork+0x30/0x30
[ 1219.711321]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.716845]  ? vma_set_page_prot+0x243/0x320
[ 1219.721240]  ? vma_wants_writenotify+0x510/0x510
[ 1219.725999]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1219.730754]  _do_fork+0x1cb/0x11d0
[ 1219.734387]  ? fork_idle+0x1d0/0x1d0
[ 1219.738095]  ? up_write+0x7b/0x220
[ 1219.741619]  ? up_read+0x110/0x110
[ 1219.745147]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1219.750670]  ? apparmor_file_mprotect+0xde/0x110
[ 1219.755412]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.760937]  ? security_file_mprotect+0x94/0xc0
[ 1219.765594]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1219.769908]  ? trace_hardirqs_off+0xb8/0x310
[ 1219.774303]  ? mprotect_fixup+0xc60/0xc60
[ 1219.778450]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1219.783021]  ? trace_hardirqs_on+0x310/0x310
[ 1219.787416]  ? trace_hardirqs_on+0xbd/0x310
[ 1219.791728]  ? entry_INT80_compat+0x74/0x7e
[ 1219.796035]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1219.801475]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1219.806489]  do_int80_syscall_32+0x1fe/0x890
[ 1219.810884]  ? entry_INT80_compat+0x6c/0x7e
[ 1219.815194]  ? do_syscall_64+0x820/0x820
[ 1219.819239]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1219.824071]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1219.829078]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1219.834092]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1219.838921]  entry_INT80_compat+0x74/0x7e
[ 1219.843067] RIP: 0023:0x8081a44
15:25:30 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x6000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:30 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x541b, &(0x7f0000000100))

[ 1219.846336] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1219.865221] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1219.872927] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1219.880179] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1219.887433] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1219.895200] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1219.902454] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:31 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

[ 1220.034540] Task in /syz4 killed as a result of limit of /syz4
[ 1220.040592] memory: usage 204784kB, limit 204800kB, failcnt 246
[ 1220.062200] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1220.069895] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:31 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x80040200}, 0x6)

15:25:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000140)={0x40, 0x1ff}, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000080)=0x10000)
r3 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x1, 0x80080)
socket$bt_rfcomm(0x1f, 0x0, 0x3)
ioctl$KDENABIO(r3, 0x4b36)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:31 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x300, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:31 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5460, &(0x7f0000000100))

15:25:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x88500, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x200, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffff9c, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={<r3=>0x0}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000000)={0x1, 0x3374, 0x0, 0xffffffff, 0x6, 0x0, 0x8, 0x0, r3}, &(0x7f0000000240)=0x20)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000140)={r3, 0x101, 0x9}, &(0x7f0000000180)=0x8)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000001c0)={0xf5, 0x0, [0x3, 0x8000, 0x6, 0x1]})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:31 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

[ 1220.076507] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1220.097091] Memory cgroup out of memory: Kill process 23747 (syz-executor4) score 160 or sacrifice child
[ 1220.106791] Killed process 23747 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1220.117774] oom_reaper: reaped process 23747 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:31 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x222, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:31 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x40049409, &(0x7f0000000100))

15:25:31 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

[ 1220.219709] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1220.238456] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1220.267145] CPU: 0 PID: 23788 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1220.274537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1220.283887] Call Trace:
[ 1220.286483]  dump_stack+0x1c4/0x2b4
[ 1220.290126]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1220.295322]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.299996]  dump_header+0x27b/0xf72
[ 1220.303730]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.309281]  ? pagefault_out_of_memory+0x197/0x197
[ 1220.314213]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.318874]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.323790]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.328713]  ? perf_trace_lock+0x7a0/0x7a0
[ 1220.332934]  ? perf_trace_lock+0x7a0/0x7a0
[ 1220.337159]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.341821]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.346738]  ? mark_held_locks+0x130/0x130
[ 1220.350965]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.356504]  ? perf_trace_lock+0x7a0/0x7a0
[ 1220.360725]  ? task_will_free_mem+0x239/0xb30
[ 1220.365213]  ? ___ratelimit+0x36f/0x655
[ 1220.369172]  ? lock_downgrade+0x900/0x900
[ 1220.373307]  ? trace_hardirqs_on+0xbd/0x310
[ 1220.377615]  ? kasan_check_read+0x11/0x20
[ 1220.381748]  ? ___ratelimit+0x36f/0x655
[ 1220.385714]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1220.391149]  ? trace_hardirqs_on+0x310/0x310
[ 1220.395546]  ? lock_downgrade+0x900/0x900
[ 1220.399681]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1220.404775]  ? ___ratelimit+0xaa/0x655
[ 1220.408648]  ? idr_get_free+0xec0/0xec0
[ 1220.412610]  ? kasan_check_write+0x14/0x20
[ 1220.416834]  ? do_raw_spin_lock+0xc1/0x200
[ 1220.421060]  oom_kill_process.cold.27+0x10/0x903
[ 1220.425806]  ? kasan_check_write+0x14/0x20
[ 1220.430027]  ? do_raw_spin_lock+0xc1/0x200
[ 1220.434250]  ? oom_evaluate_task+0x540/0x540
[ 1220.438648]  ? cgroup_procs_next+0x70/0x70
[ 1220.442869]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1220.447352]  ? oom_badness+0xaa0/0xaa0
[ 1220.451228]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1220.455973]  ? mem_cgroup_iter_break+0x30/0x30
[ 1220.460547]  ? cgroup_file_notify+0x226/0x2f0
[ 1220.465030]  out_of_memory+0xa84/0x1430
[ 1220.469001]  ? kasan_check_read+0x11/0x20
[ 1220.473139]  ? oom_killer_disable+0x3a0/0x3a0
[ 1220.477619]  ? kasan_check_write+0x14/0x20
[ 1220.481843]  ? do_raw_spin_lock+0xc1/0x200
[ 1220.486076]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1220.490913]  ? memcg_memory_event+0x40/0x40
[ 1220.495223]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1220.500056]  ? page_counter_try_charge+0x1c1/0x220
[ 1220.504975]  try_charge+0xc43/0x1690
[ 1220.508686]  ? lock_downgrade+0x900/0x900
[ 1220.512826]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1220.518873]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1220.524659]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1220.530182]  ? should_fail+0x22d/0xd01
[ 1220.534060]  ? percpu_ref_tryget_live+0x168/0x460
[ 1220.538887]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1220.543717]  ? lock_downgrade+0x900/0x900
[ 1220.547853]  ? lock_release+0x970/0x970
[ 1220.551817]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1220.557599]  ? __kernel_text_address+0xd/0x40
[ 1220.562256]  ? __save_stack_trace+0x8d/0xf0
[ 1220.566571]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1220.571402]  ? fs_reclaim_acquire+0x20/0x20
[ 1220.575712]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1220.580370]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1220.584853]  ? entry_INT80_compat+0x74/0x7e
[ 1220.589165]  memcg_kmem_charge+0x135/0x300
[ 1220.593387]  __alloc_pages_nodemask+0x72e/0xde0
[ 1220.598043]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1220.603049]  ? percpu_ref_put_many+0x13e/0x260
[ 1220.607614]  ? trace_hardirqs_on+0xbd/0x310
[ 1220.611918]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1220.617271]  ? kasan_kmalloc+0xc7/0xe0
[ 1220.621146]  ? kasan_slab_alloc+0x12/0x20
[ 1220.625281]  ? kmem_cache_alloc_node+0x303/0x730
[ 1220.630022]  ? kasan_check_write+0x14/0x20
[ 1220.634244]  ? do_raw_spin_lock+0xc1/0x200
[ 1220.638464]  copy_process+0xa09/0x8780
[ 1220.642346]  ? check_preemption_disabled+0x48/0x200
[ 1220.647346]  ? check_preemption_disabled+0x48/0x200
[ 1220.652353]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.657876]  ? check_preemption_disabled+0x48/0x200
[ 1220.662877]  ? native_load_gs_index+0x10/0x30
[ 1220.667360]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.672013]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.676939]  ? perf_sched_cb_inc+0x350/0x350
[ 1220.681382]  ? __cleanup_sighand+0x70/0x70
[ 1220.685607]  ? lock_downgrade+0x900/0x900
[ 1220.689748]  ? finish_task_switch+0x1b5/0x900
[ 1220.694229]  ? trace_hardirqs_on+0xbd/0x310
[ 1220.698536]  ? kasan_check_read+0x11/0x20
[ 1220.702672]  ? finish_task_switch+0x1f5/0x900
[ 1220.707152]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1220.712591]  ? check_preemption_disabled+0x48/0x200
[ 1220.717597]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.722253]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.727380]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1220.733076]  ? lock_downgrade+0x900/0x900
[ 1220.737209]  ? perf_trace_lock+0x7a0/0x7a0
[ 1220.741430]  ? mark_held_locks+0x130/0x130
[ 1220.745652]  ? trace_hardirqs_on+0xbd/0x310
[ 1220.749960]  ? kasan_check_read+0x11/0x20
[ 1220.754095]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1220.759791]  ? mark_held_locks+0x130/0x130
[ 1220.764014]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1220.769449]  ? kasan_check_write+0x14/0x20
[ 1220.773677]  ? mark_held_locks+0x130/0x130
[ 1220.777897]  ? check_preemption_disabled+0x48/0x200
[ 1220.782905]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.787559]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.792480]  ? mark_held_locks+0x130/0x130
[ 1220.796704]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.802232]  ? check_preemption_disabled+0x48/0x200
[ 1220.807238]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.811892]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.816810]  ? mark_held_locks+0x130/0x130
[ 1220.821033]  ? perf_trace_lock+0x7a0/0x7a0
[ 1220.825255]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1220.830256]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1220.834997]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.840521]  ? check_preemption_disabled+0x48/0x200
[ 1220.845527]  ? debug_smp_processor_id+0x1c/0x20
[ 1220.850181]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1220.855094]  ? lock_downgrade+0x900/0x900
[ 1220.859270]  ? perf_trace_lock+0x7a0/0x7a0
[ 1220.863493]  ? change_protection+0x1718/0x29a0
[ 1220.868062]  ? lock_downgrade+0x900/0x900
[ 1220.872199]  ? kasan_check_read+0x11/0x20
[ 1220.876337]  ? ___might_sleep+0x1ed/0x300
[ 1220.880475]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1220.885043]  ? arch_local_save_flags+0x40/0x40
[ 1220.889611]  ? kasan_check_write+0x14/0x20
[ 1220.894243]  ? do_raw_spin_lock+0xc1/0x200
[ 1220.898477]  ? perf_iterate_sb+0x189/0xc60
[ 1220.902698]  ? lock_downgrade+0x900/0x900
[ 1220.906838]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1220.912629]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.918155]  ? check_preemption_disabled+0x48/0x200
[ 1220.923160]  ? perf_iterate_sb+0x1b0/0xc60
[ 1220.927379]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1220.932294]  ? perf_event_comm_output+0x750/0x750
[ 1220.937132]  ? find_get_context.isra.94+0x730/0x730
[ 1220.942131]  ? validate_mm+0x386/0x630
[ 1220.946003]  ? lock_downgrade+0x900/0x900
[ 1220.950141]  ? kasan_check_read+0x11/0x20
[ 1220.954458]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1220.958854]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1220.963423]  ? kfree+0x1bf/0x230
[ 1220.966784]  ? perf_event_mmap+0x134/0x1350
[ 1220.971097]  ? perf_event_fork+0x30/0x30
[ 1220.975150]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1220.980674]  ? vma_set_page_prot+0x243/0x320
[ 1220.985071]  ? vma_wants_writenotify+0x510/0x510
[ 1220.989811]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1220.994124]  _do_fork+0x1cb/0x11d0
[ 1220.997653]  ? fork_idle+0x1d0/0x1d0
[ 1221.001356]  ? up_write+0x7b/0x220
[ 1221.004884]  ? up_read+0x110/0x110
[ 1221.008408]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1221.013930]  ? apparmor_file_mprotect+0xde/0x110
[ 1221.018671]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1221.024197]  ? security_file_mprotect+0x94/0xc0
[ 1221.028853]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1221.033163]  ? trace_hardirqs_off+0xb8/0x310
[ 1221.037562]  ? mprotect_fixup+0xc60/0xc60
[ 1221.041694]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1221.046264]  ? trace_hardirqs_on+0x310/0x310
[ 1221.050658]  ? trace_hardirqs_on+0xbd/0x310
[ 1221.054965]  ? entry_INT80_compat+0x74/0x7e
[ 1221.059272]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1221.064714]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1221.069725]  do_int80_syscall_32+0x1fe/0x890
[ 1221.074120]  ? entry_INT80_compat+0x6c/0x7e
[ 1221.078429]  ? do_syscall_64+0x820/0x820
[ 1221.082482]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1221.087320]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1221.092324]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1221.097327]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1221.102159]  entry_INT80_compat+0x74/0x7e
[ 1221.106301] RIP: 0023:0x8081a44
[ 1221.109573] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1221.128553] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1221.136257] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1221.143512] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1221.150764] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1221.158017] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
15:25:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x101000, 0x0)
ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000001c0)=""/224)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0x1f001)
ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000080)="31c089717129292e4017e34dbbfc9c52e00086acce24937dfd532bdcbcf13a1af2bc729234a92dfd5b1595721b8a57bf1dc38bc2742bd5b273d8c3ce6601b2e298ef1fbd54f6c151491e374f609a05d05c52f2857c53ca81fd372c69c7ab96b14722ebf0972c32213f00690703c26e87cebe17cc0e80eced68c16c26ab678f8242869f9c600acdde16842aa2301f652c486be3eec71e9cee4543bc8e70e2ac169b2a216d114dc907eeecbd9871523d4b35393d8b246a23398b5bc7ca3de9ae9dbffcb493cd29bf23e7230c2dcea25b267cdbab4b28d05a58ffc71ee07e839a1850173fea5be17a8fa9d61b5f7a4a4d4deea6eb44251ca3be7bd4b1f7bcad96b9")

15:25:31 executing program 3:
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f00000000c0)=0x2)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x7fff, 0x2480)
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000080))
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0xae78, &(0x7f0000000040))

15:25:32 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x8, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1221.165272] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1221.215374] Task in /syz4 killed as a result of limit of /syz4
[ 1221.221581] memory: usage 204784kB, limit 204800kB, failcnt 276
[ 1221.242221] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1221.252476] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1221.259100] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1221.279633] Memory cgroup out of memory: Kill process 23788 (syz-executor4) score 160 or sacrifice child
[ 1221.293082] Killed process 23788 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:32 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550d, &(0x7f0000000100))

15:25:32 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x900}, 0x6)

15:25:32 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:32 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2b, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x8100, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0))
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=<r2=>0x0)
rt_sigqueueinfo(r2, 0xc, &(0x7f00000000c0)={0x27, 0x0, 0x400, 0x5})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_GET_IRQCHIP(r3, 0xc208ae62, &(0x7f0000000140)={0x0, 0x0, @ioapic})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))

[ 1221.322070] oom_reaper: reaped process 23788 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:32 executing program 1:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40600, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x100000000003, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
r3 = creat(&(0x7f0000000100)='./file0\x00', 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r3, &(0x7f0000000140)="60a74a95d005c09b6e62f9c4ba37cb5bad8afc493607fc3380b22b026093fe444ecd24cd9401197e87e8cbe5fd42f3e54b397214b580a28e67fbc2c4d04890ff5a15eca8298c98a1822571a3ba1f28d26f5d1b4d136ef0156b7ebd4d52fb2d8a00267c5538ba4572d160a2177859aed80e5c3977474177ba57a9322181099f49e0ea346c728c4231df52b6e14e7e305559c408417d82066818a62af4f036dc26116f74e8b4e826440cfc2a00e2ea3f98a5cb89c204fd829590cf83d57a4d014439018728300deb0af81e8d7c09fb1a8e5301570e38f812c0a27d6bd1d7ff7ebc163c8366be341203ff73592c", &(0x7f0000000240)="303dba97e30ac826d5f3d47cf4be608d6c899f3130a8f60a4a397fac839e232aeb0a97f7ab30d6d61dee61e8751884b8c893d9f3c3f4cdb844556ca2c22e93b43d44b8d428900389e83d9eb5d965e92f5ca7b8601d7b4403e515079722cf9d27a68485b81dc88eb8e10d651438c1570d6d162ceb8b2fc0848c3f8ceccf9a1c021c77bdbfeea775067aab0fecc7829b923a34d52776"}, 0x20)

15:25:32 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2b00000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:32 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:32 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4020940d, &(0x7f0000000100))

[ 1221.403348] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1221.446152] QAT: Invalid ioctl
[ 1221.473088] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1221.478735] CPU: 1 PID: 23825 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1221.486098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1221.495446] Call Trace:
[ 1221.495463] QAT: Invalid ioctl
[ 1221.498038]  dump_stack+0x1c4/0x2b4
[ 1221.498057]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1221.510038]  ? debug_smp_processor_id+0x1c/0x20
[ 1221.510057]  dump_header+0x27b/0xf72
[ 1221.518419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1221.523955]  ? pagefault_out_of_memory+0x197/0x197
[ 1221.523973]  ? debug_smp_processor_id+0x1c/0x20
[ 1221.523986]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1221.524001]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1221.543413]  ? perf_trace_lock+0x7a0/0x7a0
[ 1221.547646]  ? perf_trace_lock+0x7a0/0x7a0
[ 1221.551882]  ? debug_smp_processor_id+0x1c/0x20
[ 1221.556542]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1221.556555]  ? mark_held_locks+0x130/0x130
[ 1221.556569]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1221.556583]  ? perf_trace_lock+0x7a0/0x7a0
[ 1221.556599]  ? task_will_free_mem+0x239/0xb30
[ 1221.579966]  ? ___ratelimit+0x36f/0x655
[ 1221.583947]  ? lock_downgrade+0x900/0x900
[ 1221.588098]  ? trace_hardirqs_on+0xbd/0x310
[ 1221.592411]  ? kasan_check_read+0x11/0x20
[ 1221.596545]  ? ___ratelimit+0x36f/0x655
[ 1221.600503]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1221.605941]  ? trace_hardirqs_on+0x310/0x310
[ 1221.610333]  ? lock_downgrade+0x900/0x900
[ 1221.614471]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1221.619561]  ? ___ratelimit+0xaa/0x655
[ 1221.623434]  ? idr_get_free+0xec0/0xec0
[ 1221.627390]  ? kasan_check_write+0x14/0x20
[ 1221.631616]  ? do_raw_spin_lock+0xc1/0x200
[ 1221.635838]  oom_kill_process.cold.27+0x10/0x903
[ 1221.640582]  ? kasan_check_write+0x14/0x20
[ 1221.644801]  ? do_raw_spin_lock+0xc1/0x200
[ 1221.649032]  ? oom_evaluate_task+0x540/0x540
[ 1221.653441]  ? cgroup_procs_next+0x70/0x70
[ 1221.657663]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1221.662147]  ? oom_badness+0xaa0/0xaa0
[ 1221.666023]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1221.670764]  ? mem_cgroup_iter_break+0x30/0x30
[ 1221.675338]  ? cgroup_file_notify+0x226/0x2f0
[ 1221.679822]  out_of_memory+0xa84/0x1430
[ 1221.683786]  ? kasan_check_read+0x11/0x20
[ 1221.687921]  ? oom_killer_disable+0x3a0/0x3a0
[ 1221.692406]  ? kasan_check_write+0x14/0x20
[ 1221.696627]  ? do_raw_spin_lock+0xc1/0x200
[ 1221.700854]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1221.705683]  ? memcg_memory_event+0x40/0x40
[ 1221.710181]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1221.715016]  ? page_counter_try_charge+0x1c1/0x220
[ 1221.719934]  try_charge+0xc43/0x1690
[ 1221.723638]  ? lock_downgrade+0x900/0x900
[ 1221.728290]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1221.734340]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1221.740125]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1221.745651]  ? should_fail+0x22d/0xd01
[ 1221.749529]  ? percpu_ref_tryget_live+0x168/0x460
[ 1221.754360]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1221.759201]  ? lock_downgrade+0x900/0x900
[ 1221.763338]  ? lock_release+0x970/0x970
[ 1221.767300]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1221.773083]  ? __kernel_text_address+0xd/0x40
[ 1221.777666]  ? __save_stack_trace+0x8d/0xf0
[ 1221.781982]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1221.786810]  ? fs_reclaim_acquire+0x20/0x20
[ 1221.791120]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1221.795776]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1221.800258]  ? entry_INT80_compat+0x74/0x7e
[ 1221.804574]  memcg_kmem_charge+0x135/0x300
[ 1221.808797]  __alloc_pages_nodemask+0x72e/0xde0
[ 1221.813459]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1221.818465]  ? percpu_ref_put_many+0x13e/0x260
[ 1221.823033]  ? trace_hardirqs_on+0xbd/0x310
[ 1221.827340]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1221.832689]  ? kasan_kmalloc+0xc7/0xe0
[ 1221.836566]  ? kasan_slab_alloc+0x12/0x20
[ 1221.840700]  ? kmem_cache_alloc_node+0x303/0x730
[ 1221.845441]  ? kasan_check_write+0x14/0x20
[ 1221.849673]  ? do_raw_spin_lock+0xc1/0x200
[ 1221.853896]  copy_process+0xa09/0x8780
[ 1221.857769]  ? check_preemption_disabled+0x48/0x200
[ 1221.862771]  ? check_preemption_disabled+0x48/0x200
[ 1221.867781]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1221.873324]  ? check_preemption_disabled+0x48/0x200
[ 1221.878343]  ? native_load_gs_index+0x10/0x30
[ 1221.882829]  ? debug_smp_processor_id+0x1c/0x20
[ 1221.887486]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1221.892400]  ? perf_sched_cb_inc+0x350/0x350
[ 1221.897422]  ? __cleanup_sighand+0x70/0x70
[ 1221.901642]  ? lock_downgrade+0x900/0x900
[ 1221.905774]  ? finish_task_switch+0x1b5/0x900
[ 1221.910271]  ? trace_hardirqs_on+0xbd/0x310
[ 1221.914577]  ? kasan_check_read+0x11/0x20
[ 1221.918713]  ? finish_task_switch+0x1f5/0x900
[ 1221.923195]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1221.928643]  ? check_preemption_disabled+0x48/0x200
[ 1221.933652]  ? debug_smp_processor_id+0x1c/0x20
[ 1221.938308]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1221.943238]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1221.948935]  ? lock_downgrade+0x900/0x900
[ 1221.953069]  ? perf_trace_lock+0x7a0/0x7a0
[ 1221.957289]  ? mark_held_locks+0x130/0x130
[ 1221.961509]  ? trace_hardirqs_on+0xbd/0x310
[ 1221.965825]  ? kasan_check_read+0x11/0x20
[ 1221.969958]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1221.975657]  ? mark_held_locks+0x130/0x130
[ 1221.979879]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1221.985311]  ? kasan_check_write+0x14/0x20
[ 1221.989534]  ? mark_held_locks+0x130/0x130
[ 1221.993757]  ? check_preemption_disabled+0x48/0x200
[ 1221.998760]  ? debug_smp_processor_id+0x1c/0x20
[ 1222.003417]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1222.008331]  ? mark_held_locks+0x130/0x130
[ 1222.012552]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.018078]  ? check_preemption_disabled+0x48/0x200
[ 1222.023081]  ? debug_smp_processor_id+0x1c/0x20
[ 1222.027733]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1222.032752]  ? mark_held_locks+0x130/0x130
[ 1222.036973]  ? perf_trace_lock+0x7a0/0x7a0
[ 1222.041195]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1222.046199]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1222.050939]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.056475]  ? check_preemption_disabled+0x48/0x200
[ 1222.061479]  ? debug_smp_processor_id+0x1c/0x20
[ 1222.066144]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1222.071062]  ? lock_downgrade+0x900/0x900
[ 1222.075198]  ? perf_trace_lock+0x7a0/0x7a0
[ 1222.079683]  ? change_protection+0x1718/0x29a0
[ 1222.084249]  ? lock_downgrade+0x900/0x900
[ 1222.088388]  ? kasan_check_read+0x11/0x20
[ 1222.092522]  ? ___might_sleep+0x1ed/0x300
[ 1222.096656]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1222.101570]  ? arch_local_save_flags+0x40/0x40
[ 1222.106141]  ? kasan_check_write+0x14/0x20
[ 1222.110368]  ? do_raw_spin_lock+0xc1/0x200
[ 1222.114594]  ? perf_iterate_sb+0x189/0xc60
[ 1222.118814]  ? lock_downgrade+0x900/0x900
[ 1222.122959]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1222.128747]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.134274]  ? check_preemption_disabled+0x48/0x200
[ 1222.139293]  ? perf_iterate_sb+0x1b0/0xc60
[ 1222.143515]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1222.148433]  ? perf_event_comm_output+0x750/0x750
[ 1222.153261]  ? find_get_context.isra.94+0x730/0x730
[ 1222.158265]  ? validate_mm+0x386/0x630
[ 1222.162144]  ? lock_downgrade+0x900/0x900
[ 1222.166296]  ? kasan_check_read+0x11/0x20
[ 1222.170447]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1222.174842]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1222.179413]  ? kfree+0x1bf/0x230
[ 1222.182766]  ? perf_event_mmap+0x134/0x1350
[ 1222.187077]  ? perf_event_fork+0x30/0x30
[ 1222.191138]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.196663]  ? vma_set_page_prot+0x243/0x320
[ 1222.201058]  ? vma_wants_writenotify+0x510/0x510
[ 1222.205809]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1222.210125]  _do_fork+0x1cb/0x11d0
[ 1222.213651]  ? fork_idle+0x1d0/0x1d0
[ 1222.217358]  ? up_write+0x7b/0x220
[ 1222.220881]  ? up_read+0x110/0x110
[ 1222.224407]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1222.229935]  ? apparmor_file_mprotect+0xde/0x110
[ 1222.234680]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.240201]  ? security_file_mprotect+0x94/0xc0
[ 1222.244856]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1222.249168]  ? trace_hardirqs_off+0xb8/0x310
[ 1222.253560]  ? mprotect_fixup+0xc60/0xc60
[ 1222.257786]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1222.262363]  ? trace_hardirqs_on+0x310/0x310
[ 1222.266762]  ? trace_hardirqs_on+0xbd/0x310
[ 1222.271069]  ? entry_INT80_compat+0x74/0x7e
[ 1222.275376]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1222.280814]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1222.285820]  do_int80_syscall_32+0x1fe/0x890
[ 1222.290211]  ? entry_INT80_compat+0x6c/0x7e
[ 1222.294520]  ? do_syscall_64+0x820/0x820
[ 1222.298566]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1222.303393]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1222.308408]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1222.313415]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1222.318249]  entry_INT80_compat+0x74/0x7e
[ 1222.322392] RIP: 0023:0x8081a44
[ 1222.325666] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1222.344560] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1222.352254] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1222.359506] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1222.366760] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
15:25:32 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5450, &(0x7f0000000100))

15:25:32 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x89ffffff, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1222.374017] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1222.381270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:33 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:33 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0189436, &(0x7f0000000100))

[ 1222.421167] Task in /syz4 killed as a result of limit of /syz4
[ 1222.427721] memory: usage 204784kB, limit 204800kB, failcnt 296
[ 1222.434244] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1222.457412] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1222.488132] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:33 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xfffffffd}, 0x6)

15:25:33 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080)=0x1004)
r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x9, 0x80)
ioctl$TCSBRKP(r2, 0x5425, 0xf206)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x3f, 0x101002)
openat$cgroup_int(r3, &(0x7f00000000c0)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
ioctl$TIOCMSET(r2, 0x5418, &(0x7f0000000140)=0x400)

15:25:33 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x3, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:33 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:33 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4008550d, &(0x7f0000000100))

[ 1222.541116] Memory cgroup out of memory: Kill process 23825 (syz-executor4) score 160 or sacrifice child
[ 1222.551373] Killed process 23825 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:33 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x7, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1222.620252] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1222.653483] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1222.659138] CPU: 1 PID: 23869 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
15:25:33 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5421, &(0x7f0000000100))

[ 1222.666505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1222.666510] Call Trace:
[ 1222.666531]  dump_stack+0x1c4/0x2b4
[ 1222.666550]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1222.687269]  ? debug_smp_processor_id+0x1c/0x20
[ 1222.687287]  dump_header+0x27b/0xf72
[ 1222.695640]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.695656]  ? pagefault_out_of_memory+0x197/0x197
[ 1222.695674]  ? debug_smp_processor_id+0x1c/0x20
[ 1222.712597]  ? perf_trace_lock_acquire+0x15b/0x800
15:25:33 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2900000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1222.717535]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1222.722474]  ? perf_trace_lock+0x7a0/0x7a0
[ 1222.726707]  ? perf_trace_lock+0x7a0/0x7a0
[ 1222.726726]  ? debug_smp_processor_id+0x1c/0x20
[ 1222.726741]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1222.740546]  ? mark_held_locks+0x130/0x130
[ 1222.744786]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1222.750347]  ? perf_trace_lock+0x7a0/0x7a0
[ 1222.754597]  ? task_will_free_mem+0x239/0xb30
[ 1222.759109]  ? ___ratelimit+0x36f/0x655
[ 1222.763096]  ? lock_downgrade+0x900/0x900
15:25:33 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc020660b, &(0x7f0000000100))

15:25:33 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

[ 1222.767253]  ? trace_hardirqs_on+0xbd/0x310
[ 1222.771577]  ? kasan_check_read+0x11/0x20
[ 1222.775733]  ? ___ratelimit+0x36f/0x655
[ 1222.779740]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1222.785192]  ? trace_hardirqs_on+0x310/0x310
[ 1222.785207]  ? lock_downgrade+0x900/0x900
[ 1222.785225]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1222.785239]  ? ___ratelimit+0xaa/0x655
[ 1222.785251]  ? idr_get_free+0xec0/0xec0
[ 1222.785262]  ? kasan_check_write+0x14/0x20
[ 1222.785275]  ? do_raw_spin_lock+0xc1/0x200
[ 1222.785293]  oom_kill_process.cold.27+0x10/0x903
15:25:33 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)='/dev/kvm\x00', 0xfffffffffffffffc)
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000140)=<r2=>0x0)
ptrace$getsig(0x4202, r2, 0xfffffffffffffffc, &(0x7f0000000180))
keyctl$update(0x2, r1, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f00000002c0)=0xe8)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000300)=r4)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))

[ 1222.785316]  ? kasan_check_write+0x14/0x20
[ 1222.793843]  ? do_raw_spin_lock+0xc1/0x200
[ 1222.793862]  ? oom_evaluate_task+0x540/0x540
[ 1222.793879]  ? cgroup_procs_next+0x70/0x70
[ 1222.793894]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1222.793910]  ? oom_badness+0xaa0/0xaa0
[ 1222.815266]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1222.837051]  ? mem_cgroup_iter_break+0x30/0x30
[ 1222.845403]  ? cgroup_file_notify+0x226/0x2f0
[ 1222.845420]  out_of_memory+0xa84/0x1430
[ 1222.845433]  ? kasan_check_read+0x11/0x20
[ 1222.845449]  ? oom_killer_disable+0x3a0/0x3a0
[ 1222.871811]  ? kasan_check_write+0x14/0x20
[ 1222.876060]  ? do_raw_spin_lock+0xc1/0x200
[ 1222.880327]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1222.885177]  ? memcg_memory_event+0x40/0x40
[ 1222.889504]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1222.894841]  ? page_counter_try_charge+0x1c1/0x220
[ 1222.899780]  try_charge+0xc43/0x1690
[ 1222.903497]  ? lock_downgrade+0x900/0x900
[ 1222.907657]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1222.913725]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1222.919525]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1222.925054]  ? should_fail+0x22d/0xd01
[ 1222.928935]  ? percpu_ref_tryget_live+0x168/0x460
[ 1222.933791]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1222.938621]  ? lock_downgrade+0x900/0x900
[ 1222.942752]  ? lock_release+0x970/0x970
[ 1222.946715]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1222.952498]  ? __kernel_text_address+0xd/0x40
[ 1222.956984]  ? __save_stack_trace+0x8d/0xf0
[ 1222.961303]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1222.966142]  ? fs_reclaim_acquire+0x20/0x20
[ 1222.970456]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1222.975111]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1222.979614]  ? entry_INT80_compat+0x74/0x7e
[ 1222.983948]  memcg_kmem_charge+0x135/0x300
[ 1222.988175]  __alloc_pages_nodemask+0x72e/0xde0
[ 1222.992838]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1222.997847]  ? percpu_ref_put_many+0x13e/0x260
[ 1223.002414]  ? trace_hardirqs_on+0xbd/0x310
[ 1223.006731]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1223.012087]  ? kasan_kmalloc+0xc7/0xe0
[ 1223.015962]  ? kasan_slab_alloc+0x12/0x20
[ 1223.020097]  ? kmem_cache_alloc_node+0x303/0x730
[ 1223.024837]  ? kasan_check_write+0x14/0x20
[ 1223.029065]  ? do_raw_spin_lock+0xc1/0x200
[ 1223.033306]  copy_process+0xa09/0x8780
[ 1223.037184]  ? mark_held_locks+0x130/0x130
[ 1223.041410]  ? percpu_ref_get_many+0x121/0x240
[ 1223.045990]  ? lock_downgrade+0x900/0x900
[ 1223.050127]  ? __cleanup_sighand+0x70/0x70
[ 1223.054353]  ? bio_cur_bytes+0x1e0/0x1e0
[ 1223.058406]  ? mark_held_locks+0x130/0x130
[ 1223.062632]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.068157]  ? check_preemption_disabled+0x48/0x200
[ 1223.073162]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.077819]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.082734]  ? try_charge+0x112a/0x1690
[ 1223.086694]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.092219]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.096441]  ? mark_held_locks+0x130/0x130
[ 1223.100669]  ? mark_held_locks+0x130/0x130
[ 1223.104890]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.109117]  ? mark_held_locks+0x130/0x130
[ 1223.113338]  ? check_preemption_disabled+0x48/0x200
[ 1223.118342]  ? blk_init_request_from_bio+0x3c0/0x3c0
[ 1223.123431]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.128083]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.132997]  ? mark_held_locks+0x130/0x130
[ 1223.137223]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.142747]  ? check_preemption_disabled+0x48/0x200
[ 1223.147755]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.152410]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.157327]  ? mark_held_locks+0x130/0x130
[ 1223.161549]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.165775]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1223.170779]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1223.175520]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.181055]  ? check_preemption_disabled+0x48/0x200
[ 1223.186065]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.190731]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.195651]  ? lock_downgrade+0x900/0x900
[ 1223.199799]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.204025]  ? change_protection+0x1718/0x29a0
[ 1223.208597]  ? lock_downgrade+0x900/0x900
[ 1223.212732]  ? kasan_check_read+0x11/0x20
[ 1223.216871]  ? ___might_sleep+0x1ed/0x300
[ 1223.221003]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1223.225571]  ? arch_local_save_flags+0x40/0x40
[ 1223.230136]  ? kasan_check_write+0x14/0x20
[ 1223.234357]  ? do_raw_spin_lock+0xc1/0x200
[ 1223.238585]  ? perf_iterate_sb+0x189/0xc60
[ 1223.242804]  ? lock_downgrade+0x900/0x900
[ 1223.246944]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1223.252734]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.258257]  ? check_preemption_disabled+0x48/0x200
[ 1223.263281]  ? perf_iterate_sb+0x1b0/0xc60
[ 1223.267500]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1223.272418]  ? perf_event_comm_output+0x750/0x750
[ 1223.277248]  ? find_get_context.isra.94+0x730/0x730
[ 1223.282258]  ? validate_mm+0x386/0x630
[ 1223.286139]  ? lock_downgrade+0x900/0x900
[ 1223.290284]  ? kasan_check_read+0x11/0x20
[ 1223.294422]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1223.298820]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1223.303410]  ? kfree+0x1bf/0x230
[ 1223.306775]  ? perf_event_mmap+0x134/0x1350
[ 1223.311098]  ? perf_event_fork+0x30/0x30
[ 1223.315166]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.320687]  ? vma_set_page_prot+0x243/0x320
[ 1223.325082]  ? vma_wants_writenotify+0x510/0x510
[ 1223.329835]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1223.334152]  _do_fork+0x1cb/0x11d0
[ 1223.337681]  ? fork_idle+0x1d0/0x1d0
[ 1223.341394]  ? up_write+0x7b/0x220
[ 1223.344919]  ? up_read+0x110/0x110
[ 1223.348447]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1223.353969]  ? apparmor_file_mprotect+0xde/0x110
[ 1223.358713]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.364235]  ? security_file_mprotect+0x94/0xc0
[ 1223.368896]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1223.373209]  ? trace_hardirqs_off+0xb8/0x310
[ 1223.377600]  ? mprotect_fixup+0xc60/0xc60
[ 1223.381736]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1223.386313]  ? trace_hardirqs_on+0x310/0x310
[ 1223.390711]  ? trace_hardirqs_on+0xbd/0x310
[ 1223.395017]  ? entry_INT80_compat+0x74/0x7e
[ 1223.399329]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1223.404781]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1223.409788]  do_int80_syscall_32+0x1fe/0x890
[ 1223.414184]  ? entry_INT80_compat+0x6c/0x7e
[ 1223.418491]  ? do_syscall_64+0x820/0x820
[ 1223.422541]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1223.427368]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1223.432373]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1223.437380]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1223.442213]  entry_INT80_compat+0x74/0x7e
[ 1223.446348] RIP: 0023:0x8081a44
[ 1223.449620] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1223.468505] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1223.476202] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1223.483454] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1223.490711] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1223.497964] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1223.505217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1223.548564] Task in /syz4 killed as a result of limit of /syz4
[ 1223.555030] memory: usage 204708kB, limit 204800kB, failcnt 316
[ 1223.561291] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1223.579554] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:34 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x400000000000000}, 0x6)

15:25:34 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x1000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:34 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:34 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x2, &(0x7f0000000100))

15:25:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x22000, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r2, 0x111, 0x4, 0x1, 0x4)
ioctl$VT_ACTIVATE(r2, 0x5606, 0x4)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffb)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x807c6406, &(0x7f00000000c0)=""/193)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:34 executing program 1:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$sock_ifreq(r0, 0x8929, &(0x7f0000000080)={'ip6gre0\x00', @ifru_names='sit0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000000c0)={0x400, 0x2, 0x6})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)

[ 1223.591822] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1223.614509] Memory cgroup out of memory: Kill process 23869 (syz-executor4) score 160 or sacrifice child
[ 1223.624653] Killed process 23869 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1223.636084] oom_reaper: reaped process 23869 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:34 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xe02000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:34 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5452, &(0x7f0000000100))

15:25:34 executing program 1:
openat$fuse(0xffffffffffffff9c, &(0x7f0000000380)='/dev/fuse\x00', 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast1}}, &(0x7f0000000180)=0xe8)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@dev, @in6=@ipv4={[], [], @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{}, 0x0, @in6=@local}}, &(0x7f00000002c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r4=>0x0}, &(0x7f0000000340)=0xc)
setresuid(r2, r3, r4)

15:25:34 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:34 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x402c5828, &(0x7f0000000100))

[ 1223.752171] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1223.787960] syz-executor4 cpuset=syz4 mems_allowed=0
15:25:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000080)=0x3)

[ 1223.838153] CPU: 1 PID: 23912 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1223.845563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1223.854916] Call Trace:
[ 1223.857504]  dump_stack+0x1c4/0x2b4
[ 1223.861131]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1223.866320]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.870982]  dump_header+0x27b/0xf72
[ 1223.874695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.880228]  ? pagefault_out_of_memory+0x197/0x197
[ 1223.885241]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.889895]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.895248]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.900170]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.904391]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.908611]  ? debug_smp_processor_id+0x1c/0x20
[ 1223.913264]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1223.918178]  ? mark_held_locks+0x130/0x130
[ 1223.922399]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1223.927926]  ? perf_trace_lock+0x7a0/0x7a0
[ 1223.932148]  ? task_will_free_mem+0x239/0xb30
[ 1223.936637]  ? ___ratelimit+0x36f/0x655
[ 1223.940596]  ? lock_downgrade+0x900/0x900
[ 1223.944731]  ? trace_hardirqs_on+0xbd/0x310
[ 1223.949038]  ? kasan_check_read+0x11/0x20
[ 1223.953182]  ? ___ratelimit+0x36f/0x655
[ 1223.957144]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1223.962578]  ? trace_hardirqs_on+0x310/0x310
[ 1223.966995]  ? lock_downgrade+0x900/0x900
[ 1223.971131]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1223.976236]  ? ___ratelimit+0xaa/0x655
[ 1223.980110]  ? idr_get_free+0xec0/0xec0
[ 1223.984077]  ? kasan_check_write+0x14/0x20
[ 1223.988298]  ? do_raw_spin_lock+0xc1/0x200
[ 1223.992578]  oom_kill_process.cold.27+0x10/0x903
[ 1223.997325]  ? kasan_check_write+0x14/0x20
[ 1224.001549]  ? do_raw_spin_lock+0xc1/0x200
[ 1224.005773]  ? oom_evaluate_task+0x540/0x540
[ 1224.010170]  ? cgroup_procs_next+0x70/0x70
[ 1224.014392]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1224.018871]  ? oom_badness+0xaa0/0xaa0
[ 1224.022747]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1224.027493]  ? mem_cgroup_iter_break+0x30/0x30
[ 1224.032068]  ? cgroup_file_notify+0x226/0x2f0
[ 1224.036550]  out_of_memory+0xa84/0x1430
[ 1224.040511]  ? kasan_check_read+0x11/0x20
[ 1224.044646]  ? oom_killer_disable+0x3a0/0x3a0
[ 1224.049126]  ? kasan_check_write+0x14/0x20
[ 1224.053346]  ? do_raw_spin_lock+0xc1/0x200
[ 1224.057576]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1224.062404]  ? memcg_memory_event+0x40/0x40
[ 1224.066713]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1224.071459]  ? page_counter_try_charge+0x1c1/0x220
[ 1224.076379]  try_charge+0xc43/0x1690
[ 1224.080083]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1224.085175]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1224.091220]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1224.096052]  ? lock_downgrade+0x900/0x900
[ 1224.100188]  ? lock_release+0x970/0x970
[ 1224.104156]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1224.109949]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1224.114783]  ? mem_cgroup_can_attach+0x580/0x580
[ 1224.119535]  ? memcg_kmem_charge+0x1c2/0x300
[ 1224.123936]  ? __might_sleep+0x95/0x190
[ 1224.127900]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1224.132472]  ? mem_cgroup_protected+0xa60/0xa60
[ 1224.137134]  ? __pte_alloc+0x1c7/0x350
[ 1224.141012]  ? kasan_check_read+0x11/0x20
[ 1224.145147]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1224.149545]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1224.154115]  ? kasan_check_write+0x14/0x20
[ 1224.158335]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1224.163859]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1224.168777]  __handle_mm_fault+0x273a/0x53e0
[ 1224.173181]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1224.178029]  ? lock_acquire+0x1ed/0x520
[ 1224.182002]  ? handle_mm_fault+0x42a/0xc70
[ 1224.186227]  ? lock_downgrade+0x900/0x900
[ 1224.190364]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1224.196150]  ? __do_page_fault+0x67d/0xed0
[ 1224.200369]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1224.205808]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1224.211332]  ? check_preemption_disabled+0x48/0x200
[ 1224.216341]  handle_mm_fault+0x54f/0xc70
[ 1224.220397]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1224.224972]  ? find_vma+0x34/0x190
[ 1224.228500]  __do_page_fault+0x67d/0xed0
[ 1224.232562]  ? mm_fault_error+0x380/0x380
[ 1224.236695]  ? trace_hardirqs_on+0x310/0x310
[ 1224.241092]  do_page_fault+0xf2/0x7e0
[ 1224.244881]  ? vmalloc_sync_all+0x30/0x30
[ 1224.249013]  ? error_entry+0x70/0xd0
[ 1224.252712]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1224.257711]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1224.262625]  ? do_syscall_64+0x820/0x820
[ 1224.266674]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1224.271503]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1224.276503]  ? trace_hardirqs_off+0x310/0x310
[ 1224.280988]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1224.286510]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1224.291514]  ? page_fault+0x8/0x30
[ 1224.295042]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1224.299871]  ? page_fault+0x8/0x30
[ 1224.303402]  page_fault+0x1e/0x30
[ 1224.306861] RIP: 0023:0x806a9d6
[ 1224.310128] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1224.329015] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1224.334364] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1224.341616] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1224.348881] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1224.356133] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1224.363386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1224.406827] Task in /syz4 killed as a result of limit of /syz4
[ 1224.430841] memory: usage 204800kB, limit 204800kB, failcnt 358
[ 1224.446020] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1224.457104] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1224.463780] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1224.485814] Memory cgroup out of memory: Kill process 23912 (syz-executor4) score 161 or sacrifice child
[ 1224.497004] Killed process 23912 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:35 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x40020000}, 0x6)

15:25:35 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2202000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:35 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:35 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x2041)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000040)={0x1, 0x6, [@broadcast, @broadcast, @remote, @empty, @link_local, @remote]})

15:25:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
poll(&(0x7f0000000080)=[{r0, 0x4000}, {r0, 0x100}, {r0, 0x10}, {r0, 0x30b0}, {r0}, {r0, 0x40}], 0x6, 0x6900000000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1224.509789] oom_reaper: reaped process 23912 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:35 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xb000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:35 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000002940)=[{&(0x7f0000000580)=""/213, 0xd5}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/134, 0x86}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000500)=""/30, 0x1e}, {&(0x7f0000002740)=""/248, 0xf8}, {&(0x7f0000002840)=""/239, 0xef}], 0x7, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x40000, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x40000, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000400)=0x6000)
ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e05411, &(0x7f00000000c0)=""/137)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
fsetxattr$trusted_overlay_upper(r1, &(0x7f00000004c0)='trusted.overlay.upper\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="00fb2a030047dc74900974c223085ecfff6b4781478d35148e8546f68fc9695200d6e6cc3f296777e0ccb7fbb9c9f2bd93e1b78967"], 0x2a, 0x3)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000440)='/dev/rtc0\x00', 0x2, 0x0)
ioctl$FS_IOC_GETFLAGS(r4, 0x80046601, &(0x7f0000000480))
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@dev}, 0x0, @in=@remote}}, &(0x7f00000002c0)=0xe8)
fsetxattr$security_capability(r3, &(0x7f0000000180)='security.capability\x00', &(0x7f0000000300)=@v3={0x3000000, [{0x80000001, 0x4}, {0x9, 0x7}], r5}, 0x18, 0x3)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000340)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f00000003c0)=0x14)

[ 1224.605300] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1224.675782] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1224.683524] CPU: 0 PID: 23943 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1224.690911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1224.700259] Call Trace:
[ 1224.700280]  dump_stack+0x1c4/0x2b4
[ 1224.700299]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1224.706482]  ? debug_smp_processor_id+0x1c/0x20
[ 1224.716308]  dump_header+0x27b/0xf72
[ 1224.720032]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1224.725573]  ? pagefault_out_of_memory+0x197/0x197
[ 1224.730731]  ? debug_smp_processor_id+0x1c/0x20
[ 1224.735406]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1224.740341]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1224.740363]  ? perf_trace_lock+0x7a0/0x7a0
[ 1224.749511]  ? perf_trace_lock+0x7a0/0x7a0
[ 1224.753744]  ? debug_smp_processor_id+0x1c/0x20
[ 1224.758404]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1224.763326]  ? mark_held_locks+0x130/0x130
[ 1224.767572]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1224.773098]  ? perf_trace_lock+0x7a0/0x7a0
[ 1224.777320]  ? task_will_free_mem+0x239/0xb30
[ 1224.781810]  ? ___ratelimit+0x36f/0x655
[ 1224.785789]  ? lock_downgrade+0x900/0x900
[ 1224.789928]  ? trace_hardirqs_on+0xbd/0x310
[ 1224.794233]  ? kasan_check_read+0x11/0x20
[ 1224.798369]  ? ___ratelimit+0x36f/0x655
[ 1224.802338]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1224.807786]  ? trace_hardirqs_on+0x310/0x310
[ 1224.812184]  ? lock_downgrade+0x900/0x900
[ 1224.816321]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1224.821410]  ? ___ratelimit+0xaa/0x655
[ 1224.825304]  ? idr_get_free+0xec0/0xec0
[ 1224.829264]  ? kasan_check_write+0x14/0x20
[ 1224.833484]  ? do_raw_spin_lock+0xc1/0x200
[ 1224.837711]  oom_kill_process.cold.27+0x10/0x903
[ 1224.842453]  ? kasan_check_write+0x14/0x20
[ 1224.846675]  ? do_raw_spin_lock+0xc1/0x200
[ 1224.850901]  ? oom_evaluate_task+0x540/0x540
[ 1224.855301]  ? cgroup_procs_next+0x70/0x70
[ 1224.859524]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1224.864004]  ? oom_badness+0xaa0/0xaa0
[ 1224.867878]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1224.872629]  ? mem_cgroup_iter_break+0x30/0x30
[ 1224.877207]  ? cgroup_file_notify+0x226/0x2f0
[ 1224.881691]  out_of_memory+0xa84/0x1430
[ 1224.885653]  ? kasan_check_read+0x11/0x20
[ 1224.889787]  ? oom_killer_disable+0x3a0/0x3a0
[ 1224.894669]  ? kasan_check_write+0x14/0x20
[ 1224.898891]  ? do_raw_spin_lock+0xc1/0x200
[ 1224.903121]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1224.907958]  ? memcg_memory_event+0x40/0x40
[ 1224.912268]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1224.917014]  ? page_counter_try_charge+0x1c1/0x220
[ 1224.921935]  try_charge+0xc43/0x1690
[ 1224.925636]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1224.930727]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1224.936771]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1224.941598]  ? lock_downgrade+0x900/0x900
[ 1224.945733]  ? lock_release+0x970/0x970
[ 1224.949694]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1224.955485]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1224.960314]  ? mem_cgroup_can_attach+0x580/0x580
[ 1224.965069]  ? memcg_kmem_charge+0x1c2/0x300
[ 1224.969467]  ? __might_sleep+0x95/0x190
[ 1224.973441]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1224.978013]  ? mem_cgroup_protected+0xa60/0xa60
[ 1224.982674]  ? __pte_alloc+0x1c7/0x350
[ 1224.986555]  ? kasan_check_read+0x11/0x20
[ 1224.990691]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1224.995089]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1224.999657]  ? kasan_check_write+0x14/0x20
[ 1225.003877]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1225.009410]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1225.014339]  __handle_mm_fault+0x273a/0x53e0
[ 1225.018740]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1225.023666]  ? lock_acquire+0x1ed/0x520
[ 1225.027628]  ? handle_mm_fault+0x42a/0xc70
[ 1225.031858]  ? lock_downgrade+0x900/0x900
[ 1225.035998]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1225.041785]  ? __do_page_fault+0x67d/0xed0
[ 1225.046016]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1225.051451]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1225.056975]  ? check_preemption_disabled+0x48/0x200
[ 1225.061979]  handle_mm_fault+0x54f/0xc70
[ 1225.066034]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1225.070603]  ? find_vma+0x34/0x190
[ 1225.074141]  __do_page_fault+0x67d/0xed0
[ 1225.078195]  ? mm_fault_error+0x380/0x380
[ 1225.082339]  ? trace_hardirqs_on+0x310/0x310
[ 1225.086741]  ? entry_INT80_compat+0x74/0x7e
[ 1225.091052]  do_page_fault+0xf2/0x7e0
[ 1225.094838]  ? vmalloc_sync_all+0x30/0x30
[ 1225.098970]  ? error_entry+0x70/0xd0
[ 1225.102669]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1225.107671]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1225.112587]  ? do_syscall_64+0x820/0x820
[ 1225.116633]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1225.121460]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1225.126557]  ? trace_hardirqs_off+0x310/0x310
[ 1225.131558]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1225.137082]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1225.142082]  ? page_fault+0x8/0x30
[ 1225.145612]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1225.150443]  ? page_fault+0x8/0x30
[ 1225.153969]  page_fault+0x1e/0x30
[ 1225.157406] RIP: 0023:0x806a9d6
15:25:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0x2000)

15:25:35 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2b00, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:35 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

[ 1225.160672] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1225.179643] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1225.184991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1225.192243] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1225.199757] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1225.207011] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1225.214265] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:36 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup(r1, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$get_security(0x11, r2, &(0x7f0000000140)=""/246, 0xf6)
r3 = epoll_create1(0x80000)
epoll_wait(r3, &(0x7f0000000240)=[{}, {}, {}, {}, {}, {}], 0x6, 0x7ff)

[ 1225.292586] Task in /syz4 killed as a result of limit of /syz4
[ 1225.298849] memory: usage 204800kB, limit 204800kB, failcnt 390
[ 1225.314218] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1225.327555] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1225.333956] Memory cgroup stats for /syz4: cache:152KB rss:68KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1225.355833] Memory cgroup out of memory: Kill process 23943 (syz-executor4) score 161 or sacrifice child
[ 1225.369405] Killed process 23943 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:36 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x11000000}, 0x6)

15:25:36 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:36 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1225.383292] oom_reaper: reaped process 23943 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
15:25:36 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={<r1=>0x0, 0x2}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000080)={r1, 0x9ca7, 0x3f}, 0x8)

15:25:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1225.444975] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1225.461962] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1225.467481] CPU: 0 PID: 23977 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1225.474847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1225.484194] Call Trace:
[ 1225.484217]  dump_stack+0x1c4/0x2b4
[ 1225.484235]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1225.484252]  ? debug_smp_processor_id+0x1c/0x20
[ 1225.484270]  dump_header+0x27b/0xf72
[ 1225.504085]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1225.509645]  ? pagefault_out_of_memory+0x197/0x197
[ 1225.514583]  ? debug_smp_processor_id+0x1c/0x20
[ 1225.519253]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1225.524178]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1225.524197]  ? perf_trace_lock+0x7a0/0x7a0
[ 1225.524208]  ? perf_trace_lock+0x7a0/0x7a0
[ 1225.524227]  ? debug_smp_processor_id+0x1c/0x20
[ 1225.533352]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1225.533371]  ? mark_held_locks+0x130/0x130
[ 1225.533386]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1225.533402]  ? perf_trace_lock+0x7a0/0x7a0
[ 1225.561122]  ? task_will_free_mem+0x239/0xb30
[ 1225.565613]  ? ___ratelimit+0x36f/0x655
[ 1225.569578]  ? lock_downgrade+0x900/0x900
[ 1225.573823]  ? trace_hardirqs_on+0xbd/0x310
[ 1225.578131]  ? kasan_check_read+0x11/0x20
[ 1225.582264]  ? ___ratelimit+0x36f/0x655
[ 1225.586226]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1225.591664]  ? trace_hardirqs_on+0x310/0x310
[ 1225.596058]  ? lock_downgrade+0x900/0x900
[ 1225.600202]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1225.605295]  ? ___ratelimit+0xaa/0x655
[ 1225.609172]  ? idr_get_free+0xec0/0xec0
[ 1225.613134]  ? kasan_check_write+0x14/0x20
[ 1225.617403]  ? do_raw_spin_lock+0xc1/0x200
[ 1225.621629]  oom_kill_process.cold.27+0x10/0x903
[ 1225.626373]  ? kasan_check_write+0x14/0x20
[ 1225.630594]  ? do_raw_spin_lock+0xc1/0x200
[ 1225.634820]  ? oom_evaluate_task+0x540/0x540
[ 1225.639216]  ? cgroup_procs_next+0x70/0x70
[ 1225.643438]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1225.647921]  ? oom_badness+0xaa0/0xaa0
[ 1225.651797]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1225.656543]  ? mem_cgroup_iter_break+0x30/0x30
[ 1225.661120]  ? cgroup_file_notify+0x226/0x2f0
[ 1225.665606]  out_of_memory+0xa84/0x1430
[ 1225.669568]  ? kasan_check_read+0x11/0x20
[ 1225.673703]  ? oom_killer_disable+0x3a0/0x3a0
[ 1225.678184]  ? kasan_check_write+0x14/0x20
[ 1225.682408]  ? do_raw_spin_lock+0xc1/0x200
[ 1225.686634]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1225.691465]  ? memcg_memory_event+0x40/0x40
[ 1225.695772]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1225.700517]  ? page_counter_try_charge+0x1c1/0x220
[ 1225.705438]  try_charge+0xc43/0x1690
[ 1225.709141]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1225.714234]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1225.720280]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1225.725121]  ? lock_downgrade+0x900/0x900
[ 1225.730719]  ? lock_release+0x970/0x970
[ 1225.734686]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1225.740480]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1225.745309]  ? mem_cgroup_can_attach+0x580/0x580
[ 1225.750050]  ? memcg_kmem_charge+0x1c2/0x300
[ 1225.754465]  ? __might_sleep+0x95/0x190
[ 1225.758429]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1225.763004]  ? mem_cgroup_protected+0xa60/0xa60
[ 1225.767665]  ? __pte_alloc+0x1c7/0x350
[ 1225.771541]  ? kasan_check_read+0x11/0x20
[ 1225.775691]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1225.780094]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1225.784662]  ? kasan_check_write+0x14/0x20
[ 1225.788883]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1225.794411]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1225.799331]  __handle_mm_fault+0x273a/0x53e0
[ 1225.803737]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1225.808577]  ? lock_acquire+0x1ed/0x520
[ 1225.812543]  ? handle_mm_fault+0x42a/0xc70
[ 1225.816778]  ? lock_downgrade+0x900/0x900
[ 1225.820916]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1225.826702]  ? __do_page_fault+0x67d/0xed0
[ 1225.830927]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1225.836363]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1225.841890]  ? check_preemption_disabled+0x48/0x200
[ 1225.846895]  handle_mm_fault+0x54f/0xc70
[ 1225.850948]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1225.855519]  ? find_vma+0x34/0x190
[ 1225.859046]  __do_page_fault+0x67d/0xed0
[ 1225.863103]  ? mm_fault_error+0x380/0x380
[ 1225.867240]  ? trace_hardirqs_on+0x310/0x310
[ 1225.871637]  ? entry_INT80_compat+0x74/0x7e
[ 1225.875957]  do_page_fault+0xf2/0x7e0
[ 1225.879745]  ? vmalloc_sync_all+0x30/0x30
[ 1225.883878]  ? error_entry+0x70/0xd0
[ 1225.887581]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1225.892581]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1225.897498]  ? do_syscall_64+0x820/0x820
[ 1225.901557]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1225.906385]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1225.911385]  ? trace_hardirqs_off+0x310/0x310
[ 1225.915867]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1225.920870]  ? page_fault+0x8/0x30
[ 1225.924400]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1225.929229]  ? page_fault+0x8/0x30
[ 1225.932753]  page_fault+0x1e/0x30
[ 1225.936195] RIP: 0023:0x804848a
[ 1225.939462] Code: 0f b6 c0 d3 e0 09 d0 88 06 e9 a7 01 00 00 8b 44 24 10 8b 54 24 14 0b 44 24 18 0b 54 24 1c 09 c2 75 10 8b 44 24 28 8b 74 24 20 <66> 89 30 e9 83 01 00 00 8a 4c 24 18 31 c0 8b 7c 24 28 f6 c1 20 0f
[ 1225.958348] RSP: 002b:000000000845fbd0 EFLAGS: 00010246
[ 1225.963697] RAX: 0000000020e68000 RBX: 0000000000000000 RCX: 000000003dd6315d
[ 1225.970949] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 1225.978288] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1225.985543] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
15:25:36 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x3c, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

[ 1225.992798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1226.010660] Task in /syz4 killed as a result of limit of /syz4
[ 1226.026539] memory: usage 204796kB, limit 204800kB, failcnt 408
[ 1226.037372] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:37 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x3000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:37 executing program 1:
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000100)=<r0=>0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x10040, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x8, 0x200, 0x5, 0x10000, 0x0, 0x8001, 0x2, 0x4, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x1f, 0xfdf, 0x81, 0x0, 0xff, 0x200, 0x20, 0x100, 0x38f, 0x2, 0x0, 0x10001, 0x8001, 0xffffffffffffffff, 0x4, 0xf6d, 0xfa7, 0x95d1, 0xf1e7, 0x6, 0x7f, 0xfffffffffffffffe, 0xfffffffffffff96f, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x400, 0x0, 0x2, 0x5, 0x9, 0x800, 0x6}, r0, 0x1, r1, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))

[ 1226.051690] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1226.058091] Memory cgroup stats for /syz4: cache:152KB rss:200KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1226.079451] Memory cgroup out of memory: Kill process 23977 (syz-executor4) score 161 or sacrifice child
15:25:37 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xe02, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:37 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xf4010000}, 0x6)

[ 1226.122231] Killed process 23977 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0xfffffffffffffffc, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x400, 0x88000)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x4000000007fe, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffe)
signalfd4(r0, &(0x7f0000000000)={0x2}, 0x8, 0x80800)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1226.218645] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1226.279736] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1226.315647] CPU: 1 PID: 24012 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1226.323061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1226.332420] Call Trace:
[ 1226.335022]  dump_stack+0x1c4/0x2b4
[ 1226.338676]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1226.343879]  ? debug_smp_processor_id+0x1c/0x20
[ 1226.343901]  dump_header+0x27b/0xf72
[ 1226.343922]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1226.352278]  ? pagefault_out_of_memory+0x197/0x197
[ 1226.362743]  ? debug_smp_processor_id+0x1c/0x20
[ 1226.367424]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1226.372360]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1226.377290]  ? perf_trace_lock+0x7a0/0x7a0
[ 1226.381511]  ? perf_trace_lock+0x7a0/0x7a0
[ 1226.385734]  ? debug_smp_processor_id+0x1c/0x20
[ 1226.390391]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1226.395306]  ? mark_held_locks+0x130/0x130
[ 1226.399523]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1226.405053]  ? perf_trace_lock+0x7a0/0x7a0
[ 1226.409270]  ? task_will_free_mem+0x239/0xb30
[ 1226.413891]  ? ___ratelimit+0x36f/0x655
[ 1226.417857]  ? lock_downgrade+0x900/0x900
[ 1226.422026]  ? trace_hardirqs_on+0xbd/0x310
[ 1226.426417]  ? kasan_check_read+0x11/0x20
[ 1226.430551]  ? ___ratelimit+0x36f/0x655
[ 1226.434509]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1226.439944]  ? trace_hardirqs_on+0x310/0x310
[ 1226.444335]  ? lock_downgrade+0x900/0x900
[ 1226.448471]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1226.453560]  ? ___ratelimit+0xaa/0x655
[ 1226.457432]  ? idr_get_free+0xec0/0xec0
[ 1226.461389]  ? kasan_check_write+0x14/0x20
[ 1226.465644]  ? do_raw_spin_lock+0xc1/0x200
[ 1226.469878]  oom_kill_process.cold.27+0x10/0x903
[ 1226.474616]  ? kasan_check_write+0x14/0x20
[ 1226.478854]  ? do_raw_spin_lock+0xc1/0x200
[ 1226.483085]  ? oom_evaluate_task+0x540/0x540
[ 1226.487478]  ? cgroup_procs_next+0x70/0x70
[ 1226.491695]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1226.496171]  ? oom_badness+0xaa0/0xaa0
[ 1226.500049]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1226.504800]  ? mem_cgroup_iter_break+0x30/0x30
[ 1226.509373]  ? cgroup_file_notify+0x226/0x2f0
[ 1226.513850]  out_of_memory+0xa84/0x1430
[ 1226.517812]  ? kasan_check_read+0x11/0x20
[ 1226.521944]  ? oom_killer_disable+0x3a0/0x3a0
[ 1226.526421]  ? kasan_check_write+0x14/0x20
[ 1226.530643]  ? do_raw_spin_lock+0xc1/0x200
[ 1226.534866]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1226.539701]  ? memcg_memory_event+0x40/0x40
[ 1226.544021]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1226.548945]  ? page_counter_try_charge+0x1c1/0x220
[ 1226.553873]  try_charge+0xc43/0x1690
[ 1226.557576]  ? ___might_sleep+0x1ed/0x300
[ 1226.561712]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1226.567754]  ? kasan_kmalloc+0xc7/0xe0
[ 1226.571631]  ? kmem_cache_alloc_node_trace+0x305/0x740
[ 1226.576891]  ? kasan_unpoison_shadow+0x35/0x50
[ 1226.581454]  ? kasan_kmalloc+0xc7/0xe0
[ 1226.585327]  ? __kmalloc_node_track_caller+0x47/0x70
[ 1226.590415]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1226.595941]  ? sk_forced_mem_schedule+0x13b/0x170
[ 1226.600789]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1226.606224]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1226.611743]  ? check_preemption_disabled+0x48/0x200
[ 1226.616746]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1226.621485]  ? mem_cgroup_sk_free+0x90/0x90
[ 1226.625794]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1226.631329]  ? tcp_chrono_stop+0x25f/0x520
[ 1226.635572]  sk_forced_mem_schedule+0x13b/0x170
[ 1226.640230]  sk_stream_alloc_skb+0x1ab/0x970
[ 1226.644637]  ? tcp_init_transfer+0x470/0x470
[ 1226.649030]  ? inet_twsk_free+0x135/0x190
[ 1226.653175]  ? tcp_close+0x1300/0x1300
[ 1226.657071]  tcp_connect+0x1283/0x4690
[ 1226.660952]  ? tcp_push_one+0x110/0x110
[ 1226.664916]  ? __sanitizer_cov_trace_cmp2+0x7/0x20
[ 1226.669849]  ? check_preemption_disabled+0x48/0x200
[ 1226.674858]  ? __inet_hash_connect+0x33d/0xfb0
[ 1226.679425]  ? do_ip_setsockopt.isra.14+0x2980/0x3e40
[ 1226.684599]  ? __local_bh_enable_ip+0x160/0x260
[ 1226.689253]  ? __inet_hash_connect+0x385/0xfb0
[ 1226.693845]  ? trace_hardirqs_on+0xbd/0x310
[ 1226.698175]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1226.703695]  ? inet_sk_state_store+0x126/0x570
[ 1226.708260]  ? inet_hash+0xb0/0xb0
[ 1226.711792]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1226.717580]  ? tcp_set_state+0x270/0x9d0
[ 1226.721627]  ? ip_route_output_key_hash+0x297/0x3b0
[ 1226.726625]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1226.732172]  ? tcp_fastopen_cookie_check+0x330/0x330
[ 1226.737274]  ? secure_tcp_ts_off+0xe6/0x1a0
[ 1226.741594]  ? secure_ipv6_port_ephemeral+0x2f0/0x2f0
[ 1226.746776]  ? check_preemption_disabled+0x48/0x200
[ 1226.751780]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1226.757304]  ? sk_setup_caps+0x209/0x690
[ 1226.761353]  tcp_v4_connect+0x1996/0x1dd0
[ 1226.765491]  ? tcp_v4_parse_md5_keys+0x340/0x340
[ 1226.770241]  __inet_stream_connect+0x992/0x1150
[ 1226.774909]  ? ___might_sleep+0x1ed/0x300
[ 1226.779055]  ? inet_dgram_connect+0x2e0/0x2e0
[ 1226.783533]  ? tcp_sendmsg_locked+0x32f9/0x3f00
[ 1226.788188]  ? kasan_unpoison_shadow+0x35/0x50
[ 1226.792751]  ? kasan_kmalloc+0xc7/0xe0
[ 1226.796630]  ? kmem_cache_alloc_trace+0x31f/0x750
[ 1226.801464]  tcp_sendmsg_locked+0x2bf2/0x3f00
[ 1226.805944]  ? debug_smp_processor_id+0x1c/0x20
[ 1226.810606]  ? __fget+0x4aa/0x740
[ 1226.814049]  ? perf_trace_lock+0x7a0/0x7a0
[ 1226.818271]  ? tcp_sendpage+0x60/0x60
[ 1226.822060]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1226.827583]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1226.831886]  ? aa_profile_af_perm+0x410/0x410
[ 1226.836369]  ? ksys_dup3+0x680/0x680
[ 1226.840075]  ? lock_acquire+0x1ed/0x520
[ 1226.844034]  ? tcp_sendmsg+0x21/0x50
[ 1226.847732]  ? trace_hardirqs_on+0xbd/0x310
[ 1226.852039]  ? lock_release+0x970/0x970
[ 1226.856004]  ? lock_sock_nested+0xe2/0x120
[ 1226.860223]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1226.865673]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1226.871218]  ? check_preemption_disabled+0x48/0x200
[ 1226.876220]  ? lock_sock_nested+0x9a/0x120
[ 1226.880439]  ? lock_sock_nested+0x9a/0x120
[ 1226.884666]  ? __local_bh_enable_ip+0x160/0x260
[ 1226.889350]  tcp_sendmsg+0x2f/0x50
[ 1226.892895]  inet_sendmsg+0x1a1/0x690
[ 1226.896691]  ? ipip_gro_receive+0x100/0x100
[ 1226.901020]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1226.905771]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1226.911291]  ? security_socket_sendmsg+0x94/0xc0
[ 1226.916045]  ? ipip_gro_receive+0x100/0x100
[ 1226.920355]  sock_sendmsg+0xd5/0x120
[ 1226.924052]  __sys_sendto+0x3d7/0x670
[ 1226.927841]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1226.932496]  ? arch_local_save_flags+0x40/0x40
[ 1226.937064]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1226.942519]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1226.948039]  ? compat_put_timespec64+0x110/0x280
[ 1226.952777]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1226.957513]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1226.962434]  ? trace_hardirqs_on+0xbd/0x310
[ 1226.966771]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1226.972313]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1226.976895]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1226.982334]  __ia32_sys_sendto+0xdf/0x1a0
[ 1226.986469]  do_fast_syscall_32+0x34d/0xfb2
[ 1226.990792]  ? do_int80_syscall_32+0x890/0x890
[ 1226.995364]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1226.999931]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1227.004932]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1227.009780]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1227.014790]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1227.019800]  ? recalc_sigpending_tsk+0x180/0x180
[ 1227.024537]  ? kasan_check_write+0x14/0x20
[ 1227.028766]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1227.033598]  entry_SYSENTER_compat+0x70/0x7f
[ 1227.037994] RIP: 0023:0xf7f56ca9
[ 1227.041345] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1227.060336] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1227.068028] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 1227.075278] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000020e68000
[ 1227.082530] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[ 1227.089785] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1227.097038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1227.105945] Task in /syz4 killed as a result of limit of /syz4
[ 1227.112038] memory: usage 204800kB, limit 204800kB, failcnt 457
15:25:38 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x0, 0x0, 0x10001, 0x0, 0xe368})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x201, 0x0)
syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1, 0x202040)

15:25:38 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0})

15:25:38 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x4, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:38 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000500)='net/raw\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x2, 0x2000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2)
io_setup(0x8, &(0x7f0000000100)=<r2=>0x0)
io_getevents(r2, 0xa34, 0xa, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000280)={0x77359400})
ioctl$KVM_SMI(r1, 0xaeb7)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x4, {0x80000001, 0x2, "bea53f19df59701e0017f79fbe1a57b522a4d62c3aa77bb747f6325ae901839f1bf022b0b413dcb1b4e33483dc49e884813bdd855c28c1bc07aff5cc155d0c19937aef23b740982d97020fc78baa0c49754b8e9e8a75e7b823ca248ea21fdf90c6caeb1d8fdd6c98a5c7086cec6ed7fef6dcb4a0cdab39e35784cee19dd0749c2b93e14d7f2ecbc8ec109b5ce480b086472bfdb511952726ebed0489b026a7e0b28e085411480251afb8c94360bfadb3958d3aad790258bcb946394e9fb3fb9088658869e02e6c31fa518e721ad5a2fb03cdf96b6191da6836e42f0d9fcd68fcd9b212783eb1fd586be235a6e49993e9e5397b06633d96bd10a72b89a59d8735", 0x49, 0x10000, 0x4, 0xff, 0x8, 0xffffffff, 0x4, 0x1}, r3}}, 0x128)
getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000080)=0x2, &(0x7f0000000540)=0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$RTC_IRQP_READ(r1, 0x8004700b, &(0x7f0000000580))
setsockopt$inet_dccp_buf(r1, 0x21, 0xe, &(0x7f0000000480)="a8db310f5513493113c532a123cdeed3a1db627663af14a441bc6f0f97c04ff2c9c1646cadc76d9a34ae3020298af545429c3eed9873128b261982631776eef51704d61d528f18c717aea02f0ff8504f89f4da5e7fb8c7d2", 0x58)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0xae78, &(0x7f0000000040))

15:25:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x4, 0x400041)
ioctl$BLKBSZSET(r2, 0x40041271, &(0x7f0000000140)=0xfffffffffffeffff)
fstat(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000280)={0xa0, 0x0, 0x1, {{0x2, 0x3, 0x10000, 0x5, 0x2, 0x35, {0x1, 0x6b1c, 0x100, 0x5, 0x5619, 0x3, 0x5, 0x0, 0x3ff, 0x0, 0xfffffffffffffffd, r3, r4, 0x4, 0x3d1}}, {0x0, 0x2}}}, 0xa0)
dup2(r1, r1)
ioctl$KVM_NMI(r1, 0xae9a)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0xae78, &(0x7f0000000040))
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f00000000c0)=0x1)

[ 1227.118189] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1227.124995] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1227.132867] Memory cgroup stats for /syz4: cache:152KB rss:200KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:38 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x700000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1227.161344] Memory cgroup out of memory: Kill process 24011 (syz-executor4) score 161 or sacrifice child
[ 1227.172437] Killed process 24011 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1227.203008] oom_reaper: reaped process 24011 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:38 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000})

15:25:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1227.223340] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
[ 1227.265243] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1227.270404] CPU: 0 PID: 24011 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1227.277758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1227.287193] Call Trace:
[ 1227.289794]  dump_stack+0x1c4/0x2b4
[ 1227.293428]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1227.298626]  dump_header+0x27b/0xf72
[ 1227.302338]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1227.308131]  ? pagefault_out_of_memory+0x197/0x197
[ 1227.313051]  ? rcu_read_unlock+0x33/0x60
[ 1227.317123]  ? mem_cgroup_iter+0x514/0x1160
[ 1227.321428]  ? oom_unkillable_task+0x422/0x580
[ 1227.325998]  ? lock_downgrade+0x900/0x900
[ 1227.330136]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1227.334879]  ? css_task_iter_end+0x222/0x490
[ 1227.339273]  ? lock_downgrade+0x900/0x900
[ 1227.343422]  ? trace_hardirqs_on+0xbd/0x310
[ 1227.347728]  ? kasan_check_read+0x11/0x20
[ 1227.351863]  ? css_task_iter_end+0x222/0x490
[ 1227.356261]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1227.361696]  ? kasan_check_write+0x14/0x20
[ 1227.365920]  ? do_raw_spin_lock+0xc1/0x200
[ 1227.370151]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1227.374632]  ? css_task_iter_end+0x2ce/0x490
[ 1227.379041]  ? cgroup_procs_next+0x70/0x70
[ 1227.383265]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1227.387747]  ? oom_badness+0xaa0/0xaa0
[ 1227.391621]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1227.396370]  ? mem_cgroup_iter_break+0x30/0x30
[ 1227.400953]  ? cgroup_file_notify+0x226/0x2f0
[ 1227.405440]  out_of_memory.cold.30+0xf/0x184
[ 1227.409838]  ? kasan_check_read+0x11/0x20
[ 1227.413974]  ? oom_killer_disable+0x3a0/0x3a0
[ 1227.418452]  ? kasan_check_write+0x14/0x20
[ 1227.422671]  ? do_raw_spin_lock+0xc1/0x200
[ 1227.426897]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1227.431725]  ? memcg_memory_event+0x40/0x40
[ 1227.436031]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1227.440959]  ? page_counter_try_charge+0x1c1/0x220
[ 1227.445887]  try_charge+0xc43/0x1690
[ 1227.449587]  ? lock_downgrade+0x900/0x900
[ 1227.453726]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1227.459772]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1227.465297]  ? should_fail+0x22d/0xd01
[ 1227.469175]  ? percpu_ref_tryget_live+0x168/0x460
[ 1227.474001]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1227.478828]  ? lock_downgrade+0x900/0x900
[ 1227.482968]  ? lock_release+0x970/0x970
[ 1227.486933]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1227.492733]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1227.498257]  ? split_huge_pages_set+0xa90/0xa90
[ 1227.502994]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1227.507820]  ? fs_reclaim_acquire+0x20/0x20
[ 1227.512130]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1227.516787]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1227.521264]  ? __put_compound_page+0xe0/0xe0
[ 1227.525671]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1227.531211]  memcg_kmem_charge+0x135/0x300
[ 1227.535436]  __alloc_pages_nodemask+0x72e/0xde0
[ 1227.540090]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1227.545615]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1227.550619]  ? do_huge_pmd_anonymous_page+0x45e/0x17e0
[ 1227.555882]  ? delayacct_end+0x25/0x100
[ 1227.559845]  ? __thp_get_unmapped_area+0x180/0x180
[ 1227.564763]  ? mark_held_locks+0x130/0x130
[ 1227.568982]  ? do_futex+0x249/0x26d0
[ 1227.572682]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1227.578213]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1227.583739]  alloc_pages_current+0x10c/0x210
[ 1227.588132]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1227.593655]  pte_alloc_one+0x1b/0x1a0
[ 1227.597446]  __pte_alloc+0x2a/0x350
[ 1227.601062]  __handle_mm_fault+0x41f5/0x53e0
[ 1227.605461]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1227.610300]  ? lock_acquire+0x1ed/0x520
[ 1227.614264]  ? handle_mm_fault+0x42a/0xc70
[ 1227.618486]  ? lock_downgrade+0x900/0x900
[ 1227.622626]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1227.628413]  ? __do_page_fault+0x67d/0xed0
[ 1227.632635]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1227.638073]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1227.643599]  ? check_preemption_disabled+0x48/0x200
[ 1227.648603]  handle_mm_fault+0x54f/0xc70
[ 1227.652653]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1227.657222]  ? find_vma+0x34/0x190
[ 1227.660753]  __do_page_fault+0x67d/0xed0
[ 1227.664806]  ? mm_fault_error+0x380/0x380
[ 1227.668945]  ? trace_hardirqs_on+0x310/0x310
[ 1227.673346]  do_page_fault+0xf2/0x7e0
[ 1227.677138]  ? vmalloc_sync_all+0x30/0x30
[ 1227.681273]  ? error_entry+0x70/0xd0
[ 1227.684974]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1227.689987]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1227.694905]  ? do_syscall_64+0x820/0x820
[ 1227.698956]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1227.703787]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1227.708785]  ? trace_hardirqs_off+0x310/0x310
[ 1227.713271]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1227.718273]  ? page_fault+0x8/0x30
[ 1227.721801]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1227.727131]  ? page_fault+0x8/0x30
[ 1227.730657]  page_fault+0x1e/0x30
[ 1227.734093] RIP: 0023:0x806a9d6
[ 1227.737361] Code: Bad RIP value.
[ 1227.740719] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1227.746071] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1227.753326] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1227.760579] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1227.767832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1227.775086] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1227.783467] Memory limit reached of cgroup /syz4
[ 1227.788247] memory: usage 204684kB, limit 204800kB, failcnt 458
[ 1227.797316] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1227.810810] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:38 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x2000000}, 0x6)

15:25:38 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x10000000000000})

15:25:38 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x200000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:38 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
getrusage(0xffffffffffffffff, &(0x7f0000000080))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1227.830351] Memory cgroup stats for /syz4: cache:152KB rss:200KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1227.851192] Out of memory and no killable processes...
15:25:39 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:39 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000})

15:25:39 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x7000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:39 executing program 1:
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fsetxattr$trusted_overlay_opaque(r0, &(0x7f00000000c0)='trusted.overlay.opaque\x00', &(0x7f0000000100)='y\x00', 0x2, 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x10001, 0x400000)
ioctl$FS_IOC_RESVSP(r2, 0x402c5828, &(0x7f00000001c0)={0x0, 0x2, 0x8, 0x1})
ioctl$SCSI_IOCTL_TEST_UNIT_READY(r2, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000140)=0x40000000000)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000180)={'nr0\x00', 0x100})

[ 1227.968372] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1227.980555] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1227.985838] CPU: 1 PID: 24065 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1227.993203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1228.002553] Call Trace:
[ 1228.005142]  dump_stack+0x1c4/0x2b4
[ 1228.008773]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1228.013974]  ? debug_smp_processor_id+0x1c/0x20
[ 1228.018652]  dump_header+0x27b/0xf72
[ 1228.022374]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1228.027937]  ? pagefault_out_of_memory+0x197/0x197
[ 1228.032874]  ? debug_smp_processor_id+0x1c/0x20
[ 1228.037550]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1228.042469]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1228.047391]  ? perf_trace_lock+0x7a0/0x7a0
[ 1228.051614]  ? perf_trace_lock+0x7a0/0x7a0
[ 1228.055840]  ? debug_smp_processor_id+0x1c/0x20
[ 1228.060496]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1228.065410]  ? mark_held_locks+0x130/0x130
[ 1228.069634]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1228.075164]  ? perf_trace_lock+0x7a0/0x7a0
[ 1228.079385]  ? task_will_free_mem+0x239/0xb30
[ 1228.083873]  ? ___ratelimit+0x36f/0x655
[ 1228.087840]  ? lock_downgrade+0x900/0x900
[ 1228.091981]  ? trace_hardirqs_on+0xbd/0x310
[ 1228.096285]  ? kasan_check_read+0x11/0x20
[ 1228.100422]  ? ___ratelimit+0x36f/0x655
[ 1228.104385]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1228.109819]  ? trace_hardirqs_on+0x310/0x310
[ 1228.114213]  ? lock_downgrade+0x900/0x900
[ 1228.118350]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1228.123440]  ? ___ratelimit+0xaa/0x655
[ 1228.127317]  ? idr_get_free+0xec0/0xec0
[ 1228.131276]  ? kasan_check_write+0x14/0x20
[ 1228.135498]  ? do_raw_spin_lock+0xc1/0x200
[ 1228.139747]  oom_kill_process.cold.27+0x10/0x903
[ 1228.144489]  ? kasan_check_write+0x14/0x20
[ 1228.148711]  ? do_raw_spin_lock+0xc1/0x200
[ 1228.152939]  ? oom_evaluate_task+0x540/0x540
[ 1228.157334]  ? cgroup_procs_next+0x70/0x70
[ 1228.161558]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1228.166040]  ? oom_badness+0xaa0/0xaa0
[ 1228.169916]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1228.174665]  ? mem_cgroup_iter_break+0x30/0x30
[ 1228.179240]  ? cgroup_file_notify+0x226/0x2f0
[ 1228.183723]  out_of_memory+0xa84/0x1430
[ 1228.187686]  ? kasan_check_read+0x11/0x20
[ 1228.191821]  ? oom_killer_disable+0x3a0/0x3a0
[ 1228.196305]  ? kasan_check_write+0x14/0x20
[ 1228.200527]  ? do_raw_spin_lock+0xc1/0x200
[ 1228.204757]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1228.209589]  ? memcg_memory_event+0x40/0x40
[ 1228.213903]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1228.218652]  ? page_counter_try_charge+0x1c1/0x220
[ 1228.223568]  try_charge+0xc43/0x1690
[ 1228.227273]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1228.232379]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1228.238426]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1228.243254]  ? lock_downgrade+0x900/0x900
[ 1228.247391]  ? lock_release+0x970/0x970
[ 1228.251354]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1228.257497]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1228.262330]  ? mem_cgroup_can_attach+0x580/0x580
[ 1228.267076]  ? memcg_kmem_charge+0x1c2/0x300
[ 1228.271477]  ? __might_sleep+0x95/0x190
[ 1228.275442]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1228.280026]  ? mem_cgroup_protected+0xa60/0xa60
[ 1228.284687]  ? __pte_alloc+0x1c7/0x350
[ 1228.288586]  ? kasan_check_read+0x11/0x20
[ 1228.292722]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1228.297118]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1228.301688]  ? kasan_check_write+0x14/0x20
[ 1228.305910]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1228.311441]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1228.316369]  __handle_mm_fault+0x273a/0x53e0
[ 1228.320767]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1228.325607]  ? lock_acquire+0x1ed/0x520
[ 1228.329575]  ? handle_mm_fault+0x42a/0xc70
[ 1228.333794]  ? lock_downgrade+0x900/0x900
[ 1228.337934]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1228.343718]  ? __do_page_fault+0x67d/0xed0
[ 1228.347939]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1228.353381]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1228.358905]  ? check_preemption_disabled+0x48/0x200
[ 1228.363913]  handle_mm_fault+0x54f/0xc70
[ 1228.367962]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1228.372530]  ? find_vma+0x34/0x190
[ 1228.376072]  __do_page_fault+0x67d/0xed0
[ 1228.380124]  ? mm_fault_error+0x380/0x380
[ 1228.384260]  ? trace_hardirqs_on+0x310/0x310
[ 1228.388665]  do_page_fault+0xf2/0x7e0
[ 1228.392454]  ? vmalloc_sync_all+0x30/0x30
[ 1228.396591]  ? error_entry+0x70/0xd0
[ 1228.400291]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1228.405291]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1228.410209]  ? do_syscall_64+0x820/0x820
[ 1228.414256]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1228.419090]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1228.424090]  ? trace_hardirqs_off+0x310/0x310
[ 1228.428593]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1228.434115]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1228.439123]  ? page_fault+0x8/0x30
[ 1228.442656]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1228.447488]  ? page_fault+0x8/0x30
[ 1228.451016]  page_fault+0x1e/0x30
[ 1228.454453] RIP: 0023:0x806a9d6
[ 1228.457721] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1228.476607] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1228.482063] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1228.489319] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1228.496572] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1228.503842] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1228.511104] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:39 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
socket$inet(0x2, 0x0, 0x6)

15:25:39 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x1000000})

15:25:39 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x700, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1228.563434] Task in /syz4 killed as a result of limit of /syz4
[ 1228.569724] memory: usage 204800kB, limit 204800kB, failcnt 506
[ 1228.575962] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1228.582916] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1228.589135] Memory cgroup stats for /syz4: cache:152KB rss:200KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1228.649154] Memory cgroup out of memory: Kill process 24065 (syz-executor4) score 161 or sacrifice child
[ 1228.676818] Killed process 24065 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:39 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x1000000}, 0x6)

15:25:39 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x10})

15:25:39 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x20e, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[ 1228.707004] oom_reaper: reaped process 24065 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
15:25:39 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = creat(&(0x7f0000000200)='./file0\x00', 0x47)
ioctl$RTC_WIE_ON(r2, 0x700f)
r3 = add_key(&(0x7f0000000080)='id_resolver\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000100)="e85e1ac4a4f84bcf99b919a5a7f5fde355e3b3353e7e9ca89d1857f6e048357daea487c3f39a4fae8a82bf97886b6a5446592da7021dc0c91df01092ae0e524f43ea88958f4db2a459f5185fd54003cb2738af7afd8802a89953d6c01d07b2c7d7c01758a15b671f104f178d49c7aec3cce5eb3af3dd813783d6445938259c108fb7c183cb173703a5c2faafd2d40d212d3d5e66a86bc614a0cc9fd0e2284d362cd4a5df6796c5b328e54fc8060d9d2e693a85926b2cf914fca2cdbd0c6fa202eee6c967abddea18bff7326756ee48c845b444597eb990ed9b7d93725be034811d6c", 0xe2, 0xfffffffffffffffb)
keyctl$clear(0x7, r3)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:39 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xb00000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:39 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x2})

15:25:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpid()
r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhci\x00', 0x20000, 0x0)
perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x40000000000000, 0x9880, 0x401, 0x1ff, 0x0, 0x0, 0x40, 0x6, 0x7ff, 0xbb, 0x401, 0x8, 0x1f, 0x101, 0xfffffffffffffff7, 0x1, 0xab6, 0x3, 0xffffffffffffffff, 0x9e, 0x2, 0xffffffffffffffe0, 0x9, 0x6, 0x9, 0xfffffffffffffff8, 0x254, 0x7, 0x3, 0x8, 0xffff, 0x5, 0xffffffff80000001, 0x8, 0x5, 0x1ff000000000000, 0x0, 0xfffffffffffffffe, 0x0, @perf_config_ext={0x4, 0x100000001}, 0x0, 0xd1, 0x5, 0x7, 0x80000001, 0x9, 0x1ff}, r2, 0xb, r3, 0xb)
r4 = fcntl$getown(r1, 0x9)
migrate_pages(r4, 0x6, &(0x7f0000000080)=0xfffffffffffff001, &(0x7f00000000c0))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1228.834034] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0
15:25:39 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x3000000})

[ 1228.909363] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1228.928049] CPU: 1 PID: 24105 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1228.935446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1228.944801] Call Trace:
[ 1228.947411]  dump_stack+0x1c4/0x2b4
[ 1228.951047]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1228.956249]  ? mark_held_locks+0x130/0x130
[ 1228.960513]  ? mark_held_locks+0x130/0x130
[ 1228.964744]  dump_header+0x27b/0xf72
[ 1228.968456]  ? debug_smp_processor_id+0x1c/0x20
[ 1228.973119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1228.978648]  ? pagefault_out_of_memory+0x197/0x197
[ 1228.983571]  ? debug_smp_processor_id+0x1c/0x20
[ 1228.988231]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1228.993146]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1228.998076]  ? perf_trace_lock+0x7a0/0x7a0
[ 1229.002308]  ? perf_trace_lock+0x7a0/0x7a0
[ 1229.006534]  ? debug_smp_processor_id+0x1c/0x20
[ 1229.011187]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1229.016105]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.021628]  ? perf_trace_lock+0x7a0/0x7a0
[ 1229.025853]  ? task_will_free_mem+0x239/0xb30
[ 1229.030354]  ? ___ratelimit+0x36f/0x655
[ 1229.034315]  ? lock_downgrade+0x900/0x900
[ 1229.038452]  ? trace_hardirqs_on+0xbd/0x310
[ 1229.042758]  ? kasan_check_read+0x11/0x20
[ 1229.046891]  ? ___ratelimit+0x36f/0x655
[ 1229.050854]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1229.056292]  ? trace_hardirqs_on+0x310/0x310
[ 1229.060686]  ? lock_downgrade+0x900/0x900
[ 1229.064828]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1229.069932]  ? ___ratelimit+0xaa/0x655
[ 1229.073897]  ? idr_get_free+0xec0/0xec0
[ 1229.077855]  ? kasan_check_write+0x14/0x20
[ 1229.082079]  ? do_raw_spin_lock+0xc1/0x200
[ 1229.086311]  oom_kill_process.cold.27+0x10/0x903
[ 1229.091055]  ? kasan_check_write+0x14/0x20
[ 1229.095279]  ? do_raw_spin_lock+0xc1/0x200
[ 1229.099505]  ? oom_evaluate_task+0x540/0x540
[ 1229.103906]  ? cgroup_procs_next+0x70/0x70
[ 1229.108130]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1229.112609]  ? oom_badness+0xaa0/0xaa0
[ 1229.116484]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1229.121229]  ? mem_cgroup_iter_break+0x30/0x30
[ 1229.125806]  ? cgroup_file_notify+0x226/0x2f0
[ 1229.130296]  out_of_memory+0xa84/0x1430
[ 1229.134260]  ? kasan_check_read+0x11/0x20
[ 1229.138395]  ? oom_killer_disable+0x3a0/0x3a0
[ 1229.142875]  ? kasan_check_write+0x14/0x20
[ 1229.147105]  ? do_raw_spin_lock+0xc1/0x200
[ 1229.151335]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1229.156183]  ? memcg_memory_event+0x40/0x40
[ 1229.160493]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1229.165419]  ? page_counter_try_charge+0x1c1/0x220
[ 1229.170348]  try_charge+0xc43/0x1690
[ 1229.174052]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1229.179843]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1229.185895]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.191419]  ? handle_mm_fault+0x56e/0xc70
[ 1229.195652]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1229.200239]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.205765]  ? __do_page_fault+0x4a6/0xed0
[ 1229.209993]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1229.215086]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1229.220525]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1229.226049]  ? check_preemption_disabled+0x48/0x200
[ 1229.231057]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1229.235812]  ? mem_cgroup_sk_free+0x90/0x90
[ 1229.240118]  ? trace_hardirqs_off+0x310/0x310
[ 1229.244615]  __sk_mem_raise_allocated+0x642/0x1800
[ 1229.249547]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1229.253869]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1229.259395]  ? alloc_pages_current+0x114/0x210
[ 1229.263968]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1229.268625]  ? sock_kzfree_s+0x60/0x60
[ 1229.272502]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1229.277164]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1229.282168]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1229.287348]  ? iov_iter_advance+0x1460/0x1460
[ 1229.291835]  __sk_mem_schedule+0x6d/0xe0
[ 1229.295882]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1229.301408]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1229.305901]  ? tcp_sendpage+0x60/0x60
[ 1229.309689]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1229.315212]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1229.319522]  ? aa_profile_af_perm+0x410/0x410
[ 1229.324006]  ? ksys_dup3+0x680/0x680
[ 1229.327707]  ? lock_acquire+0x1ed/0x520
[ 1229.331666]  ? tcp_sendmsg+0x21/0x50
[ 1229.335369]  ? trace_hardirqs_on+0xbd/0x310
[ 1229.339674]  ? lock_release+0x970/0x970
[ 1229.343641]  ? lock_sock_nested+0xe2/0x120
[ 1229.347873]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1229.353313]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.358839]  ? check_preemption_disabled+0x48/0x200
[ 1229.363842]  ? lock_sock_nested+0x9a/0x120
[ 1229.368068]  ? lock_sock_nested+0x9a/0x120
[ 1229.372293]  ? __local_bh_enable_ip+0x160/0x260
[ 1229.376951]  tcp_sendmsg+0x2f/0x50
[ 1229.380483]  inet_sendmsg+0x1a1/0x690
[ 1229.384275]  ? ipip_gro_receive+0x100/0x100
[ 1229.388589]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1229.393329]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.398853]  ? security_socket_sendmsg+0x94/0xc0
[ 1229.403604]  ? ipip_gro_receive+0x100/0x100
[ 1229.407912]  sock_sendmsg+0xd5/0x120
[ 1229.411611]  __sys_sendto+0x3d7/0x670
[ 1229.415413]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1229.420072]  ? arch_local_save_flags+0x40/0x40
[ 1229.424643]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1229.430101]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1229.435629]  ? compat_put_timespec64+0x110/0x280
[ 1229.440375]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1229.445118]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1229.450036]  ? trace_hardirqs_on+0xbd/0x310
[ 1229.454347]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.459873]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1229.464445]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1229.469886]  __ia32_sys_sendto+0xdf/0x1a0
[ 1229.474024]  do_fast_syscall_32+0x34d/0xfb2
[ 1229.478334]  ? do_int80_syscall_32+0x890/0x890
[ 1229.482902]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1229.487472]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1229.492475]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1229.497304]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1229.502309]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1229.507313]  ? recalc_sigpending_tsk+0x180/0x180
[ 1229.512056]  ? kasan_check_write+0x14/0x20
[ 1229.516284]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1229.521113]  entry_SYSENTER_compat+0x70/0x7f
[ 1229.525509] RIP: 0023:0xf7f56ca9
[ 1229.528867] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1229.547756] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1229.555455] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1229.562710] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1229.569982] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1229.577238] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1229.584495] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:40 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x400, 0x200, 0x80, 0x40, <r1=>0x0}, &(0x7f0000000040)=0x10)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000080)={r1, 0x1, 0x1}, 0x8)

15:25:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$inet6_MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000000c0)={{0xa, 0x4e21, 0x9, @ipv4={[], [], @multicast2}, 0x5}, {0xa, 0x5, 0x0, @mcast2, 0x7ff}, 0x4, [0x401, 0x8, 0x3, 0x8001, 0x3, 0xfffffffffffff801, 0x1ff, 0x40]}, 0x5c)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
rt_sigprocmask(0x3, &(0x7f0000001280)={0x4}, 0x0, 0x8)
r4 = add_key(&(0x7f0000000200)='encrypted\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)="7be7140bbd4ab7c8532a9f66ff5661221d89e7d4f66a8113d7fbffeecaedcd906890637b39511d913a4d35a871b57ecae3c01db720fb8cca074f50c5464dc8e3612a390c7a42d314321efe223bef7a57c57b222da827cfabf770bff98651f0ec05a5078eb2441a902c745ce76c40d5ee783ddb19871f62cacfac688d6de8e271fb33ad50e90fc87668c23cd1649c3474b344597c48f23981682c232c5536cd5c8463ac66cc2d289ba4b7798fa4df229d88ea1be57bfd8ebe79d26ece8084caae6469b4387a296ac3f52ea80344775c59b316a1e57a0b2400467525ce46b61f6b501a29f9541a6e1d21bed9a1be1a19e8cf5cc21eed5628cd3dcc6af8f0bf2c51be4c4fe04d5064452405c5c6c0eede3530dabd540f8872ef78ce282868a8f0b4f9dda6ef86bd41412a309d5b55e9fd1da7f6da2a29fc1d037d74411329a839540e3df94253318b438b8a1a67fc4af38ade10fc0e199c6f117398c76ae9508f47f6955e4a7ade53a350d7d755be397ad63bcdab142be1ad5516bedf88e0813d77bb36494abc890e49933657467785a8d9a462899c99b1547cbbc241f6615237b20726a03ab1ca0fa5e832bd5ddf1dfc12f4fd1d3208e76985a0c4ba1e06d54def2fcb78f818caa805f7d8fc8678893125a229b775ff6063aaf317866cf6a8a09eeefdcb9eefc1208ca92d4c871ad0335e600b876df19e3c5e7e189265fc5dba6d2cf25ff851c546a3d49b9497a0a7ce8cde0ecc9661b22cce4930fe6c8960884e2e2058e5232c1bb1d6c97836a9bba113fcaafc43af00573c28319e09e9baf9c2575979dc0c9d0c436b58a436218b56f3f4e038fa63aecdfb79049864ed3c626e71f31cba58d165c33c12fec7c04a72acd0de6a54b4fcf12b9f50c5a1428cc9e2679e48e4664973e7a24b66503d5e4c2138d9ed6a4648541598e3fc9d933f690a03de6f04de6dc6879bb9e57ce5dcaafc2e2953486181750615a72b43afd00901b7fb8bcf77237895fafcab275fdbc4c62d0be400187a9477b15f656a6f5afb2c58507aa185c8d7cb6c30e9ea082b1d53e3487a1490284388b9cd5aa2bee82db7c20c72539b1a39e115f8a736441ffa425747d7dbf5df84bf75436a151b6b5532f6934647bfcc7522fdf13343e4e6ba3b64d005d3f0482c6227fc98beecc927f12d25a3505d1d1e78fb02d35d2403a3c91f1a776733346a4910d65094f54edd154043c0864bc8f3f2003eca5852cb7192492e472b42cac0de91643b6770b0fe6b8a77cdf012f63d1c5c3cab1a8b3fa970d841c972e1844cf05ce35e90f977b35a5e311c409cd18cdfa0b34bf8e786ca471a00ed89a04e7e3a1f6324cecc7423a0928c74ce27b524c6deecfdea7c29a645cf630fb6b125788e54d9848ca89c5380fc7755a08a26c427ae08a5ddef1834a08fe1ed1353d945928dad264a3d40de257984832cdea0cd2cba762a39bfbafa21b4df3f7a3b04a0d9a5cf17ae0c920f2a0ecf40f0a59ee47b9772c9e29f4d90f85cae0846a723766939835e2aec8485a939306ef49510d5d58f7383b38f202887fcb59395ef9a7c9d908d67d0bade70cfbc7f12c92d79d73fe4a56df13bc3dabc230cda223877973c22ffab53b9db19a0b3a1136b575d7c97a80a9be52311c4fb1586ba7cf16932654efb4695d5850201ca521ed50feec7b748001a801b4f6ba73a972c7fee69cc05e43918383549f43c3a36ba455a0611bb4d1e2be4183e21f47ffce028ca18e1c316a38e3f77450c0de318487600250d1bd9bb29c2eaf4bd8b59e9e19be9de3c5d0baaa5391c5822377efee6cb801960e14c722a0b27e73d0c4fcdcce4ad53a7e3d3e6b9d90ac9bcb21c3fafb69eb49a9ad550f67689d0583c35f2cf586a3a1595dafcdc393d9a79e949d64f8d0e7eeee399236e675509d868f2b444ff1cd8988ea3e915419bbcd7ea946e092eb0297b919538c4acefb421c717945a08a8b1394d824eba895c91f6d14f6a5399eeae9a952e55428f3974177e71b87404b383bfa39340c888ae4b02f221b9d6189910e12e6821586a98784e211b42ba520a7a37d88d99940fcff965abebfb1e7748e25ccd44ae926a03a7dc3e6b8262fc101be4a31f88869b9517a9ab6b4cedf21e08353d00c2bd197f20b6e54fad8a29fa4c1569ff384b22399e4f1cbd752a7e6d75bedc1056a38dbfe7a03d376b878619ff5480447040f6804b88d098c39bf399d11985cfd1d13603b00e8c152cf661dc1642ee735adc9f12dd5154b38b93597f2f62c49e80dacc51713b09cb37e9a26753107c91c06daca7332e51ec75e0229fea055305cd23d5fc96dd8ccad4e9453350032161ade6d03effde2f97578400a68d2cd1c04c3159d6ed8a527f58b0fbbd6517d3198c802e13bf1e50aedfad091588594f1717f457a8d6d2ffa7b54fc6b215ad72bccff1124908480ba02e0be7cce1b91c7dfb8ad0d3aab588b8c51d56efe01e7ecdef014c451d488fdf7fedba5a8cb28cadbb6da9ac5912bf3225c8df5c516e83384757939f812281386e829a18c1045e6919b96772a44589b4e9f518e83a7ba216288fd8d7b423db73f2b1e18d2bbaa19f70545935a24007cc79ec650c7a9530285e10487c0fbef2a45da2f686e9311ca99d1cc794d069ab3e95277d38bb8c6d6e44b9f72573a8ba07b1026abcc8345cefbbcb9594e5407d1fb95a8e7646cdd939bfa72d9eb949facc798b87f9ceebd972572370a1973b142267afef3abc2306ce9d856ef450d6d429cfe6be7aac48b1f788f3d637eb271105f2dfcae2ad17fc382c59901480c1676eb0e4ffef2ea743ab817be1c76bd05f9ffb36b499052f3c6b3884e661c97b04f30c5f0c0489754cd40f7f3bc15d9bb9485483a03d193046cd76431cf4af4c3478093d62ef3d80d6a490b2f00ceea33dc4f2c08c14509991f7fe298860d7503085d2613efa4408c050a8939380b3f28e5dd6eec2fd71cfda29250bea70df4dab54b96c0b6d41b795f2e677906933f50e9f2e879c439c523155f5c05665e3ec2621681494f2f6989cc411d178dec6b1e0268f381c69104879cd30b24ce11db5d840baadf45f90cb9daa0bf5abdead455e27c3db679e3bbc5f334ff7354ef3ecef9fb6c12e1e9c80c186a869d7df3059a20b12724d128b28d97164349b0a663d1486e5157eb4e7011cca5c025526f20c8c3c57f51750f25008f09251bae1a69b67b623fbdd41c5d6ef889c925bd4ec1cfb5da3071c721c5d8fd9543e92fadfae4999f55d98299768475dc1ceebf3c7aef3e9c7cff0789db03ca596a2fcf954f9446bcfda8c6ece6c178d82cefc32156008f5a229501f19c2d5b052f4d9b0c842d20e4a90484eaffe7c9597cfb844839e80d11d99c85cdbc5f0dd4a7a17118bb52d7c21c99f5e47fabc4a0e5c32fbab6da1101781fcce6e98aec553eaa82c02a124d2d771c54823b2e7e92289e7ee212581512d1fba6ff5c0f3fbba5371bb9d9fe9bcc9b96150d05866fc4f178b05b79f2a85c633f9eaaa0aef063f9f8f4b87ea60530d7d2f1547e817953dfac9804ae35ccee1748bc482c03bdb728aa10f70ecd905c7dfefe53bcbc2601302f3511cbabecf6512369a65cca48c0e0a87ababc045cb436182c8bace5417cc2a767e22f0b33c78bf40464094a174b651e26bb52f1ca4cdc6bf1f1fe15bbe21786967c9b3983fa28473929d0ad74f126930c5ae1a531455af2eda946696e52f8eb5364c818b2691ebce627ef5ccf3d8b3c36790b717890f7f8806ddb169808f3a8605b5c979203caeddeff8d9f2ba7397bd0a4bdcf27371567c40d62ee85759e76b5c1f91fefbc1996e3617fedc0cf50cfac73ccc793bbd388dfc278bb3da734bbca5b0ab3e184466fcfda301ad5cbca67c6ef2dec093995b26ef8247ce00d7b87d55fc6810f08b2ae7405dc0b5474789dbe6362224167bd5d31c8f1f6b46d11d684e55cf139ce02f7e2ba29aff11574951e73d0c5a75909431d31b27524cf6e5eab7044dcb583d90730df0943fb94b6834dcbc37779951f67428485c5efd760c78d478416b749ae416b17028d2ed0fdb590f033169bc3b80c639698d9374e26d3d1ce2a977f71c71214a38243feb23c28995e4961b80842a1565cac6538ec1c4a78b1584a1de5800f826b61a5700228b33dafef93449fac91cac5c106675896fc9d36b53d2959cc2759602acde3b4b3298339ff19f498b0ae81e35949373dbad507e66bc9e96d4859569c11768fe548a5d485add2760e1e4c444f85f4bbcb9efa128db93efd81495299488300c22eb80e57ff7213be86150720af245aad7d12f77fc0bb77451363644c9dd831a259942d806ed3f8bdd56427f4e8309964f28e24f0986679220a88a7edbdd0a2d92eb863072a165a0d9d56da6bbf608297db414e87ec01905590dddbbf7e98338d188171ce9c15147335389ca527d3288e6f0032c76cac100cfcf721b2b050e19a17f6919e9dd2774bb589e39dc198d3b0c159a41ac8698d29340c47155fa6c3a0ae0a4305cba32296ea51720180712d878798cf3fd8d9739d7cd6e5bbab7346079deba3577eebf672744cb9d09fc99910ec90169e4b52a1831345a6c671402876c279f14e1367d45ad165d8c721b2b97f838da8f1211d3fd630ebfd4bd1deb19bf5376f9ec04cd07602e91d600c37188650a56dc0410f51cfc82cf878908ce52a0e4ccf6b4c985f3318ac4326b54905d8e7156e889b12b57d0445340224f316553f5a55041e746fb2c7bcf7a0022ac0b054a69dc2cdab2552c04bcad047bac5070078ffb1ea1e530812ee1f94b1654c909eef16671b8d5ed2862d1b46dec7c44df2f41ea69832436916400453653575b108769211e36a87fb24cccac2a70584687744a76fde3fe31248ab5edb9b2596ab1175979a89d26a6c353bcc99040daffe853d29cf62ff753755893a7c5474aa942e71cd6172166b684986615d52e3c85b5d052974e7bd0ab9c5b49c0372d67904930ce2b2a65d75b9eae0f84428c722bba836cb48e0c461cf82d2b6b30cd8360a32f1c496540d762a422a327d9ada2acd498a28a7cf6b03ea8076bedbd1e9c422d4d344a5c70671cc8b71f2df383bc8fb218ce9e4267d88c39b4089738819bed1e4296ce2cd4d61e10c2a56402312fcff6862fe9d34d159bb77d76c7a049268322a07f8c07d6153766b773aad6ce317a634cc7f753b044b3446ae220387683cc6dc17e4b71d11545df1be2db234180ea4796b7dcc383d782541ff287a2329ad6fb9c5dc93716e9573e0145acd63dea2af2c933423afae45af94d1e0e47c2c9c0f0ec804966b830c723e773bfadd361ec28ab0005b43f95210e22d2432e6269499b4f12fe1de64d63eb61cd9fbaa4687170ed602be65c8e4501b6ce278b5565eba546776a4225451de96788e622652dfd3f5d64943724a8fea76fc0ad24733eb076d501863fa60ee1730274d201bfa50869cd621580d9b51533264391481e1ab5c88ca8e0af16643c9bf888c6b4249b5a41943b83d3f9db374da198a62773b995d94d6334f9c86a121d860500d06f9bc667ee9633558dca46c12beadffe672cbfebb93451a87f0814f797aa056f6adbd6c11212c032b8cc42c1af96e3fecf4c8634b072e4b675d9048611cdf6034e830bdd8b977c6b1d466b861ffb90c32a06f319e32fa4fa10e80cbccb028bfac407a8f032d6eacc8aefc12b232caa12052e717392cd1e3b5dbe486ddbcefcb487a9f0bee5c60fe21b1772eda14e8751130e1988ca6608c80c025299bd7f5e6865554d3f77e26e993a79ba", 0x1000, 0xfffffffffffffffb)
keyctl$get_persistent(0x16, r3, r4)

15:25:40 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1229.620297] Task in /syz4 killed as a result of limit of /syz4
[ 1229.629183] memory: usage 204800kB, limit 204800kB, failcnt 534
[ 1229.636351] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1229.643364] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1229.649702] Memory cgroup stats for /syz4: cache:152KB rss:200KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1229.679461] Memory cgroup out of memory: Kill process 24104 (syz-executor4) score 161 or sacrifice child
[ 1229.694137] Killed process 24104 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:40 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xffe0}, 0x6)

15:25:40 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x8000000})

15:25:40 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x3c000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x200000, 0x0)
bind$pptp(r1, &(0x7f00000000c0)={0x18, 0x2, {0x3, @local}}, 0x1e)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

[ 1229.725070] oom_reaper: reaped process 24104 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
[ 1229.737047] encrypted_key: master key parameter 'ûŒÊOPÅFMÈãa*9zBÓ2þ";ïzWÅ{"-¨'Ï«÷p¿ù†Qð쥎²D�,t\çl@Õîx=Û‡bÊϬh�mèâqû3­PéÈvhÂ<Ñdœ4t³DY|Hò9�h,#,U6Í\„c¬fÌ-(›¤·y�¤ß"�ˆêå{ýŽ¾yÒn΀„Ê®di´8z)jÃõ.¨Dw\Y³¡åz$' is invalid
15:25:40 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x8})

15:25:40 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2c000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1229.823028] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1229.861923] syz-executor4 cpuset=syz4 mems_allowed=0
15:25:40 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000})

[ 1229.881646] CPU: 1 PID: 24146 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1229.889041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1229.898874] Call Trace:
[ 1229.901475]  dump_stack+0x1c4/0x2b4
[ 1229.905115]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1229.910313]  ? mark_held_locks+0x130/0x130
[ 1229.914553]  ? mark_held_locks+0x130/0x130
[ 1229.914571]  dump_header+0x27b/0xf72
[ 1229.914591]  ? debug_smp_processor_id+0x1c/0x20
15:25:41 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x100000})

[ 1229.914610]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.927193]  ? pagefault_out_of_memory+0x197/0x197
[ 1229.927214]  ? debug_smp_processor_id+0x1c/0x20
[ 1229.942318]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1229.947253]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1229.952188]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1229.955452] encrypted_key: master key parameter 'ûŒÊOPÅFMÈãa*9zBÓ2þ";ïzWÅ{"-¨'Ï«÷p¿ù†Qð쥎²D�,t\çl@Õîx=Û‡bÊϬh�mèâqû3­PéÈvhÂ<Ñdœ4t³DY|Hò9�h,#,U6Í\„c¬fÌ-(›¤·y�¤ß"�ˆêå{ýŽ¾yÒn΀„Ê®di´8z)jÃõ.¨Dw\Y³¡åz$' is invalid
[ 1229.957734]  ? perf_trace_lock+0x7a0/0x7a0
15:25:41 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x600, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1229.957760]  ? perf_trace_lock+0x7a0/0x7a0
[ 1229.986156]  ? debug_smp_processor_id+0x1c/0x20
[ 1229.990838]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1229.995779]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.001445]  ? perf_trace_lock+0x7a0/0x7a0
[ 1230.005686]  ? task_will_free_mem+0x239/0xb30
[ 1230.010192]  ? ___ratelimit+0x36f/0x655
[ 1230.014162]  ? lock_downgrade+0x900/0x900
[ 1230.018330]  ? trace_hardirqs_on+0xbd/0x310
[ 1230.022659]  ? kasan_check_read+0x11/0x20
[ 1230.026816]  ? ___ratelimit+0x36f/0x655
[ 1230.030799]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1230.036248]  ? trace_hardirqs_on+0x310/0x310
[ 1230.036264]  ? lock_downgrade+0x900/0x900
[ 1230.036283]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1230.036300]  ? ___ratelimit+0xaa/0x655
[ 1230.044836]  ? idr_get_free+0xec0/0xec0
[ 1230.053796]  ? kasan_check_write+0x14/0x20
[ 1230.053812]  ? do_raw_spin_lock+0xc1/0x200
[ 1230.053832]  oom_kill_process.cold.27+0x10/0x903
[ 1230.053847]  ? kasan_check_write+0x14/0x20
[ 1230.070990]  ? do_raw_spin_lock+0xc1/0x200
[ 1230.071018]  ? oom_evaluate_task+0x540/0x540
[ 1230.079459]  ? cgroup_procs_next+0x70/0x70
[ 1230.079481]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1230.088107]  ? oom_badness+0xaa0/0xaa0
[ 1230.088123]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1230.088140]  ? mem_cgroup_iter_break+0x30/0x30
[ 1230.096504]  ? cgroup_file_notify+0x226/0x2f0
[ 1230.096523]  out_of_memory+0xa84/0x1430
[ 1230.105827]  ? kasan_check_read+0x11/0x20
[ 1230.105844]  ? oom_killer_disable+0x3a0/0x3a0
[ 1230.105863]  ? do_raw_spin_lock+0xc1/0x200
[ 1230.105886]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1230.131946]  ? memcg_memory_event+0x40/0x40
[ 1230.136259]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1230.141193]  ? page_counter_try_charge+0x1c1/0x220
[ 1230.146110]  try_charge+0xc43/0x1690
[ 1230.149817]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1230.155863]  ? tcp_sendmsg+0x2f/0x50
[ 1230.159565]  ? sock_sendmsg+0xd5/0x120
[ 1230.163440]  ? __sys_sendto+0x3d7/0x670
[ 1230.167401]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1230.171710]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1230.176200]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1230.180776]  ? fs_reclaim_acquire+0x20/0x20
[ 1230.185090]  ? lock_downgrade+0x900/0x900
[ 1230.189228]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.194761]  ? check_preemption_disabled+0x48/0x200
[ 1230.199762]  ? ___might_sleep+0x1ed/0x300
[ 1230.203903]  ? debug_smp_processor_id+0x1c/0x20
[ 1230.208571]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1230.213499]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1230.218590]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1230.224026]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1230.229553]  ? check_preemption_disabled+0x48/0x200
[ 1230.234560]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1230.239315]  ? mem_cgroup_sk_free+0x90/0x90
[ 1230.243631]  __sk_mem_raise_allocated+0x642/0x1800
[ 1230.248550]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1230.252862]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1230.258391]  ? alloc_pages_current+0x114/0x210
[ 1230.262967]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1230.267634]  ? sock_kzfree_s+0x60/0x60
[ 1230.271516]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1230.276173]  ? tcp_chrono_start+0x190/0x1e0
[ 1230.280483]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1230.285497]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1230.290678]  ? iov_iter_advance+0x1460/0x1460
[ 1230.295162]  __sk_mem_schedule+0x6d/0xe0
[ 1230.299212]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1230.304746]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1230.309241]  ? tcp_sendpage+0x60/0x60
[ 1230.313038]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1230.318558]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1230.322872]  ? aa_profile_af_perm+0x410/0x410
[ 1230.327368]  ? ksys_dup3+0x680/0x680
[ 1230.331070]  ? lock_acquire+0x1ed/0x520
[ 1230.335033]  ? tcp_sendmsg+0x21/0x50
[ 1230.338743]  ? trace_hardirqs_on+0xbd/0x310
[ 1230.343052]  ? lock_release+0x970/0x970
[ 1230.347014]  ? lock_sock_nested+0xe2/0x120
[ 1230.351237]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1230.356676]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.362212]  ? check_preemption_disabled+0x48/0x200
[ 1230.367228]  ? lock_sock_nested+0x9a/0x120
[ 1230.371454]  ? lock_sock_nested+0x9a/0x120
[ 1230.375684]  ? __local_bh_enable_ip+0x160/0x260
[ 1230.380354]  tcp_sendmsg+0x2f/0x50
[ 1230.383882]  inet_sendmsg+0x1a1/0x690
[ 1230.387670]  ? ipip_gro_receive+0x100/0x100
[ 1230.391978]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1230.396728]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.402255]  ? security_socket_sendmsg+0x94/0xc0
[ 1230.407003]  ? ipip_gro_receive+0x100/0x100
[ 1230.411319]  sock_sendmsg+0xd5/0x120
[ 1230.415030]  __sys_sendto+0x3d7/0x670
[ 1230.418824]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1230.423487]  ? arch_local_save_flags+0x40/0x40
[ 1230.428060]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1230.433511]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1230.439038]  ? compat_put_timespec64+0x110/0x280
[ 1230.443786]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1230.448531]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1230.453464]  ? trace_hardirqs_on+0xbd/0x310
[ 1230.457778]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.463302]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1230.467873]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1230.473316]  __ia32_sys_sendto+0xdf/0x1a0
[ 1230.477466]  do_fast_syscall_32+0x34d/0xfb2
[ 1230.481784]  ? do_int80_syscall_32+0x890/0x890
[ 1230.486354]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1230.490923]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1230.495927]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1230.500757]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1230.505759]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1230.510764]  ? recalc_sigpending_tsk+0x180/0x180
[ 1230.515505]  ? kasan_check_write+0x14/0x20
[ 1230.519735]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1230.524573]  entry_SYSENTER_compat+0x70/0x7f
[ 1230.528970] RIP: 0023:0xf7f56ca9
[ 1230.532330] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1230.551216] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1230.558911] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1230.566169] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1230.573423] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1230.580677] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1230.587935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:41 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x10002, 0x2)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:41 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x2000000})

15:25:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080)=0xfffffffffffffffd)

[ 1230.626103] Task in /syz4 killed as a result of limit of /syz4
[ 1230.647372] memory: usage 204796kB, limit 204800kB, failcnt 580
[ 1230.659188] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1230.695587] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1230.707213] Memory cgroup stats for /syz4:
[ 1230.713456]  cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:41 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x4}, 0x6)

15:25:41 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080))

15:25:41 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2f, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:41 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x300})

15:25:41 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000440), &(0x7f0000000480)=0x8)
fcntl$notify(r3, 0x402, 0x10)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f00000002c0)={0x9, 0x1})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x1, &(0x7f0000000240)={0xffffffff}, &(0x7f0000000280), 0x8)
socket$inet6(0xa, 0x1000000000002, 0x0)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x1)
unshare(0x40000000)
connect(r2, &(0x7f0000000380)=@pptp={0x18, 0x2, {0x3, @remote}}, 0x80)
fdatasync(r4)
fsetxattr$trusted_overlay_redirect(r4, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x0)
fcntl$setflags(r3, 0x2, 0x0)
write$eventfd(r4, &(0x7f0000000300)=0x1, 0x8)
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000200))
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000340)={0x80, 0x0, 0x3f, 0x3, 0x6, 0xfffffffffffffffc, 0x3, 0x3ff, 0x1f, 0x2})
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000400))
ioctl$FS_IOC_FSGETXATTR(r5, 0x4004550c, &(0x7f0000000100))

[ 1230.740285] Memory cgroup out of memory: Kill process 24142 (syz-executor4) score 161 or sacrifice child
[ 1230.750243] Killed process 24142 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1230.762307] oom_reaper: reaped process 24142 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:41 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x4000, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0xae78, &(0x7f0000000080))
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x44000, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@mcast1, @in=@broadcast}}, {{@in6=@ipv4}, 0x0, @in=@loopback}}, &(0x7f00000001c0)=0xe8)

[ 1230.829277] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1230.863792] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1230.869036] CPU: 0 PID: 24184 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1230.876395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1230.876401] Call Trace:
[ 1230.876426]  dump_stack+0x1c4/0x2b4
[ 1230.876447]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1230.897805]  ? mark_held_locks+0x130/0x130
[ 1230.902043]  ? mark_held_locks+0x130/0x130
[ 1230.902063]  dump_header+0x27b/0xf72
[ 1230.902084]  ? debug_smp_processor_id+0x1c/0x20
[ 1230.914682]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.920236]  ? pagefault_out_of_memory+0x197/0x197
[ 1230.925186]  ? debug_smp_processor_id+0x1c/0x20
[ 1230.929868]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1230.934800]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1230.939742]  ? perf_trace_lock+0x7a0/0x7a0
[ 1230.944012]  ? perf_trace_lock+0x7a0/0x7a0
[ 1230.948243]  ? debug_smp_processor_id+0x1c/0x20
[ 1230.952911]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1230.957831]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1230.963356]  ? perf_trace_lock+0x7a0/0x7a0
[ 1230.967579]  ? task_will_free_mem+0x239/0xb30
[ 1230.972079]  ? ___ratelimit+0x36f/0x655
[ 1230.976127]  ? lock_downgrade+0x900/0x900
[ 1230.980273]  ? trace_hardirqs_on+0xbd/0x310
[ 1230.984584]  ? kasan_check_read+0x11/0x20
[ 1230.988718]  ? ___ratelimit+0x36f/0x655
[ 1230.992685]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1230.998123]  ? trace_hardirqs_on+0x310/0x310
[ 1231.002520]  ? lock_downgrade+0x900/0x900
[ 1231.006668]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1231.011761]  ? ___ratelimit+0xaa/0x655
[ 1231.015636]  ? idr_get_free+0xec0/0xec0
[ 1231.019607]  ? kasan_check_write+0x14/0x20
[ 1231.023827]  ? do_raw_spin_lock+0xc1/0x200
[ 1231.028054]  oom_kill_process.cold.27+0x10/0x903
[ 1231.032799]  ? kasan_check_write+0x14/0x20
[ 1231.037023]  ? do_raw_spin_lock+0xc1/0x200
[ 1231.041261]  ? oom_evaluate_task+0x540/0x540
[ 1231.045677]  ? cgroup_procs_next+0x70/0x70
[ 1231.049916]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1231.054398]  ? oom_badness+0xaa0/0xaa0
[ 1231.058274]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1231.063031]  ? mem_cgroup_iter_break+0x30/0x30
[ 1231.067607]  ? cgroup_file_notify+0x226/0x2f0
[ 1231.072092]  out_of_memory+0xa84/0x1430
[ 1231.076054]  ? kasan_check_read+0x11/0x20
[ 1231.080193]  ? oom_killer_disable+0x3a0/0x3a0
[ 1231.084682]  ? kasan_check_write+0x14/0x20
[ 1231.088907]  ? do_raw_spin_lock+0xc1/0x200
[ 1231.093137]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1231.097980]  ? memcg_memory_event+0x40/0x40
[ 1231.102288]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1231.107215]  ? page_counter_try_charge+0x1c1/0x220
[ 1231.112308]  try_charge+0xc43/0x1690
[ 1231.116019]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1231.122070]  ? tcp_sendmsg+0x2f/0x50
[ 1231.125773]  ? sock_sendmsg+0xd5/0x120
[ 1231.129649]  ? __sys_sendto+0x3d7/0x670
[ 1231.133618]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1231.137932]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1231.142414]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1231.146997]  ? fs_reclaim_acquire+0x20/0x20
[ 1231.151305]  ? lock_downgrade+0x900/0x900
[ 1231.155445]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1231.160972]  ? check_preemption_disabled+0x48/0x200
[ 1231.165977]  ? ___might_sleep+0x1ed/0x300
[ 1231.170113]  ? debug_smp_processor_id+0x1c/0x20
[ 1231.174770]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1231.179694]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1231.184788]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1231.190229]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1231.195757]  ? check_preemption_disabled+0x48/0x200
[ 1231.200784]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1231.205526]  ? mem_cgroup_sk_free+0x90/0x90
[ 1231.209842]  __sk_mem_raise_allocated+0x642/0x1800
[ 1231.214761]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1231.219069]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1231.224595]  ? alloc_pages_current+0x114/0x210
[ 1231.229166]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1231.233826]  ? sock_kzfree_s+0x60/0x60
[ 1231.237703]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1231.242355]  ? tcp_chrono_start+0x190/0x1e0
[ 1231.246752]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1231.251758]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1231.256937]  ? iov_iter_advance+0x1460/0x1460
[ 1231.261433]  __sk_mem_schedule+0x6d/0xe0
[ 1231.265482]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1231.271006]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1231.275503]  ? tcp_sendpage+0x60/0x60
[ 1231.279293]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1231.284813]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1231.289125]  ? aa_profile_af_perm+0x410/0x410
[ 1231.293628]  ? ksys_dup3+0x680/0x680
[ 1231.297337]  ? lock_acquire+0x1ed/0x520
[ 1231.301319]  ? tcp_sendmsg+0x21/0x50
[ 1231.305026]  ? trace_hardirqs_on+0xbd/0x310
[ 1231.309336]  ? lock_release+0x970/0x970
[ 1231.313299]  ? lock_sock_nested+0xe2/0x120
[ 1231.317521]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1231.322959]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1231.328484]  ? check_preemption_disabled+0x48/0x200
[ 1231.333489]  ? lock_sock_nested+0x9a/0x120
[ 1231.337712]  ? lock_sock_nested+0x9a/0x120
[ 1231.342022]  ? __local_bh_enable_ip+0x160/0x260
[ 1231.346681]  tcp_sendmsg+0x2f/0x50
[ 1231.350208]  inet_sendmsg+0x1a1/0x690
[ 1231.353996]  ? ipip_gro_receive+0x100/0x100
[ 1231.358304]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1231.363048]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1231.368573]  ? security_socket_sendmsg+0x94/0xc0
[ 1231.373317]  ? ipip_gro_receive+0x100/0x100
[ 1231.377626]  sock_sendmsg+0xd5/0x120
[ 1231.381334]  __sys_sendto+0x3d7/0x670
[ 1231.385122]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1231.389780]  ? arch_local_save_flags+0x40/0x40
[ 1231.394353]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1231.399804]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1231.405340]  ? compat_put_timespec64+0x110/0x280
[ 1231.410085]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1231.414836]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1231.419758]  ? trace_hardirqs_on+0xbd/0x310
[ 1231.424067]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1231.429592]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1231.434163]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1231.439602]  __ia32_sys_sendto+0xdf/0x1a0
[ 1231.443750]  do_fast_syscall_32+0x34d/0xfb2
[ 1231.448062]  ? do_int80_syscall_32+0x890/0x890
[ 1231.452649]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1231.457218]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1231.462223]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1231.467062]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1231.472068]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1231.477075]  ? recalc_sigpending_tsk+0x180/0x180
[ 1231.481815]  ? kasan_check_write+0x14/0x20
[ 1231.486041]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1231.490874]  entry_SYSENTER_compat+0x70/0x7f
[ 1231.495272] RIP: 0023:0xf7f56ca9
[ 1231.498633] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1231.517519] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1231.525234] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
15:25:41 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x3})

[ 1231.532497] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1231.539753] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1231.547007] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1231.554262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0x5000)

15:25:42 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2c, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1231.585373] Task in /syz4 killed as a result of limit of /syz4
[ 1231.592047] memory: usage 204796kB, limit 204800kB, failcnt 596
[ 1231.613752] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1231.621073] IPVS: ftp: loaded support on port[0] = 21
15:25:42 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd})

15:25:42 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2f000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1231.638634] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1231.658220] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:42 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000})

[ 1231.748730] IPVS: ftp: loaded support on port[0] = 21
[ 1231.793401] Memory cgroup out of memory: Kill process 24183 (syz-executor4) score 161 or sacrifice child
[ 1231.873159] Killed process 24183 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:43 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x765e010000000000}, 0x6)

15:25:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
socket$vsock_dgram(0x28, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffe)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:43 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x4000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:43 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000})

[ 1231.914605] oom_reaper: reaped process 24183 (syz-executor4), now anon-rss:0kB, file-rss:32788kB, shmem-rss:0kB
[ 1231.972999] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1231.993579] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1231.998810] CPU: 1 PID: 24221 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1232.006167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1232.006172] Call Trace:
[ 1232.006195]  dump_stack+0x1c4/0x2b4
[ 1232.006213]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1232.006233]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.006251]  dump_header+0x27b/0xf72
[ 1232.006272]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.040823]  ? pagefault_out_of_memory+0x197/0x197
[ 1232.045742]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.050395]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.055311]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.060226]  ? check_preemption_disabled+0x48/0x200
[ 1232.065229]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.069448]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.073757]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.078413]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.083326]  ? mark_held_locks+0x130/0x130
[ 1232.087551]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.093085]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.097308]  ? task_will_free_mem+0x239/0xb30
[ 1232.101811]  ? ___ratelimit+0x36f/0x655
[ 1232.105859]  ? lock_downgrade+0x900/0x900
[ 1232.109997]  ? trace_hardirqs_on+0xbd/0x310
[ 1232.114322]  ? kasan_check_read+0x11/0x20
[ 1232.118458]  ? ___ratelimit+0x36f/0x655
[ 1232.122420]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1232.127869]  ? trace_hardirqs_on+0x310/0x310
[ 1232.132265]  ? lock_downgrade+0x900/0x900
[ 1232.136404]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1232.141493]  ? ___ratelimit+0xaa/0x655
[ 1232.145368]  ? idr_get_free+0xec0/0xec0
[ 1232.149326]  ? kasan_check_write+0x14/0x20
[ 1232.153551]  ? do_raw_spin_lock+0xc1/0x200
[ 1232.157785]  oom_kill_process.cold.27+0x10/0x903
[ 1232.162526]  ? kasan_check_write+0x14/0x20
[ 1232.166746]  ? do_raw_spin_lock+0xc1/0x200
[ 1232.170970]  ? oom_evaluate_task+0x540/0x540
[ 1232.175369]  ? cgroup_procs_next+0x70/0x70
[ 1232.179599]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1232.184081]  ? oom_badness+0xaa0/0xaa0
[ 1232.187963]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1232.192706]  ? mem_cgroup_iter_break+0x30/0x30
[ 1232.197282]  ? cgroup_file_notify+0x226/0x2f0
[ 1232.201769]  out_of_memory+0xa84/0x1430
[ 1232.205732]  ? kasan_check_read+0x11/0x20
[ 1232.209867]  ? oom_killer_disable+0x3a0/0x3a0
[ 1232.214362]  ? do_raw_spin_lock+0xc1/0x200
[ 1232.218592]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1232.223431]  ? memcg_memory_event+0x40/0x40
[ 1232.227737]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1232.232578]  ? page_counter_try_charge+0x1c1/0x220
[ 1232.237496]  try_charge+0xc43/0x1690
[ 1232.241198]  ? lock_downgrade+0x900/0x900
[ 1232.245341]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1232.251386]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1232.257174]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1232.262700]  ? should_fail+0x22d/0xd01
[ 1232.266583]  ? percpu_ref_tryget_live+0x168/0x460
[ 1232.271410]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1232.276241]  ? lock_downgrade+0x900/0x900
[ 1232.280373]  ? lock_release+0x970/0x970
[ 1232.284339]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1232.290126]  ? __kernel_text_address+0xd/0x40
[ 1232.294611]  ? __save_stack_trace+0x8d/0xf0
[ 1232.298925]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1232.303753]  ? fs_reclaim_acquire+0x20/0x20
[ 1232.308067]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1232.312725]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1232.317207]  ? entry_INT80_compat+0x74/0x7e
[ 1232.321523]  memcg_kmem_charge+0x135/0x300
[ 1232.325748]  __alloc_pages_nodemask+0x72e/0xde0
[ 1232.330404]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1232.335409]  ? percpu_ref_put_many+0x13e/0x260
[ 1232.339974]  ? trace_hardirqs_on+0xbd/0x310
[ 1232.344284]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1232.349632]  ? kasan_kmalloc+0xc7/0xe0
[ 1232.353507]  ? kasan_slab_alloc+0x12/0x20
[ 1232.357640]  ? kmem_cache_alloc_node+0x303/0x730
[ 1232.362382]  ? kasan_check_write+0x14/0x20
[ 1232.366603]  ? do_raw_spin_lock+0xc1/0x200
[ 1232.370827]  copy_process+0xa09/0x8780
[ 1232.374715]  ? rb_erase+0x3710/0x3710
[ 1232.378501]  ? put_prev_task_fair+0x80/0x80
[ 1232.382810]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.388341]  ? check_preemption_disabled+0x48/0x200
[ 1232.393348]  ? native_load_gs_index+0x10/0x30
[ 1232.397831]  ? __account_cfs_rq_runtime+0x790/0x790
[ 1232.402839]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.407497]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.412425]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.417952]  ? check_preemption_disabled+0x48/0x200
[ 1232.422957]  ? __cleanup_sighand+0x70/0x70
[ 1232.427180]  ? bio_cur_bytes+0x1e0/0x1e0
[ 1232.431231]  ? mark_held_locks+0x130/0x130
[ 1232.435454]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.440990]  ? check_preemption_disabled+0x48/0x200
[ 1232.446003]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.450658]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.455579]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.461103]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.465349]  ? mark_held_locks+0x130/0x130
[ 1232.469578]  ? mark_held_locks+0x130/0x130
[ 1232.473798]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.478024]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.482681]  ? mark_held_locks+0x130/0x130
[ 1232.486923]  ? check_preemption_disabled+0x48/0x200
[ 1232.491925]  ? blk_init_request_from_bio+0x3c0/0x3c0
[ 1232.497016]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.501670]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.506585]  ? mark_held_locks+0x130/0x130
[ 1232.510809]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.516343]  ? check_preemption_disabled+0x48/0x200
[ 1232.521348]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.526005]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.530923]  ? mark_held_locks+0x130/0x130
[ 1232.535144]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.539371]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1232.544375]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1232.549118]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.554642]  ? check_preemption_disabled+0x48/0x200
[ 1232.559649]  ? debug_smp_processor_id+0x1c/0x20
[ 1232.564313]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1232.569227]  ? lock_downgrade+0x900/0x900
[ 1232.573365]  ? perf_trace_lock+0x7a0/0x7a0
[ 1232.577586]  ? change_protection+0x1718/0x29a0
[ 1232.582170]  ? lock_downgrade+0x900/0x900
[ 1232.586313]  ? kasan_check_read+0x11/0x20
[ 1232.590452]  ? ___might_sleep+0x1ed/0x300
[ 1232.594585]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1232.599151]  ? arch_local_save_flags+0x40/0x40
[ 1232.603721]  ? kasan_check_write+0x14/0x20
[ 1232.607945]  ? do_raw_spin_lock+0xc1/0x200
[ 1232.612185]  ? perf_iterate_sb+0x189/0xc60
[ 1232.616407]  ? lock_downgrade+0x900/0x900
[ 1232.620554]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1232.626343]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.631870]  ? check_preemption_disabled+0x48/0x200
[ 1232.636883]  ? perf_iterate_sb+0x1b0/0xc60
[ 1232.641102]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1232.646020]  ? perf_event_comm_output+0x750/0x750
[ 1232.650849]  ? find_get_context.isra.94+0x730/0x730
[ 1232.655861]  ? validate_mm+0x386/0x630
[ 1232.659736]  ? lock_downgrade+0x900/0x900
[ 1232.663873]  ? kasan_check_read+0x11/0x20
[ 1232.668019]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1232.672421]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1232.676994]  ? kfree+0x1bf/0x230
[ 1232.680347]  ? perf_event_mmap+0x134/0x1350
[ 1232.684664]  ? perf_event_fork+0x30/0x30
[ 1232.688720]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.694244]  ? vma_set_page_prot+0x243/0x320
[ 1232.698639]  ? vma_wants_writenotify+0x510/0x510
[ 1232.703380]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1232.707692]  _do_fork+0x1cb/0x11d0
[ 1232.711225]  ? fork_idle+0x1d0/0x1d0
[ 1232.714925]  ? up_write+0x7b/0x220
[ 1232.718449]  ? up_read+0x110/0x110
[ 1232.721974]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1232.727497]  ? apparmor_file_mprotect+0xde/0x110
[ 1232.732238]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1232.737767]  ? security_file_mprotect+0x94/0xc0
[ 1232.742445]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1232.746756]  ? trace_hardirqs_off+0xb8/0x310
[ 1232.751152]  ? mprotect_fixup+0xc60/0xc60
[ 1232.755286]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1232.759859]  ? trace_hardirqs_on+0x310/0x310
[ 1232.764339]  ? trace_hardirqs_on+0xbd/0x310
[ 1232.768659]  ? entry_INT80_compat+0x74/0x7e
[ 1232.772983]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1232.778422]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1232.783427]  do_int80_syscall_32+0x1fe/0x890
[ 1232.787820]  ? entry_INT80_compat+0x6c/0x7e
[ 1232.792126]  ? do_syscall_64+0x820/0x820
[ 1232.796173]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1232.801004]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1232.806010]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1232.811019]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1232.815850]  entry_INT80_compat+0x74/0x7e
[ 1232.819985] RIP: 0023:0x8081a44
[ 1232.823265] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1232.842152] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1232.849848] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1232.857103] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1232.864357] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1232.871609] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1232.878865] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1232.913023] Task in /syz4 killed as a result of limit of /syz4
[ 1232.939291] memory: usage 204728kB, limit 204800kB, failcnt 637
[ 1232.963129] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1232.978423] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1233.000113] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1233.023451] Memory cgroup out of memory: Kill process 24221 (syz-executor4) score 160 or sacrifice child
[ 1233.034722] Killed process 24221 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1233.045819] oom_reaper: reaped process 24221 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:44 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})

15:25:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000080)=0xcf5)

15:25:44 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2f00000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140)=<r3=>0x0)
r4 = perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x70, 0x2, 0x5, 0xb676, 0x5, 0x0, 0xb8a800, 0x28, 0x4, 0xff, 0x9, 0xffffffff, 0x3, 0x3, 0x9, 0x6, 0x7, 0x1000, 0x4, 0x4, 0xffffffff, 0x27, 0x9, 0x80000000, 0x5, 0x3, 0xa0, 0x8000, 0xffff, 0x2, 0x5, 0x2, 0x9, 0x35e, 0x9, 0x2209, 0x80, 0x0, 0x7, 0x5, @perf_bp={&(0x7f0000000180), 0xc}, 0x4000, 0xf82, 0x3, 0x7, 0x2, 0x6, 0x3ff}, r2, 0x9, 0xffffffffffffffff, 0x4)
perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x7ff, 0x9, 0xcc6, 0x7f, 0x0, 0x20, 0x210, 0x4, 0x613f, 0x7, 0x6, 0x9b, 0x80, 0x1a9d, 0xff, 0x9, 0x1f, 0x8, 0x3, 0x8, 0x0, 0x574, 0xffffffff, 0x81, 0x1, 0x9, 0x80000001, 0x5ef, 0x6, 0x80000001, 0x800, 0x8, 0x5, 0x2, 0x20, 0x2, 0x0, 0x1b6, 0x4, @perf_bp={&(0x7f0000000080), 0x5}, 0x28000, 0x8, 0xfffffffffffffffb, 0x3, 0x1, 0x1, 0x5}, r3, 0x1, r4, 0x8)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000240)={0x2, 0xffffffffffffff9c})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_VL_CLR(r5, 0x7014)

15:25:44 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x0, 0x4800)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:44 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x4000000000000000}, 0x6)

15:25:44 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2900, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:44 executing program 5:
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="a85c25519f84e38dba96110e4435479f25d4b93b2b88710d1a000b6b31f1abaf0c0e4fbfcaae901537d067dbeb3ba74ff747eee2838a2623d14834adc3ac53ac7fcd6a41b70b72f29afaf823d98b823aa55af92daa9a09b6bc75a86a4630cb509f6fe9571a6f1d2dea5e5d97dfa52e373973b7ea20c8acc9894da67d5990ded5a9da94016d9d8df995f190911a460d91975d6aa8568c645295989b8aff15ed37a8302cdbd3943b80b4761cd591b4c2ee5d8b1657ac6c209607c39e6ea7bfcc2316551dcc0452ae809a04354a13f4c7c697233eaa5cabccddb939db15f94fda7b2d1495985fced4e275d50c1c", 0xec}, {&(0x7f0000000080)="759fad47", 0x4}], 0x2)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100))
ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0x4920)

15:25:44 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff})

15:25:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x10000})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:44 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x3c00, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:44 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x2})
write$P9_RRENAMEAT(r0, &(0x7f0000000000)={0x7, 0x4b, 0x1}, 0x7)
write$binfmt_misc(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="73797a3091e47c78d76c09d13ac572c6f14276e9685822b0f144e4e88db63ba10471ca23dff05648fd4faa3194ea58851b0c16b5884e5c92aef5765be7f0b745698ff1237b737a984f9842c51194abfbf7ee1b1d713fc5921b80d334c951f4bce15444c768c934f51363da716e001edd35715744dc72a39ac48be4809afa6a7c885098fcc40aaaeb8e0be0949c841834d4be786d7bef412011c990e4689a53db5f9b9f0269354b031840d0b660f53714cea136ab8f9f3e814d5e87b7026e069974ef2fc1c5eab578dc173eaa21ab998dd629555660f9"], 0xd6)

15:25:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f000001bfc8)={&(0x7f0000016000)={0x10, 0x6503}, 0xc, &(0x7f000000b000)={&(0x7f0000000a00)=@setlink={0x28, 0x13, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_XDP={0x8, 0x2b, [@nested={0x4, 0x3}]}]}, 0x28}}, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1233.807344] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1233.837187] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1233.851917] CPU: 1 PID: 24242 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1233.859303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1233.868650] Call Trace:
[ 1233.868673]  dump_stack+0x1c4/0x2b4
[ 1233.868690]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1233.875047]  ? debug_smp_processor_id+0x1c/0x20
[ 1233.875064]  dump_header+0x27b/0xf72
[ 1233.875087]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1233.884904]  ? pagefault_out_of_memory+0x197/0x197
[ 1233.894558]  ? debug_smp_processor_id+0x1c/0x20
[ 1233.894573]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1233.894585]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1233.894602]  ? perf_trace_lock+0x7a0/0x7a0
[ 1233.918355]  ? perf_trace_lock+0x7a0/0x7a0
[ 1233.922579]  ? debug_smp_processor_id+0x1c/0x20
[ 1233.927242]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1233.932156]  ? mark_held_locks+0x130/0x130
[ 1233.936376]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1233.941900]  ? perf_trace_lock+0x7a0/0x7a0
[ 1233.946123]  ? task_will_free_mem+0x239/0xb30
[ 1233.950614]  ? ___ratelimit+0x36f/0x655
[ 1233.954580]  ? lock_downgrade+0x900/0x900
[ 1233.958719]  ? trace_hardirqs_on+0xbd/0x310
[ 1233.963023]  ? kasan_check_read+0x11/0x20
[ 1233.967157]  ? ___ratelimit+0x36f/0x655
[ 1233.971119]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1233.976555]  ? trace_hardirqs_on+0x310/0x310
[ 1233.980951]  ? lock_downgrade+0x900/0x900
[ 1233.985088]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1233.990193]  ? ___ratelimit+0xaa/0x655
[ 1233.994071]  ? idr_get_free+0xec0/0xec0
[ 1233.998029]  ? kasan_check_write+0x14/0x20
[ 1234.002260]  ? do_raw_spin_lock+0xc1/0x200
[ 1234.006484]  oom_kill_process.cold.27+0x10/0x903
[ 1234.011224]  ? kasan_check_write+0x14/0x20
[ 1234.015452]  ? do_raw_spin_lock+0xc1/0x200
[ 1234.019678]  ? oom_evaluate_task+0x540/0x540
[ 1234.024073]  ? cgroup_procs_next+0x70/0x70
[ 1234.028296]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1234.032774]  ? oom_badness+0xaa0/0xaa0
[ 1234.036650]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1234.041394]  ? mem_cgroup_iter_break+0x30/0x30
[ 1234.045968]  ? cgroup_file_notify+0x226/0x2f0
[ 1234.050455]  out_of_memory+0xa84/0x1430
[ 1234.054414]  ? kasan_check_read+0x11/0x20
[ 1234.058558]  ? oom_killer_disable+0x3a0/0x3a0
[ 1234.063041]  ? kasan_check_write+0x14/0x20
[ 1234.067262]  ? do_raw_spin_lock+0xc1/0x200
[ 1234.071604]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1234.076440]  ? memcg_memory_event+0x40/0x40
[ 1234.080760]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1234.085504]  ? page_counter_try_charge+0x1c1/0x220
[ 1234.090428]  try_charge+0xc43/0x1690
[ 1234.094134]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1234.099228]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1234.105273]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1234.110099]  ? lock_downgrade+0x900/0x900
[ 1234.114234]  ? lock_release+0x970/0x970
[ 1234.118203]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1234.123990]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1234.129446]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1234.134278]  ? mem_cgroup_can_attach+0x580/0x580
[ 1234.139023]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.144550]  ? check_preemption_disabled+0x48/0x200
[ 1234.149558]  ? __might_sleep+0x95/0x190
[ 1234.153522]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1234.158093]  ? mem_cgroup_protected+0xa60/0xa60
[ 1234.162760]  ? mark_held_locks+0x130/0x130
[ 1234.166989]  ? css_next_child+0x1c3/0x620
[ 1234.171126]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.176652]  ? check_preemption_disabled+0x48/0x200
[ 1234.181653]  ? mark_held_locks+0x130/0x130
[ 1234.185883]  ? debug_smp_processor_id+0x1c/0x20
[ 1234.190538]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1234.195461]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1234.200988]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1234.205904]  wp_page_copy+0x46c/0x14f0
[ 1234.209779]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.215305]  ? follow_pfn+0x2e0/0x2e0
[ 1234.219099]  ? perf_trace_lock+0x7a0/0x7a0
[ 1234.223321]  ? do_wp_page+0x76c/0x1390
[ 1234.227199]  ? lock_downgrade+0x900/0x900
[ 1234.231333]  ? kasan_check_read+0x11/0x20
[ 1234.235475]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1234.239869]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1234.244436]  ? __pte_alloc_kernel+0x220/0x220
[ 1234.248924]  do_wp_page+0x774/0x1390
[ 1234.252630]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1234.257287]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1234.261853]  ? lock_downgrade+0x900/0x900
[ 1234.266075]  ? lock_release+0x970/0x970
[ 1234.270034]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.275557]  ? check_preemption_disabled+0x48/0x200
[ 1234.280559]  ? kasan_check_read+0x11/0x20
[ 1234.284703]  ? pmd_val+0x88/0x100
[ 1234.288156]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1234.293683]  ? kasan_check_write+0x14/0x20
[ 1234.297914]  ? do_raw_spin_lock+0xc1/0x200
[ 1234.302142]  __handle_mm_fault+0x2c60/0x53e0
[ 1234.306563]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1234.311398]  ? debug_smp_processor_id+0x1c/0x20
[ 1234.316063]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1234.320989]  ? lock_acquire+0x1ed/0x520
[ 1234.324952]  ? handle_mm_fault+0x42a/0xc70
[ 1234.329175]  ? lock_downgrade+0x900/0x900
[ 1234.333315]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1234.339103]  ? __do_page_fault+0x67d/0xed0
[ 1234.343323]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1234.348762]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1234.354287]  ? check_preemption_disabled+0x48/0x200
[ 1234.359291]  handle_mm_fault+0x54f/0xc70
[ 1234.363340]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1234.367908]  ? find_vma+0x34/0x190
[ 1234.371433]  __do_page_fault+0x67d/0xed0
[ 1234.375482]  ? mm_fault_error+0x380/0x380
[ 1234.379617]  ? trace_hardirqs_on+0x310/0x310
[ 1234.384014]  do_page_fault+0xf2/0x7e0
[ 1234.387799]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.393324]  ? vmalloc_sync_all+0x30/0x30
[ 1234.397457]  ? error_entry+0x70/0xd0
[ 1234.401160]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1234.406171]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1234.411087]  ? do_syscall_64+0x820/0x820
[ 1234.415136]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1234.419968]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1234.424969]  ? trace_hardirqs_off+0x310/0x310
[ 1234.429451]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.434986]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1234.439986]  ? page_fault+0x8/0x30
[ 1234.443513]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1234.448342]  ? page_fault+0x8/0x30
[ 1234.451868]  page_fault+0x1e/0x30
[ 1234.455310] RIP: 0023:0x8051180
[ 1234.458576] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1234.477461] RSP: 002b:000000000845fba0 EFLAGS: 00010246
[ 1234.482809] RAX: 00000000a5e11afb RBX: 0000000000001afb RCX: 0000000000000000
[ 1234.490063] RDX: 00000000a5e11afb RSI: 000000000000000f RDI: 000000000000000f
[ 1234.497316] RBP: 00000000a5e11aff R08: 0000000000000000 R09: 0000000000000000
15:25:45 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x183002)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
write$P9_RATTACH(r0, &(0x7f0000000000)={0x14, 0x69, 0x1, {0x20, 0x3, 0x7}}, 0x14)

15:25:45 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1234.504571] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1234.511822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1234.545294] netlink: 'syz-executor1': attribute type 3 has an invalid length.
15:25:45 executing program 5:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x43ffd, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f0000000140)=""/141, &(0x7f0000000040)=0x8d)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100))
setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000000)=0x1, 0x1)
write$P9_ROPEN(r1, &(0x7f0000000200)={0x18, 0x71, 0x2, {{0x4, 0x1, 0x6}, 0x100000001}}, 0x18)

15:25:45 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x54200, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0x9, 0x2, 0x4, 0x1, 0x10001})
socket$inet6(0xa, 0x806, 0x9)

[ 1234.590417] netlink: 'syz-executor1': attribute type 3 has an invalid length.
[ 1234.602910] Task in /syz4 killed as a result of limit of /syz4
[ 1234.609360] memory: usage 204800kB, limit 204800kB, failcnt 668
[ 1234.633251] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1234.663632] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1234.682943] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:136KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:45 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa00000000000000}, 0x6)

15:25:45 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x89ffffff00000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f0000000080)={0x2, {{0xa, 0x4e23, 0xffffffff, @local, 0x2}}}, 0x84)

15:25:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x4, 0x20000)
ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f00000000c0))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:45 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
r1 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x90d, 0x400000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a45323, &(0x7f0000000000)={{0x1, 0x20}, 'port1\x00', 0x3, 0x21840, 0x2, 0x3ba8, 0x0, 0x0, 0x6174, 0x0, 0x4, 0x1})
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={<r2=>0x0, @in={{0x2, 0x4e23, @broadcast}}, 0xfffffffffffff800, 0x10001, 0x7fff, 0x80000000}, &(0x7f0000000240)=0x98)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000340)={r2, 0x43, "c4011f0c8a0fb332728b3f711fc30bdf83d6458e654832910553f3e49b30dab46f44e08d012473dc4368727e4c1722e2be1b198b8cb963cb25600f802928c66c99f1ac"}, &(0x7f0000000300)=0x4b)

[ 1234.739258] Memory cgroup out of memory: Kill process 24242 (syz-executor4) score 160 or sacrifice child
[ 1234.757389] Killed process 24242 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1234.768828] oom_reaper: reaped process 24242 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:45 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x80340, 0x0)

15:25:45 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x300000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1234.860042] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1234.897162] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1234.919338] CPU: 0 PID: 24305 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1234.926752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1234.936199] Call Trace:
[ 1234.938796]  dump_stack+0x1c4/0x2b4
[ 1234.942435]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1234.947644]  ? debug_smp_processor_id+0x1c/0x20
[ 1234.952324]  dump_header+0x27b/0xf72
[ 1234.956072]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1234.961618]  ? pagefault_out_of_memory+0x197/0x197
[ 1234.966566]  ? debug_smp_processor_id+0x1c/0x20
[ 1234.971243]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1234.976178]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1234.981124]  ? perf_trace_lock+0x7a0/0x7a0
[ 1234.985369]  ? perf_trace_lock+0x7a0/0x7a0
[ 1234.989628]  ? debug_smp_processor_id+0x1c/0x20
[ 1234.994309]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1234.999245]  ? mark_held_locks+0x130/0x130
[ 1235.003507]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.003525]  ? perf_trace_lock+0x7a0/0x7a0
[ 1235.003539]  ? task_will_free_mem+0x239/0xb30
[ 1235.003561]  ? ___ratelimit+0x36f/0x655
[ 1235.003577]  ? lock_downgrade+0x900/0x900
[ 1235.013326]  ? trace_hardirqs_on+0xbd/0x310
[ 1235.013338]  ? kasan_check_read+0x11/0x20
[ 1235.013358]  ? ___ratelimit+0x36f/0x655
[ 1235.013372]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1235.013390]  ? trace_hardirqs_on+0x310/0x310
[ 1235.048273]  ? lock_downgrade+0x900/0x900
[ 1235.052436]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1235.057553]  ? ___ratelimit+0xaa/0x655
[ 1235.061449]  ? idr_get_free+0xec0/0xec0
[ 1235.065422]  ? kasan_check_write+0x14/0x20
[ 1235.069664]  ? do_raw_spin_lock+0xc1/0x200
[ 1235.073907]  oom_kill_process.cold.27+0x10/0x903
[ 1235.078673]  ? kasan_check_write+0x14/0x20
[ 1235.082922]  ? do_raw_spin_lock+0xc1/0x200
[ 1235.087165]  ? oom_evaluate_task+0x540/0x540
[ 1235.091586]  ? cgroup_procs_next+0x70/0x70
[ 1235.095828]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1235.100319]  ? oom_badness+0xaa0/0xaa0
[ 1235.104215]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1235.108980]  ? mem_cgroup_iter_break+0x30/0x30
[ 1235.113579]  ? cgroup_file_notify+0x226/0x2f0
15:25:46 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x84, r1, 0x8, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x14}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x16e7}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7ff}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x48000}, 0x20000000)

15:25:46 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x8000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:46 executing program 2:
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000040)={{0xa, 0x4e22, 0x4, @local, 0x3}, {0xa, 0x4e24, 0x9, @mcast1, 0x101}, 0x4, [0xfffffffffffff001, 0x9, 0x0, 0x5, 0x0, 0x9, 0x12, 0x4]}, 0x5c)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x800000a0, 0x0, 0xfffffffffffffffd})

[ 1235.118084]  out_of_memory+0xa84/0x1430
[ 1235.122067]  ? kasan_check_read+0x11/0x20
[ 1235.126226]  ? oom_killer_disable+0x3a0/0x3a0
[ 1235.130835]  ? kasan_check_write+0x14/0x20
[ 1235.135073]  ? do_raw_spin_lock+0xc1/0x200
[ 1235.139318]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1235.144173]  ? memcg_memory_event+0x40/0x40
[ 1235.148503]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1235.153273]  ? page_counter_try_charge+0x1c1/0x220
[ 1235.158207]  try_charge+0xc43/0x1690
[ 1235.161928]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1235.167033]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1235.167046]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1235.167063]  ? lock_downgrade+0x900/0x900
[ 1235.167076]  ? lock_release+0x970/0x970
[ 1235.167091]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1235.167106]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1235.167130]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1235.167143]  ? mem_cgroup_can_attach+0x580/0x580
[ 1235.167157]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.167172]  ? check_preemption_disabled+0x48/0x200
[ 1235.167189]  ? __might_sleep+0x95/0x190
[ 1235.167206]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1235.167223]  ? mem_cgroup_protected+0xa60/0xa60
[ 1235.167237]  ? mark_held_locks+0x130/0x130
[ 1235.167260]  ? css_next_child+0x1c3/0x620
[ 1235.167272]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.167289]  ? check_preemption_disabled+0x48/0x200
[ 1235.249508]  ? mark_held_locks+0x130/0x130
[ 1235.253733]  ? debug_smp_processor_id+0x1c/0x20
[ 1235.258385]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1235.263303]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1235.268840]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1235.273756]  wp_page_copy+0x46c/0x14f0
[ 1235.277631]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.283159]  ? follow_pfn+0x2e0/0x2e0
[ 1235.286945]  ? perf_trace_lock+0x7a0/0x7a0
[ 1235.291166]  ? do_wp_page+0x76c/0x1390
[ 1235.295040]  ? lock_downgrade+0x900/0x900
[ 1235.299175]  ? kasan_check_read+0x11/0x20
[ 1235.303308]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1235.307710]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1235.312279]  ? __pte_alloc_kernel+0x220/0x220
[ 1235.316777]  do_wp_page+0x774/0x1390
[ 1235.320483]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1235.325143]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1235.329715]  ? lock_downgrade+0x900/0x900
[ 1235.333859]  ? lock_release+0x970/0x970
[ 1235.337820]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.343354]  ? check_preemption_disabled+0x48/0x200
[ 1235.348353]  ? kasan_check_read+0x11/0x20
[ 1235.352484]  ? pmd_val+0x88/0x100
[ 1235.355925]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1235.361449]  ? kasan_check_write+0x14/0x20
[ 1235.365684]  ? do_raw_spin_lock+0xc1/0x200
[ 1235.369915]  __handle_mm_fault+0x2c60/0x53e0
[ 1235.374314]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1235.379151]  ? debug_smp_processor_id+0x1c/0x20
[ 1235.383807]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1235.388743]  ? lock_acquire+0x1ed/0x520
[ 1235.392705]  ? handle_mm_fault+0x42a/0xc70
[ 1235.396927]  ? lock_downgrade+0x900/0x900
[ 1235.401064]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1235.406849]  ? __do_page_fault+0x67d/0xed0
[ 1235.411072]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1235.416601]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1235.422211]  ? check_preemption_disabled+0x48/0x200
[ 1235.427219]  handle_mm_fault+0x54f/0xc70
[ 1235.431268]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1235.435840]  ? find_vma+0x34/0x190
[ 1235.439370]  __do_page_fault+0x67d/0xed0
[ 1235.443423]  ? mm_fault_error+0x380/0x380
[ 1235.447644]  ? trace_hardirqs_on+0x310/0x310
[ 1235.452042]  do_page_fault+0xf2/0x7e0
[ 1235.455827]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.461351]  ? vmalloc_sync_all+0x30/0x30
[ 1235.465488]  ? error_entry+0x70/0xd0
[ 1235.469190]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1235.474200]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1235.479124]  ? do_syscall_64+0x820/0x820
[ 1235.483171]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1235.488001]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1235.493114]  ? trace_hardirqs_off+0x310/0x310
[ 1235.497605]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1235.503129]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1235.508128]  ? page_fault+0x8/0x30
[ 1235.511655]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1235.516483]  ? page_fault+0x8/0x30
[ 1235.520008]  page_fault+0x1e/0x30
[ 1235.523449] RIP: 0023:0x8051180
[ 1235.526714] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1235.545688] RSP: 002b:000000000845fba0 EFLAGS: 00010246
[ 1235.551049] RAX: 000000008978b5dc RBX: 00000000000015dc RCX: 0000000000000000
[ 1235.558321] RDX: 000000008978b5dc RSI: 000000000000000d RDI: 000000000000000d
[ 1235.565609] RBP: 000000008978b5e0 R08: 0000000000000000 R09: 0000000000000000
[ 1235.572865] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1235.580131] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:46 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000000)={0x4, {0x2, 0x4e22, @multicast2}, {0x2, 0x4e20, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, 0x8, 0x10000, 0x37b, 0x1, 0x95b, 0x0, 0x9, 0x8, 0x8})
setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000140)={0x9, {{0xa, 0x4e23, 0x100000001, @loopback}}}, 0x84)

15:25:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
select(0x40, &(0x7f0000000080)={0x80000001, 0x6, 0x3, 0x401, 0x1, 0x6, 0x8ef, 0x401}, &(0x7f00000000c0)={0x4, 0x5, 0x20, 0x9, 0x5, 0x7fff, 0x4}, &(0x7f0000000100)={0x8, 0x692a, 0x80000001, 0x6, 0x0, 0x2, 0x2e, 0x80000000}, &(0x7f0000000140))

[ 1235.630730] Task in /syz4 killed as a result of limit of /syz4
[ 1235.684834] memory: usage 204796kB, limit 204800kB, failcnt 698
[ 1235.690943] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1235.698249] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1235.704448] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1235.733768] Memory cgroup out of memory: Kill process 24305 (syz-executor4) score 160 or sacrifice child
[ 1235.769397] Killed process 24305 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1235.783593] oom_reaper: reaped process 24305 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:46 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xe00}, 0x6)

15:25:46 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40001000003, 0x44)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:46 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x29000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x1, 0x0)

15:25:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x10000, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200, 0x0)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000100)=0x9)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000180))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
r3 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x100000000, 0x18000)
ioctl$RNDZAPENTCNT(r3, 0x5204, &(0x7f00000000c0)=0x80)

15:25:46 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x800000a0, 0x0, 0x0, 0x4, 0x1})

15:25:47 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xe020000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1235.919488] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
15:25:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc8001, 0x100)
ioctl$DRM_IOCTL_ADD_MAP(r2, 0xc0186415, &(0x7f00000000c0)={&(0x7f0000fff000/0x1000)=nil, 0x6, 0x1, 0x10, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1235.978364] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1236.013973] CPU: 0 PID: 24353 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1236.021383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1236.030740] Call Trace:
[ 1236.033336]  dump_stack+0x1c4/0x2b4
[ 1236.036973]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1236.042172]  ? debug_smp_processor_id+0x1c/0x20
[ 1236.046853]  dump_header+0x27b/0xf72
[ 1236.050667]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.056211]  ? pagefault_out_of_memory+0x197/0x197
[ 1236.061145]  ? debug_smp_processor_id+0x1c/0x20
[ 1236.065807]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1236.070724]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1236.075646]  ? perf_trace_lock+0x7a0/0x7a0
[ 1236.079865]  ? perf_trace_lock+0x7a0/0x7a0
[ 1236.084088]  ? debug_smp_processor_id+0x1c/0x20
[ 1236.088745]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1236.093658]  ? mark_held_locks+0x130/0x130
[ 1236.097878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.103402]  ? perf_trace_lock+0x7a0/0x7a0
[ 1236.107624]  ? task_will_free_mem+0x239/0xb30
[ 1236.112113]  ? ___ratelimit+0x36f/0x655
[ 1236.116075]  ? lock_downgrade+0x900/0x900
[ 1236.120211]  ? trace_hardirqs_on+0xbd/0x310
[ 1236.124518]  ? kasan_check_read+0x11/0x20
[ 1236.128657]  ? ___ratelimit+0x36f/0x655
[ 1236.132618]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1236.138056]  ? trace_hardirqs_on+0x310/0x310
[ 1236.142449]  ? lock_downgrade+0x900/0x900
[ 1236.146588]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1236.151676]  ? ___ratelimit+0xaa/0x655
[ 1236.155553]  ? idr_get_free+0xec0/0xec0
[ 1236.159523]  ? kasan_check_write+0x14/0x20
[ 1236.163748]  ? do_raw_spin_lock+0xc1/0x200
[ 1236.167974]  oom_kill_process.cold.27+0x10/0x903
[ 1236.172716]  ? kasan_check_write+0x14/0x20
[ 1236.176940]  ? do_raw_spin_lock+0xc1/0x200
[ 1236.181166]  ? oom_evaluate_task+0x540/0x540
[ 1236.185562]  ? cgroup_procs_next+0x70/0x70
[ 1236.189784]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1236.194273]  ? oom_badness+0xaa0/0xaa0
[ 1236.198148]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1236.202904]  ? mem_cgroup_iter_break+0x30/0x30
[ 1236.207478]  ? cgroup_file_notify+0x226/0x2f0
[ 1236.211963]  out_of_memory+0xa84/0x1430
[ 1236.215929]  ? kasan_check_read+0x11/0x20
[ 1236.220063]  ? oom_killer_disable+0x3a0/0x3a0
[ 1236.224545]  ? kasan_check_write+0x14/0x20
[ 1236.228855]  ? do_raw_spin_lock+0xc1/0x200
[ 1236.233082]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1236.237923]  ? memcg_memory_event+0x40/0x40
[ 1236.242232]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1236.246983]  ? page_counter_try_charge+0x1c1/0x220
[ 1236.251900]  try_charge+0xc43/0x1690
[ 1236.255612]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1236.260704]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1236.266745]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1236.271574]  ? lock_downgrade+0x900/0x900
[ 1236.275708]  ? lock_release+0x970/0x970
[ 1236.279670]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1236.285456]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1236.290907]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1236.295736]  ? mem_cgroup_can_attach+0x580/0x580
[ 1236.300475]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.306001]  ? check_preemption_disabled+0x48/0x200
[ 1236.311005]  ? __might_sleep+0x95/0x190
[ 1236.314967]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1236.319539]  ? mem_cgroup_protected+0xa60/0xa60
[ 1236.324197]  ? mark_held_locks+0x130/0x130
[ 1236.328435]  ? css_next_child+0x1c3/0x620
[ 1236.332571]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.338096]  ? check_preemption_disabled+0x48/0x200
[ 1236.343103]  ? mark_held_locks+0x130/0x130
[ 1236.347326]  ? debug_smp_processor_id+0x1c/0x20
[ 1236.351980]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1236.356899]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1236.362427]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1236.367342]  wp_page_copy+0x46c/0x14f0
[ 1236.371214]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.376754]  ? follow_pfn+0x2e0/0x2e0
[ 1236.380542]  ? perf_trace_lock+0x7a0/0x7a0
[ 1236.384773]  ? do_wp_page+0x76c/0x1390
[ 1236.388648]  ? lock_downgrade+0x900/0x900
[ 1236.392784]  ? kasan_check_read+0x11/0x20
[ 1236.396917]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1236.401312]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1236.405881]  ? __pte_alloc_kernel+0x220/0x220
[ 1236.410372]  do_wp_page+0x774/0x1390
[ 1236.414079]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1236.418737]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1236.423306]  ? lock_downgrade+0x900/0x900
[ 1236.427442]  ? lock_release+0x970/0x970
[ 1236.431410]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.436933]  ? check_preemption_disabled+0x48/0x200
[ 1236.441931]  ? kasan_check_read+0x11/0x20
[ 1236.446066]  ? pmd_val+0x88/0x100
[ 1236.449516]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1236.455050]  ? kasan_check_write+0x14/0x20
[ 1236.459282]  ? do_raw_spin_lock+0xc1/0x200
[ 1236.463524]  __handle_mm_fault+0x2c60/0x53e0
[ 1236.467933]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1236.472766]  ? debug_smp_processor_id+0x1c/0x20
[ 1236.477420]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1236.482345]  ? lock_acquire+0x1ed/0x520
[ 1236.486311]  ? handle_mm_fault+0x42a/0xc70
[ 1236.490531]  ? lock_downgrade+0x900/0x900
[ 1236.494669]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1236.500455]  ? __do_page_fault+0x67d/0xed0
[ 1236.504678]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1236.510112]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1236.515637]  ? check_preemption_disabled+0x48/0x200
[ 1236.520646]  handle_mm_fault+0x54f/0xc70
[ 1236.524697]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1236.529268]  ? find_vma+0x34/0x190
[ 1236.532795]  __do_page_fault+0x67d/0xed0
[ 1236.536856]  ? mm_fault_error+0x380/0x380
[ 1236.541001]  ? trace_hardirqs_on+0x310/0x310
[ 1236.545399]  do_page_fault+0xf2/0x7e0
[ 1236.549203]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.554731]  ? vmalloc_sync_all+0x30/0x30
[ 1236.558865]  ? error_entry+0x70/0xd0
[ 1236.562568]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1236.567570]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1236.572487]  ? do_syscall_64+0x820/0x820
[ 1236.576540]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1236.581373]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1236.586375]  ? trace_hardirqs_off+0x310/0x310
[ 1236.590859]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1236.596383]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1236.601383]  ? page_fault+0x8/0x30
[ 1236.604910]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1236.609738]  ? page_fault+0x8/0x30
[ 1236.613263]  page_fault+0x1e/0x30
[ 1236.616703] RIP: 0023:0x8051180
[ 1236.619973] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1236.638861] RSP: 002b:000000000845fba0 EFLAGS: 00010246
[ 1236.644209] RAX: 00000000a5e11afb RBX: 0000000000001afb RCX: 0000000000000000
[ 1236.651469] RDX: 00000000a5e11afb RSI: 000000000000000f RDI: 000000000000000f
[ 1236.658728] RBP: 00000000a5e11aff R08: 0000000000000000 R09: 0000000000000000
15:25:47 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x7})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)=0x1, 0xffffffffffffff5f)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x12000, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0)

15:25:47 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x2000, 0x0)
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

[ 1236.665983] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1236.673242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:47 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x81, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @loopback}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast2}}, &(0x7f0000000040)=0xe8)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={@local, @remote, @mcast1, 0x0, 0xc8, 0x8, 0x500, 0x4, 0x200, r1})
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000500)={{{@in6=@mcast1, @in=@dev}}, {{@in6=@mcast1}}}, &(0x7f0000000400)=0xe8)
r2 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000080)={0xa, 0x4, 0x80, 0x800, 'syz0\x00', 0x81})
ioctl$FS_IOC_FSGETXATTR(r2, 0x4004550c, &(0x7f0000000100))
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r2, 0x80dc5521, &(0x7f00000002c0)=""/55)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r2, 0x80dc5521, &(0x7f0000000440)=""/166)

15:25:47 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xb00, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1236.820517] Task in /syz4 killed as a result of limit of /syz4
[ 1236.831564] memory: usage 204800kB, limit 204800kB, failcnt 729
[ 1236.838663] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1236.848407] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:47 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x1f00}, 0x6)

15:25:47 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x2)
fcntl$getownex(r0, 0x10, &(0x7f00000003c0)={0x0, <r1=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000140)={{0x0, 0x4, 0x20, 0x420e, '\x00', 0x8}, 0x4, 0x20, 0x18ae, r1, 0x4, 0x9, 'syz1\x00', &(0x7f0000000080)=['/dev/bus/usb/00#/00#\x00', '/dev/bus/usb/00#/00#\x00', 'ppp0\x00', '/dev/bus/usb/00#/00#\x00'], 0x44, [], [0x3, 0x1, 0xfffffffffffffff8, 0x6]})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@remote, @in6=@remote}}, {{@in6=@mcast1}, 0x0, @in=@rand_addr}}, &(0x7f0000000380)=0xe8)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:47 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x20000, 0x0)
write$P9_RXATTRCREATE(r2, &(0x7f0000000100)={0x7, 0x21, 0x1}, 0x7)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000140)={<r3=>0x0, 0x81, 0x6, [0x3, 0x3, 0xcec, 0xfffffffffffffff8, 0xffffffffffffffff, 0x80000000]}, &(0x7f0000000180)=0x14)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000001c0)={r3, 0x5d}, &(0x7f0000000200)=0x8)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r1)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x403c5404, &(0x7f0000000080)={{0xffffffffffffffff, 0x3, 0x3f, 0x0, 0x3}, 0x800, 0x1})

15:25:47 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2f00, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1236.855433] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:136KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1236.877272] Memory cgroup out of memory: Kill process 24353 (syz-executor4) score 160 or sacrifice child
[ 1236.888032] Killed process 24353 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1236.900225] oom_reaper: reaped process 24353 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:48 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xffffff89, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1237.008140] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
15:25:48 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0xfffffffffffffffc, 0x9820, 0x6})
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000080)={0x5, 0x77, &(0x7f0000000000)="7d5edac16c20acaab5209b2c8392ec7b80234c3686a69ae17c8cf54f611edc8e91b2606011cbc971dced96a58c350cc5ca13de6a10a48321fd1fadbbf5a40297f9a60c447a7eaaec333fc462afda45e3e946eb640feb5ef5d4d429a6e48f26cbc6173f40933ca378b9a28e92965c01ba35614b5da1234b"})

15:25:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000100)={0x1ff, 0x0, &(0x7f0000ffc000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000080)={[{0x3, 0x5, 0xfe6, 0x9cb8003, 0xb3, 0x7f, 0x1c, 0x2, 0x0, 0xff94, 0x115, 0x1000, 0x800}, {0x8000, 0x2, 0x1, 0x2, 0x4d4a6999, 0xa2, 0x6, 0x3, 0x9, 0x80000001, 0x1, 0x3, 0x2}, {0x0, 0x2, 0x3ff, 0x4, 0x1, 0x0, 0x3ff, 0x6, 0x9, 0x4c127ea4, 0x6, 0xfff, 0xff}], 0x2})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fsetxattr$security_selinux(r1, &(0x7f0000000100)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:pam_exec_t:s0\x00', 0x20, 0x1)
fsetxattr(r1, &(0x7f0000000080)=@known='system.advise\x00', &(0x7f00000000c0)='/dev/kvm\x00', 0x9, 0x1)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:48 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0xb, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1237.127772] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1237.187458] CPU: 0 PID: 24399 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1237.194859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1237.204213] Call Trace:
[ 1237.206817]  dump_stack+0x1c4/0x2b4
[ 1237.210477]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1237.215681]  ? debug_smp_processor_id+0x1c/0x20
[ 1237.220355]  dump_header+0x27b/0xf72
[ 1237.224076]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.224093]  ? pagefault_out_of_memory+0x197/0x197
[ 1237.234537]  ? debug_smp_processor_id+0x1c/0x20
[ 1237.234551]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1237.234563]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1237.234578]  ? perf_trace_lock+0x7a0/0x7a0
[ 1237.234588]  ? perf_trace_lock+0x7a0/0x7a0
[ 1237.234605]  ? debug_smp_processor_id+0x1c/0x20
[ 1237.249098]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1237.249111]  ? mark_held_locks+0x130/0x130
[ 1237.249128]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.257565]  ? perf_trace_lock+0x7a0/0x7a0
[ 1237.257578]  ? task_will_free_mem+0x239/0xb30
[ 1237.257602]  ? ___ratelimit+0x36f/0x655
[ 1237.289594]  ? lock_downgrade+0x900/0x900
[ 1237.293758]  ? trace_hardirqs_on+0xbd/0x310
[ 1237.298085]  ? kasan_check_read+0x11/0x20
[ 1237.302234]  ? ___ratelimit+0x36f/0x655
[ 1237.306199]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1237.311636]  ? trace_hardirqs_on+0x310/0x310
[ 1237.316029]  ? lock_downgrade+0x900/0x900
[ 1237.320165]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1237.325260]  ? ___ratelimit+0xaa/0x655
[ 1237.329134]  ? idr_get_free+0xec0/0xec0
[ 1237.333093]  ? kasan_check_write+0x14/0x20
[ 1237.337312]  ? do_raw_spin_lock+0xc1/0x200
[ 1237.341535]  oom_kill_process.cold.27+0x10/0x903
[ 1237.346293]  ? kasan_check_write+0x14/0x20
[ 1237.350514]  ? do_raw_spin_lock+0xc1/0x200
[ 1237.354736]  ? oom_evaluate_task+0x540/0x540
[ 1237.359131]  ? cgroup_procs_next+0x70/0x70
[ 1237.363356]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1237.367837]  ? oom_badness+0xaa0/0xaa0
[ 1237.371722]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1237.376470]  ? mem_cgroup_iter_break+0x30/0x30
[ 1237.381041]  ? cgroup_file_notify+0x226/0x2f0
[ 1237.385523]  out_of_memory+0xa84/0x1430
[ 1237.389484]  ? kasan_check_read+0x11/0x20
[ 1237.393615]  ? oom_killer_disable+0x3a0/0x3a0
[ 1237.398103]  ? kasan_check_write+0x14/0x20
[ 1237.402331]  ? do_raw_spin_lock+0xc1/0x200
[ 1237.406557]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1237.411400]  ? memcg_memory_event+0x40/0x40
[ 1237.415727]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1237.420474]  ? page_counter_try_charge+0x1c1/0x220
[ 1237.425409]  try_charge+0xc43/0x1690
[ 1237.429111]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1237.434208]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1237.440257]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1237.445086]  ? lock_downgrade+0x900/0x900
[ 1237.449219]  ? lock_release+0x970/0x970
[ 1237.453186]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1237.458970]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1237.464413]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1237.469245]  ? mem_cgroup_can_attach+0x580/0x580
[ 1237.473993]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.479516]  ? check_preemption_disabled+0x48/0x200
[ 1237.484520]  ? __might_sleep+0x95/0x190
[ 1237.488482]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1237.493053]  ? mem_cgroup_protected+0xa60/0xa60
[ 1237.497707]  ? mark_held_locks+0x130/0x130
[ 1237.501946]  ? css_next_child+0x1c3/0x620
[ 1237.506077]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.511600]  ? check_preemption_disabled+0x48/0x200
[ 1237.516604]  ? mark_held_locks+0x130/0x130
[ 1237.520827]  ? debug_smp_processor_id+0x1c/0x20
[ 1237.525486]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1237.530402]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1237.535937]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1237.540853]  wp_page_copy+0x46c/0x14f0
[ 1237.544729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.550252]  ? follow_pfn+0x2e0/0x2e0
[ 1237.554041]  ? perf_trace_lock+0x7a0/0x7a0
[ 1237.558278]  ? do_wp_page+0x76c/0x1390
[ 1237.562167]  ? lock_downgrade+0x900/0x900
[ 1237.566409]  ? kasan_check_read+0x11/0x20
[ 1237.570551]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1237.574944]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1237.579512]  ? __pte_alloc_kernel+0x220/0x220
[ 1237.584006]  do_wp_page+0x774/0x1390
[ 1237.587717]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1237.592370]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1237.596937]  ? lock_downgrade+0x900/0x900
[ 1237.601093]  ? lock_release+0x970/0x970
[ 1237.605054]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.610585]  ? check_preemption_disabled+0x48/0x200
[ 1237.615581]  ? kasan_check_read+0x11/0x20
[ 1237.619712]  ? pmd_val+0x88/0x100
[ 1237.623159]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1237.628682]  ? kasan_check_write+0x14/0x20
[ 1237.632904]  ? do_raw_spin_lock+0xc1/0x200
[ 1237.637129]  __handle_mm_fault+0x2c60/0x53e0
[ 1237.641531]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1237.646371]  ? debug_smp_processor_id+0x1c/0x20
[ 1237.651031]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1237.655950]  ? lock_acquire+0x1ed/0x520
[ 1237.659930]  ? handle_mm_fault+0x42a/0xc70
[ 1237.664167]  ? lock_downgrade+0x900/0x900
[ 1237.668301]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1237.674085]  ? __do_page_fault+0x67d/0xed0
[ 1237.678307]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1237.683744]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1237.689268]  ? check_preemption_disabled+0x48/0x200
[ 1237.694295]  handle_mm_fault+0x54f/0xc70
[ 1237.698346]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1237.702921]  ? find_vma+0x34/0x190
[ 1237.706465]  __do_page_fault+0x67d/0xed0
[ 1237.710538]  ? mm_fault_error+0x380/0x380
[ 1237.714671]  ? trace_hardirqs_on+0x310/0x310
[ 1237.719078]  do_page_fault+0xf2/0x7e0
[ 1237.722874]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.728436]  ? vmalloc_sync_all+0x30/0x30
[ 1237.732567]  ? error_entry+0x70/0xd0
[ 1237.736268]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1237.741363]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1237.746278]  ? do_syscall_64+0x820/0x820
[ 1237.750327]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1237.755167]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1237.760192]  ? trace_hardirqs_off+0x310/0x310
[ 1237.764673]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1237.770208]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1237.775210]  ? page_fault+0x8/0x30
[ 1237.778737]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1237.783565]  ? page_fault+0x8/0x30
[ 1237.787089]  page_fault+0x1e/0x30
[ 1237.790524] RIP: 0023:0x8051180
[ 1237.793787] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1237.812672] RSP: 002b:000000000845fba0 EFLAGS: 00010246
[ 1237.818034] RAX: 00000000a5e11afb RBX: 0000000000001afb RCX: 0000000000000000
[ 1237.825290] RDX: 00000000a5e11afb RSI: 000000000000000f RDI: 000000000000000f
[ 1237.832542] RBP: 00000000a5e11aff R08: 0000000000000000 R09: 0000000000000000
[ 1237.839809] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1237.847064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1237.855830] Task in /syz4 killed as a result of limit of /syz4
[ 1237.861840] memory: usage 204764kB, limit 204800kB, failcnt 761
[ 1237.868165] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1237.874965] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:48 executing program 5:
r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xfffffffffffffffc, 0x400000)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000080)={@rand_addr=0x8, @remote, 0x0, 0x2, [@multicast1, @local]}, 0x18)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x4004550c, &(0x7f0000000100))
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x5, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000140)={{{@in=@multicast2, @in=@multicast2}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000000c0)=0xe8)
ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2)

15:25:48 executing program 2:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x10000, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000180)='tasks\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000100)={{0x6eb, 0x100}, 0x1, 0x80, 0x508062bb, {0x7, 0x961}, 0x40, 0x40})
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
write$P9_RVERSION(r1, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x4, 0x8, '9P2000.L'}, 0x15)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000040)={0x800000a0, 0x0, 0x0, 0x7ffe})

[ 1237.881102] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:136KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1237.902273] Memory cgroup out of memory: Kill process 24399 (syz-executor4) score 160 or sacrifice child
[ 1237.913018] Killed process 24399 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:49 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x8055}, 0x6)

15:25:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080)=0x4)

15:25:49 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f00000000c0))

15:25:49 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x3c00000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1237.933810] oom_reaper: reaped process 24399 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:49 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x3f, 0x0, 0x2, 0x5})

15:25:49 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
munlockall()
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast2, 0x9cd, 0x0, 0x1, 0x2, 0x9cb, 0x0, 0x49da}, &(0x7f0000000040)=0x20)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:49 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1238.010030] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1238.037204] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1238.057861] CPU: 0 PID: 24435 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1238.065271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1238.074619] Call Trace:
[ 1238.077204]  dump_stack+0x1c4/0x2b4
[ 1238.080825]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1238.086005]  ? mark_held_locks+0x130/0x130
[ 1238.090229]  ? mark_held_locks+0x130/0x130
[ 1238.094457]  dump_header+0x27b/0xf72
[ 1238.098164]  ? debug_smp_processor_id+0x1c/0x20
[ 1238.102820]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1238.108351]  ? pagefault_out_of_memory+0x197/0x197
[ 1238.113271]  ? debug_smp_processor_id+0x1c/0x20
[ 1238.117927]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1238.122846]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1238.127767]  ? perf_trace_lock+0x7a0/0x7a0
[ 1238.131996]  ? perf_trace_lock+0x7a0/0x7a0
[ 1238.136226]  ? debug_smp_processor_id+0x1c/0x20
[ 1238.140884]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1238.145819]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1238.151346]  ? perf_trace_lock+0x7a0/0x7a0
[ 1238.155571]  ? task_will_free_mem+0x239/0xb30
[ 1238.160069]  ? ___ratelimit+0x36f/0x655
[ 1238.164031]  ? lock_downgrade+0x900/0x900
[ 1238.168171]  ? trace_hardirqs_on+0xbd/0x310
[ 1238.172480]  ? kasan_check_read+0x11/0x20
[ 1238.176626]  ? ___ratelimit+0x36f/0x655
[ 1238.180590]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1238.186037]  ? trace_hardirqs_on+0x310/0x310
[ 1238.190435]  ? lock_downgrade+0x900/0x900
[ 1238.194575]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1238.199664]  ? ___ratelimit+0xaa/0x655
[ 1238.203537]  ? idr_get_free+0xec0/0xec0
[ 1238.207495]  ? kasan_check_write+0x14/0x20
[ 1238.211726]  ? do_raw_spin_lock+0xc1/0x200
[ 1238.215954]  oom_kill_process.cold.27+0x10/0x903
[ 1238.220697]  ? kasan_check_write+0x14/0x20
[ 1238.224921]  ? do_raw_spin_lock+0xc1/0x200
[ 1238.229145]  ? oom_evaluate_task+0x540/0x540
[ 1238.233544]  ? cgroup_procs_next+0x70/0x70
[ 1238.237770]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1238.242426]  ? oom_badness+0xaa0/0xaa0
[ 1238.246303]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1238.251057]  ? mem_cgroup_iter_break+0x30/0x30
[ 1238.255633]  ? cgroup_file_notify+0x226/0x2f0
[ 1238.260127]  out_of_memory+0xa84/0x1430
[ 1238.264088]  ? kasan_check_read+0x11/0x20
[ 1238.268232]  ? oom_killer_disable+0x3a0/0x3a0
[ 1238.272713]  ? kasan_check_write+0x14/0x20
[ 1238.276934]  ? do_raw_spin_lock+0xc1/0x200
[ 1238.281164]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1238.285993]  ? memcg_memory_event+0x40/0x40
[ 1238.290301]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1238.295226]  ? page_counter_try_charge+0x1c1/0x220
[ 1238.300146]  try_charge+0xc43/0x1690
[ 1238.303865]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1238.309910]  ? tcp_sendmsg+0x2f/0x50
[ 1238.313609]  ? sock_sendmsg+0xd5/0x120
[ 1238.317483]  ? __sys_sendto+0x3d7/0x670
[ 1238.321445]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1238.325755]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1238.330258]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1238.334827]  ? fs_reclaim_acquire+0x20/0x20
[ 1238.339135]  ? lock_downgrade+0x900/0x900
[ 1238.343282]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1238.348821]  ? check_preemption_disabled+0x48/0x200
[ 1238.353825]  ? ___might_sleep+0x1ed/0x300
[ 1238.357976]  ? debug_smp_processor_id+0x1c/0x20
[ 1238.362633]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1238.367558]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1238.372649]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1238.378097]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1238.383623]  ? check_preemption_disabled+0x48/0x200
[ 1238.388632]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1238.393381]  ? mem_cgroup_sk_free+0x90/0x90
[ 1238.397698]  __sk_mem_raise_allocated+0x642/0x1800
[ 1238.402628]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1238.406939]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1238.412552]  ? alloc_pages_current+0x114/0x210
[ 1238.417128]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1238.421802]  ? sock_kzfree_s+0x60/0x60
[ 1238.425676]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1238.430356]  ? tcp_chrono_start+0x190/0x1e0
[ 1238.434699]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1238.439706]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1238.444973]  ? iov_iter_advance+0x1460/0x1460
[ 1238.449460]  __sk_mem_schedule+0x6d/0xe0
[ 1238.453566]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1238.459108]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1238.463605]  ? tcp_sendpage+0x60/0x60
[ 1238.467403]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1238.472936]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1238.477259]  ? aa_profile_af_perm+0x410/0x410
[ 1238.481744]  ? ksys_dup3+0x680/0x680
[ 1238.485458]  ? lock_acquire+0x1ed/0x520
[ 1238.489422]  ? tcp_sendmsg+0x21/0x50
[ 1238.493124]  ? trace_hardirqs_on+0xbd/0x310
[ 1238.497434]  ? lock_release+0x970/0x970
[ 1238.501408]  ? lock_sock_nested+0xe2/0x120
[ 1238.505635]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1238.511098]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1238.516625]  ? check_preemption_disabled+0x48/0x200
[ 1238.521650]  ? lock_sock_nested+0x9a/0x120
[ 1238.525875]  ? lock_sock_nested+0x9a/0x120
[ 1238.530109]  ? __local_bh_enable_ip+0x160/0x260
[ 1238.534768]  tcp_sendmsg+0x2f/0x50
[ 1238.538295]  inet_sendmsg+0x1a1/0x690
[ 1238.542091]  ? ipip_gro_receive+0x100/0x100
[ 1238.546401]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1238.551145]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1238.556674]  ? security_socket_sendmsg+0x94/0xc0
[ 1238.561430]  ? ipip_gro_receive+0x100/0x100
[ 1238.565743]  sock_sendmsg+0xd5/0x120
[ 1238.569445]  __sys_sendto+0x3d7/0x670
[ 1238.573238]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1238.577896]  ? arch_local_save_flags+0x40/0x40
[ 1238.582468]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1238.587921]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1238.593457]  ? compat_put_timespec64+0x110/0x280
[ 1238.598200]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1238.602954]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1238.607875]  ? trace_hardirqs_on+0xbd/0x310
[ 1238.612184]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1238.617708]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1238.622278]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1238.627716]  __ia32_sys_sendto+0xdf/0x1a0
[ 1238.631871]  do_fast_syscall_32+0x34d/0xfb2
[ 1238.636199]  ? do_int80_syscall_32+0x890/0x890
[ 1238.640772]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1238.645346]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1238.650357]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1238.655199]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1238.660208]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1238.665214]  ? recalc_sigpending_tsk+0x180/0x180
[ 1238.669959]  ? kasan_check_write+0x14/0x20
[ 1238.674185]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1238.679021]  entry_SYSENTER_compat+0x70/0x7f
[ 1238.683417] RIP: 0023:0xf7f56ca9
[ 1238.686793] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1238.705680] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1238.713375] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1238.720631] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1238.728134] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1238.735391] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1238.742646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:49 executing program 2:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x2)
ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000040)=0x7fff)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1238.784045] Task in /syz4 killed as a result of limit of /syz4
[ 1238.790204] memory: usage 204800kB, limit 204800kB, failcnt 787
[ 1238.798184] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1238.805605] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1238.812110] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:49 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2c00, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:49 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fchmod(r1, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f00000000c0))

15:25:49 executing program 5:
r0 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
signalfd4(r0, &(0x7f0000000040)={0x6}, 0x8, 0x800)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100))

[ 1238.844286] Memory cgroup out of memory: Kill process 24434 (syz-executor4) score 161 or sacrifice child
15:25:49 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x57cc, 0x40)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={<r2=>0x0, 0x5}, &(0x7f0000000080)=0xfffffffffffffc8a)
ioctl$FIONREAD(r1, 0x541b, &(0x7f00000002c0))
ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f0000000300)={0x5, 0x8000, 0x6, 0x1, 0x1ff})
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000140)=ANY=[@ANYRES32=r2, @ANYBLOB="ca000000dd4790ae15427dedf69369e1acd10b3cf7c00706cdd1294cc8e21aa9e8e90adb2dae0c1cda25051cc60163572b9c9e107c51e6e510a153f7beba02aee582c473cae622c6109192b445c830e3ac2bf7dbbc939743e51ae57c711118a2071de7bafada41b853a7e045f80cf60100000000000000032d49212b52659a5a1cb3da202eb2275d6aa7fde08d182c92b01d4133c3cca5b94c3e9037febc0d67f1ca7ac190a9d8bfcfce5968b3de924bf5ba012bc3a8420cd5bdc0897aff03daf6285acad01a251e0a4693e5ae84"], &(0x7f0000000240)=0xd2)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000280)=0x5)

[ 1238.889587] Killed process 24434 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:50 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xf401}, 0x6)

15:25:50 executing program 3:
r0 = open(&(0x7f0000000080)='./file0\x00', 0x40000, 0x100)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:25:50 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x2, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x5, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000240))
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x5, &(0x7f0000000440)=@framed={{}, [@initr0]}, &(0x7f0000000480)='GPL\x00', 0x0, 0xa8, &(0x7f00000004c0)=""/168}, 0x48)
r2 = syz_open_pts(r1, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x3f8)
read(r2, &(0x7f0000000280)=""/230, 0xe6)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))
r4 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xffffffffffffffff, 0x400)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)=ANY=[@ANYRES32=<r5=>0x0, @ANYBLOB="43dcd29c30d2e567fe1d39be05000000090097401374b0784edc87fb5fd17f0426d7e4adc838d839915c4752a9f3acb687fcc07a276e9e0a5a1b8c62f0f76ef59e5e94f19b14470e61042c5df0f4684fc43d16aef8b78b491d158ea605d7cb36322bd5b0c5f731eb3b842f6b8c487bebea040e9e1bbbf1042b66fcd86d"], &(0x7f0000000100)=0x16)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000140)={r5, 0xf8}, &(0x7f0000000180)=0x8)

[ 1238.963005] oom_reaper: reaped process 24434 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:50 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0xfffffffffffffffc})
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0xf)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0xfd, 0x28, 0x1, r0})

[ 1239.060051] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
15:25:50 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1239.104523] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1239.109786] CPU: 1 PID: 24484 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1239.117151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1239.117156] Call Trace:
[ 1239.117179]  dump_stack+0x1c4/0x2b4
[ 1239.117195]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1239.117212]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.117229]  dump_header+0x27b/0xf72
[ 1239.142614]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.142632]  ? pagefault_out_of_memory+0x197/0x197
[ 1239.156785]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.161465]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.161480]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.161498]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.161512]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.171345]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.171362]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.171375]  ? mark_held_locks+0x130/0x130
[ 1239.171393]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.199114]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.203338]  ? task_will_free_mem+0x239/0xb30
[ 1239.207828]  ? ___ratelimit+0x36f/0x655
[ 1239.211794]  ? lock_downgrade+0x900/0x900
[ 1239.215932]  ? trace_hardirqs_on+0xbd/0x310
[ 1239.220240]  ? kasan_check_read+0x11/0x20
[ 1239.224374]  ? ___ratelimit+0x36f/0x655
[ 1239.228334]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1239.233795]  ? trace_hardirqs_on+0x310/0x310
[ 1239.238191]  ? lock_downgrade+0x900/0x900
[ 1239.242329]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1239.247419]  ? ___ratelimit+0xaa/0x655
[ 1239.251305]  ? idr_get_free+0xec0/0xec0
[ 1239.255267]  ? kasan_check_write+0x14/0x20
[ 1239.259493]  ? do_raw_spin_lock+0xc1/0x200
[ 1239.263724]  oom_kill_process.cold.27+0x10/0x903
[ 1239.268471]  ? kasan_check_write+0x14/0x20
[ 1239.272693]  ? do_raw_spin_lock+0xc1/0x200
[ 1239.276918]  ? oom_evaluate_task+0x540/0x540
[ 1239.281318]  ? cgroup_procs_next+0x70/0x70
[ 1239.285541]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1239.290031]  ? oom_badness+0xaa0/0xaa0
[ 1239.293918]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1239.298663]  ? mem_cgroup_iter_break+0x30/0x30
[ 1239.303256]  ? cgroup_file_notify+0x226/0x2f0
[ 1239.307741]  out_of_memory+0xa84/0x1430
[ 1239.311704]  ? kasan_check_read+0x11/0x20
[ 1239.315849]  ? oom_killer_disable+0x3a0/0x3a0
[ 1239.320330]  ? kasan_check_write+0x14/0x20
[ 1239.324552]  ? do_raw_spin_lock+0xc1/0x200
[ 1239.328787]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1239.333628]  ? memcg_memory_event+0x40/0x40
[ 1239.337936]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1239.342770]  ? page_counter_try_charge+0x1c1/0x220
[ 1239.347691]  try_charge+0xc43/0x1690
[ 1239.351392]  ? lock_downgrade+0x900/0x900
[ 1239.355532]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1239.361577]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1239.367364]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1239.372900]  ? should_fail+0x22d/0xd01
[ 1239.376782]  ? percpu_ref_tryget_live+0x168/0x460
[ 1239.381619]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1239.386449]  ? lock_downgrade+0x900/0x900
[ 1239.390586]  ? lock_release+0x970/0x970
[ 1239.394550]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1239.400332]  ? __kernel_text_address+0xd/0x40
[ 1239.404825]  ? __save_stack_trace+0x8d/0xf0
[ 1239.409141]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1239.413979]  ? fs_reclaim_acquire+0x20/0x20
[ 1239.418300]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1239.422955]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1239.427438]  ? entry_INT80_compat+0x74/0x7e
[ 1239.431752]  memcg_kmem_charge+0x135/0x300
[ 1239.435981]  __alloc_pages_nodemask+0x72e/0xde0
[ 1239.440649]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1239.445654]  ? percpu_ref_put_many+0x13e/0x260
[ 1239.450232]  ? trace_hardirqs_on+0xbd/0x310
[ 1239.454540]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1239.459891]  ? kasan_kmalloc+0xc7/0xe0
[ 1239.463771]  ? kasan_slab_alloc+0x12/0x20
[ 1239.467907]  ? kmem_cache_alloc_node+0x303/0x730
[ 1239.472664]  ? kasan_check_write+0x14/0x20
[ 1239.476893]  ? do_raw_spin_lock+0xc1/0x200
[ 1239.481116]  copy_process+0xa09/0x8780
[ 1239.484994]  ? mark_held_locks+0x130/0x130
[ 1239.489224]  ? percpu_ref_get_many+0x121/0x240
[ 1239.493795]  ? lock_downgrade+0x900/0x900
[ 1239.497936]  ? __cleanup_sighand+0x70/0x70
[ 1239.502158]  ? bio_cur_bytes+0x1e0/0x1e0
[ 1239.506210]  ? mark_held_locks+0x130/0x130
[ 1239.510434]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.515959]  ? check_preemption_disabled+0x48/0x200
[ 1239.520966]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.525617]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.530531]  ? try_charge+0x112a/0x1690
[ 1239.534491]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.540020]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.544245]  ? mark_held_locks+0x130/0x130
[ 1239.548469]  ? mark_held_locks+0x130/0x130
[ 1239.552692]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.556917]  ? mark_held_locks+0x130/0x130
[ 1239.561140]  ? check_preemption_disabled+0x48/0x200
[ 1239.566141]  ? blk_init_request_from_bio+0x3c0/0x3c0
[ 1239.571233]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.575889]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.580816]  ? mark_held_locks+0x130/0x130
[ 1239.585042]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.590577]  ? check_preemption_disabled+0x48/0x200
[ 1239.595593]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.600248]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.605167]  ? mark_held_locks+0x130/0x130
[ 1239.609389]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.613625]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1239.618626]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1239.623368]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.628890]  ? check_preemption_disabled+0x48/0x200
[ 1239.633897]  ? debug_smp_processor_id+0x1c/0x20
[ 1239.638575]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1239.643492]  ? lock_downgrade+0x900/0x900
[ 1239.647627]  ? perf_trace_lock+0x7a0/0x7a0
[ 1239.651850]  ? change_protection+0x1718/0x29a0
[ 1239.656430]  ? lock_downgrade+0x900/0x900
[ 1239.660573]  ? kasan_check_read+0x11/0x20
[ 1239.664709]  ? ___might_sleep+0x1ed/0x300
[ 1239.668842]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1239.673409]  ? arch_local_save_flags+0x40/0x40
[ 1239.677978]  ? kasan_check_write+0x14/0x20
[ 1239.682207]  ? do_raw_spin_lock+0xc1/0x200
[ 1239.686433]  ? perf_iterate_sb+0x189/0xc60
[ 1239.690663]  ? lock_downgrade+0x900/0x900
[ 1239.694803]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1239.700601]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.706125]  ? check_preemption_disabled+0x48/0x200
[ 1239.711230]  ? perf_iterate_sb+0x1b0/0xc60
[ 1239.715456]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1239.720374]  ? perf_event_comm_output+0x750/0x750
[ 1239.725783]  ? find_get_context.isra.94+0x730/0x730
[ 1239.730786]  ? validate_mm+0x386/0x630
[ 1239.734660]  ? lock_downgrade+0x900/0x900
[ 1239.738799]  ? kasan_check_read+0x11/0x20
[ 1239.742932]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1239.747358]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1239.751932]  ? kfree+0x1bf/0x230
[ 1239.755287]  ? perf_event_mmap+0x134/0x1350
[ 1239.759617]  ? perf_event_fork+0x30/0x30
[ 1239.763673]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.769197]  ? vma_set_page_prot+0x243/0x320
[ 1239.773603]  ? vma_wants_writenotify+0x510/0x510
[ 1239.778348]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1239.782659]  _do_fork+0x1cb/0x11d0
[ 1239.786187]  ? fork_idle+0x1d0/0x1d0
[ 1239.789918]  ? up_write+0x7b/0x220
[ 1239.793444]  ? up_read+0x110/0x110
[ 1239.796981]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1239.802532]  ? apparmor_file_mprotect+0xde/0x110
[ 1239.807274]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1239.812797]  ? security_file_mprotect+0x94/0xc0
[ 1239.817453]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1239.821766]  ? trace_hardirqs_off+0xb8/0x310
[ 1239.826160]  ? mprotect_fixup+0xc60/0xc60
[ 1239.830296]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1239.834864]  ? trace_hardirqs_on+0x310/0x310
[ 1239.839261]  ? trace_hardirqs_on+0xbd/0x310
[ 1239.843568]  ? entry_INT80_compat+0x74/0x7e
[ 1239.847878]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1239.853323]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1239.858327]  do_int80_syscall_32+0x1fe/0x890
[ 1239.862719]  ? entry_INT80_compat+0x6c/0x7e
[ 1239.867037]  ? do_syscall_64+0x820/0x820
[ 1239.871100]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1239.875927]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1239.880930]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1239.885937]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1239.890770]  entry_INT80_compat+0x74/0x7e
[ 1239.895380] RIP: 0023:0x8081a44
[ 1239.898646] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1239.917543] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1239.925252] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1239.932508] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1239.939769] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1239.947022] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
15:25:51 executing program 3:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x40, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000000c0)=""/175, &(0x7f0000000180)=0xaf)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0), 0x111, 0xb}}, 0x20)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

[ 1239.954274] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:51 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$DRM_IOCTL_AGP_ACQUIRE(r0, 0x6430)

15:25:51 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x200000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:51 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x98b, 0x4000)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100))
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000000)=@sack_info={<r2=>0x0, 0x9, 0x6}, &(0x7f0000000040)=0xc)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000080)={r2, 0x5, 0x1, 0x3f}, &(0x7f0000000140)=0x10)

[ 1240.001147] Task in /syz4 killed as a result of limit of /syz4
[ 1240.008122] memory: usage 204672kB, limit 204800kB, failcnt 805
[ 1240.014291] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x40800000010000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000000))

15:25:51 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2c00000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1240.080477] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1240.094021] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:51 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x7}, 0x6)

15:25:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = gettid()
getpgid(r2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:51 executing program 2:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r0=>0x0}, &(0x7f00000001c0)=0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x2, &(0x7f0000000240)='#\x00'}, 0x30)
r1 = syz_open_procfs(r0, &(0x7f00000002c0)='net/udplite6\x00')
clock_gettime(0x0, &(0x7f0000000200)={<r2=>0x0, <r3=>0x0})
sendmsg$can_bcm(r1, &(0x7f0000000380)={&(0x7f0000000000), 0x10, &(0x7f0000000340)={&(0x7f0000000300)={0x7, 0x420, 0x6, {}, {r2, r3/1000+30000}, {0x2, 0x8, 0x6, 0x4}, 0x1, @can={{0x1, 0x7ff, 0xaf8e, 0x4}, 0x3, 0x2, 0x0, 0x0, "442c8f0ebe90e589"}}, 0x34}}, 0x20000010)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000040)=0xc972)
r4 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffe, 0x1)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r4, 0x894b, &(0x7f0000000080))
ioctl$FS_IOC_FSGETXATTR(r4, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$EXT4_IOC_RESIZE_FS(r4, 0x40086610, &(0x7f0000000140)=0x8)

15:25:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:51 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x22020000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1240.128252] Memory cgroup out of memory: Kill process 24484 (syz-executor4) score 160 or sacrifice child
[ 1240.162957] Killed process 24484 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:51 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
socketpair(0x0, 0xb, 0x3b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$UI_GET_SYSNAME(r1, 0x8040552c, &(0x7f0000000100))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000140)={0x374, 0x7f, 0x48, 0x6, 0x3}, 0x14)
r3 = socket(0x4a, 0x5, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000280)={<r4=>0xffffffffffffffff}, 0x13f, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f00000003c0)={0x4, 0x8, 0xfa00, {r4}}, 0x10)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000400)="bd81f0e413c8c3417a498e0c37a44869a9a50a182ecf9a23f9b780705556cbc8c3ac02cb9776654612ca475cd43028e968370126d6762c57c0307eb90cb6c958929952d5685c4775076a8fb65cd5561c9849cd9091", 0x55)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000180)={0x7fff, 0x0, 0x9, 0x35, 0x0, 0x4, 0xde321f6, 0x6, 0x2, 0x4, 0x1}, 0xb)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f00000001c0)={0x9, 0x0, 0x10000, 'queue0\x00', 0x39ba})
sendmsg$rds(r3, &(0x7f0000000a40)={&(0x7f0000000300)={0x2, 0xe803000000000900, @dev={0xac, 0x14, 0x14, 0x1a}, [0x0, 0xe00000000000000]}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000340)=""/112, 0x34000}], 0x1, &(0x7f00000008c0)=[@mask_fadd={0x58, 0x84, 0x8, {{}, &(0x7f0000000540), &(0x7f0000000580)}}], 0x58}, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000a80)={'filter\x00', 0x7, 0x4, 0x420, 0x228, 0x114, 0x0, 0x33c, 0x33c, 0x33c, 0x4, &(0x7f0000000040), {[{{@arp={@multicast2, @multicast2, 0xffffff00, 0xffffffff, @mac=@dev, {[0x0, 0x0, 0x0, 0xff, 0x0, 0xff]}, @empty, {[0xff, 0xff, 0x0, 0x0, 0x0, 0xff]}, 0xffffffff80000001, 0x1, 0x0, 0x10001, 0x20, 0x5, 'ip6tnl0\x00', 'lo\x00', {0xff}, {}, 0x0, 0x80}, 0xf0, 0x114}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0x114}}, {{@arp={@remote, @dev={0xac, 0x14, 0x14, 0x16}, 0xffffffff, 0xffffffff, @mac=@link_local, {[0x0, 0xff, 0x0, 0x0, 0xff, 0x4274b2b02d1a60fb]}, @empty, {[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x7, 0x9, 0x1, 0x800, 0x1, 0xa8ff, 'veth0_to_bridge\x00', 'tunl0\x00', {}, {0xff}, 0x0, 0x280}, 0xf0, 0x114}, @unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x1, {0x7fffffff, 0x2}}}, {{@uncond, 0xf0, 0x114}, @unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0x1f}}}], {{[], 0xc0, 0xe4}, {0x24}}}}, 0x46c)
bind$inet6(r0, &(0x7f00000004c0)={0xa, 0x4e24, 0x1f, @ipv4={[], [], @broadcast}, 0xfffffffffffffffd}, 0x1c)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0xdf, 0x0, 0x3, {0x1}}, 0x18)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:51 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xb00, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000080)={0x0, 0x0, @ioapic={0xd006, 0xff, 0x10b5, 0xfffffffffffffff8, 0x0, [{0x1, 0x9, 0x20, [], 0x3}, {0x7ff, 0x1eabad4b, 0xfffffffffffffffe, [], 0x4}, {0x5, 0xa43, 0x17, [], 0x8}, {0x4, 0x0, 0x4, [], 0x81}, {0x8000, 0x6d, 0x2, [], 0x1}, {0x2, 0x8001, 0x3, [], 0x1ff}, {0x10001, 0x9, 0x8, [], 0x9}, {0x10000, 0xfffffffeffffffff, 0x4, [], 0x3}, {0x6fb1, 0x5792, 0x6, [], 0x1}, {0x0, 0x7, 0xffffffffffffffff, [], 0x9}, {0x6, 0x2, 0x80, [], 0x7}, {0x0, 0x5, 0x4, [], 0x42ad}, {0x0, 0x1000, 0x101, [], 0x1ff}, {0x2, 0x5, 0x3, [], 0xffffffff}, {0x9, 0x8, 0xec9, [], 0x1}, {0x7fffffff, 0x8000, 0x3f, [], 0xc81}, {0x1, 0x6, 0x80, [], 0x3}, {0x8000, 0x80000001, 0x998, [], 0x7f}, {0x800, 0xfffffffffffffff7, 0x6, [], 0x107}, {0x0, 0xffff, 0x100000001, [], 0x4}, {0x7, 0x4, 0x100000001, [], 0x1f}, {0x4, 0x5, 0x50f9, [], 0x10001}, {0x800, 0xff, 0x7ff, [], 0x1000}, {0x1, 0x9, 0x7, [], 0x1f}]}})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000180)={0x0, 0x200})
syz_genetlink_get_family_id$nbd(&(0x7f00000001c0)='nbd\x00')

[ 1240.276178] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0
[ 1240.322139] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1240.342388] CPU: 0 PID: 24528 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1240.349790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1240.349801] Call Trace:
[ 1240.361739]  dump_stack+0x1c4/0x2b4
[ 1240.365383]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1240.370589]  ? mark_held_locks+0x130/0x130
[ 1240.374830]  ? mark_held_locks+0x130/0x130
[ 1240.379070]  dump_header+0x27b/0xf72
[ 1240.382794]  ? debug_smp_processor_id+0x1c/0x20
[ 1240.387465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1240.393014]  ? pagefault_out_of_memory+0x197/0x197
[ 1240.397970]  ? debug_smp_processor_id+0x1c/0x20
[ 1240.402652]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1240.407583]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1240.412518]  ? perf_trace_lock+0x7a0/0x7a0
[ 1240.416745]  ? perf_trace_lock+0x7a0/0x7a0
[ 1240.416764]  ? debug_smp_processor_id+0x1c/0x20
[ 1240.416776]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1240.416791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1240.416805]  ? perf_trace_lock+0x7a0/0x7a0
15:25:51 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x40, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'veth0_to_bridge\x00', &(0x7f0000000040)=@ethtool_cmd={0x45, 0x0, 0xfffffffffffffff8, 0x2, 0x5, 0xffffffff, 0x7, 0x3f, 0x400, 0x3ff, 0x9ce, 0x9, 0x3ff, 0x6, 0x1, 0xcf, [0x7f, 0x5b78f87c]}})
setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000180)=0x1, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080)=0xfffffffffffffffc)

[ 1240.416819]  ? task_will_free_mem+0x239/0xb30
[ 1240.416841]  ? ___ratelimit+0x36f/0x655
[ 1240.416861]  ? lock_downgrade+0x900/0x900
[ 1240.452996]  ? trace_hardirqs_on+0xbd/0x310
[ 1240.457323]  ? kasan_check_read+0x11/0x20
[ 1240.461479]  ? ___ratelimit+0x36f/0x655
[ 1240.465457]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1240.470903]  ? trace_hardirqs_on+0x310/0x310
[ 1240.470928]  ? lock_downgrade+0x900/0x900
[ 1240.479476]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1240.484579]  ? ___ratelimit+0xaa/0x655
[ 1240.488463]  ? idr_get_free+0xec0/0xec0
[ 1240.492435]  ? kasan_check_write+0x14/0x20
[ 1240.496669]  ? do_raw_spin_lock+0xc1/0x200
[ 1240.496688]  oom_kill_process.cold.27+0x10/0x903
[ 1240.505664]  ? kasan_check_write+0x14/0x20
[ 1240.509900]  ? do_raw_spin_lock+0xc1/0x200
[ 1240.514136]  ? oom_evaluate_task+0x540/0x540
[ 1240.518539]  ? cgroup_procs_next+0x70/0x70
[ 1240.522766]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1240.527340]  ? oom_badness+0xaa0/0xaa0
[ 1240.531218]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1240.535981]  ? mem_cgroup_iter_break+0x30/0x30
[ 1240.540556]  ? cgroup_file_notify+0x226/0x2f0
[ 1240.545043]  out_of_memory+0xa84/0x1430
[ 1240.549008]  ? kasan_check_read+0x11/0x20
[ 1240.553142]  ? oom_killer_disable+0x3a0/0x3a0
[ 1240.557620]  ? kasan_check_write+0x14/0x20
[ 1240.561841]  ? do_raw_spin_lock+0xc1/0x200
[ 1240.566076]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1240.570903]  ? memcg_memory_event+0x40/0x40
[ 1240.575231]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1240.580151]  ? page_counter_try_charge+0x1c1/0x220
[ 1240.585067]  try_charge+0xc43/0x1690
[ 1240.588774]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1240.594820]  ? tcp_sendmsg+0x2f/0x50
[ 1240.598520]  ? sock_sendmsg+0xd5/0x120
[ 1240.602394]  ? __sys_sendto+0x3d7/0x670
[ 1240.606365]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1240.610686]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1240.615170]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1240.619742]  ? fs_reclaim_acquire+0x20/0x20
[ 1240.624051]  ? lock_downgrade+0x900/0x900
[ 1240.628196]  ? ___might_sleep+0x1ed/0x300
[ 1240.632331]  ? trace_hardirqs_on+0xbd/0x310
[ 1240.636638]  ? lock_downgrade+0x900/0x900
[ 1240.640774]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1240.645862]  ? kasan_unpoison_shadow+0x35/0x50
[ 1240.650438]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1240.655529]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1240.660967]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1240.666495]  ? check_preemption_disabled+0x48/0x200
[ 1240.671504]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1240.676256]  ? mem_cgroup_sk_free+0x90/0x90
[ 1240.680572]  __sk_mem_raise_allocated+0x642/0x1800
[ 1240.685488]  ? __tcp_transmit_skb+0x3fc0/0x3fc0
[ 1240.690148]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1240.694469]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1240.699475]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1240.704136]  ? sock_kzfree_s+0x60/0x60
[ 1240.708010]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1240.713015]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1240.717584]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1240.722587]  ? skb_entail+0x618/0x8c0
[ 1240.726604]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1240.731779]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1240.736435]  __sk_mem_schedule+0x6d/0xe0
[ 1240.740485]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1240.746010]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1240.750502]  ? tcp_sendpage+0x60/0x60
[ 1240.754291]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1240.759845]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1240.764155]  ? aa_profile_af_perm+0x410/0x410
[ 1240.768642]  ? ksys_dup3+0x680/0x680
[ 1240.772346]  ? lock_acquire+0x1ed/0x520
[ 1240.776308]  ? tcp_sendmsg+0x21/0x50
[ 1240.780011]  ? trace_hardirqs_on+0xbd/0x310
[ 1240.784322]  ? lock_release+0x970/0x970
[ 1240.788283]  ? lock_sock_nested+0xe2/0x120
[ 1240.792505]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1240.797944]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1240.803468]  ? check_preemption_disabled+0x48/0x200
[ 1240.808478]  ? lock_sock_nested+0x9a/0x120
[ 1240.812700]  ? lock_sock_nested+0x9a/0x120
[ 1240.816924]  ? __local_bh_enable_ip+0x160/0x260
[ 1240.821585]  tcp_sendmsg+0x2f/0x50
[ 1240.825114]  inet_sendmsg+0x1a1/0x690
[ 1240.828909]  ? ipip_gro_receive+0x100/0x100
[ 1240.833220]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1240.837971]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1240.843500]  ? security_socket_sendmsg+0x94/0xc0
[ 1240.848242]  ? ipip_gro_receive+0x100/0x100
[ 1240.852550]  sock_sendmsg+0xd5/0x120
[ 1240.856266]  __sys_sendto+0x3d7/0x670
[ 1240.860057]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1240.864713]  ? arch_local_save_flags+0x40/0x40
[ 1240.869281]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1240.874730]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1240.880254]  ? compat_put_timespec64+0x110/0x280
[ 1240.884999]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1240.889742]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1240.895019]  ? trace_hardirqs_on+0xbd/0x310
[ 1240.899329]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1240.904852]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1240.909422]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1240.914860]  __ia32_sys_sendto+0xdf/0x1a0
[ 1240.919002]  do_fast_syscall_32+0x34d/0xfb2
[ 1240.923323]  ? do_int80_syscall_32+0x890/0x890
[ 1240.927897]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1240.932464]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1240.937467]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1240.942296]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1240.947297]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1240.952301]  ? recalc_sigpending_tsk+0x180/0x180
[ 1240.957042]  ? kasan_check_write+0x14/0x20
[ 1240.961267]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1240.966099]  entry_SYSENTER_compat+0x70/0x7f
[ 1240.970493] RIP: 0023:0xf7f56ca9
[ 1240.973848] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1240.992733] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1241.000428] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1241.007682] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1241.014939] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1241.022191] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1241.029445] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:52 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000040)=0x4, 0x4)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:52 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xe02000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:52 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x8})

[ 1241.048600] Task in /syz4 killed as a result of limit of /syz4
[ 1241.075102] memory: usage 204796kB, limit 204800kB, failcnt 831
[ 1241.089693] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1241.102390] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1241.109274] Memory cgroup stats for 
[ 1241.116835] /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1241.141632] Memory cgroup out of memory: Kill process 24527 (syz-executor4) score 161 or sacrifice child
15:25:52 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x3e8}, 0x6)

15:25:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000100)=0x1000)

15:25:52 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x6000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:52 executing program 2:
execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=[&(0x7f0000000040)='#eth0procprocbdev*em1md5sumem0\x00', &(0x7f0000000080)='ppp1\']&\x00'], &(0x7f00000001c0)=[&(0x7f0000000100)='#vmnet1]:eth1self)cpusetwlan1%%proc+@&\x00', &(0x7f0000000140)='wlan1.GPL/*mime_type\x00', &(0x7f0000000180)='\x00'])

15:25:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x200000)
ioctl$UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, &(0x7f00000000c0)={0x10, 0x2})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1241.159119] Killed process 24527 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1241.170797] oom_reaper: reaped process 24527 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:25:52 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x1, 0xfffffffffffffffd})

15:25:52 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2b, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0xc4900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080))

[ 1241.270425] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1241.300470] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1241.306190] CPU: 1 PID: 24567 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1241.313575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1241.313581] Call Trace:
[ 1241.313604]  dump_stack+0x1c4/0x2b4
[ 1241.313622]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1241.313645]  ? debug_smp_processor_id+0x1c/0x20
[ 1241.313665]  dump_header+0x27b/0xf72
[ 1241.342732]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1241.348367]  ? pagefault_out_of_memory+0x197/0x197
[ 1241.353307]  ? debug_smp_processor_id+0x1c/0x20
[ 1241.357983]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1241.362914]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1241.367862]  ? perf_trace_lock+0x7a0/0x7a0
[ 1241.372190]  ? perf_trace_lock+0x7a0/0x7a0
[ 1241.376432]  ? debug_smp_processor_id+0x1c/0x20
[ 1241.381104]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1241.386040]  ? mark_held_locks+0x130/0x130
[ 1241.390283]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1241.395826]  ? perf_trace_lock+0x7a0/0x7a0
[ 1241.400077]  ? task_will_free_mem+0x239/0xb30
[ 1241.404582]  ? ___ratelimit+0x36f/0x655
[ 1241.408553]  ? lock_downgrade+0x900/0x900
[ 1241.412706]  ? trace_hardirqs_on+0xbd/0x310
[ 1241.412723]  ? kasan_check_read+0x11/0x20
[ 1241.421168]  ? ___ratelimit+0x36f/0x655
[ 1241.425136]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1241.430579]  ? trace_hardirqs_on+0x310/0x310
[ 1241.434978]  ? lock_downgrade+0x900/0x900
[ 1241.439121]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1241.444214]  ? ___ratelimit+0xaa/0x655
[ 1241.448090]  ? idr_get_free+0xec0/0xec0
[ 1241.452051]  ? kasan_check_write+0x14/0x20
[ 1241.456275]  ? do_raw_spin_lock+0xc1/0x200
[ 1241.460500]  oom_kill_process.cold.27+0x10/0x903
[ 1241.465244]  ? kasan_check_write+0x14/0x20
[ 1241.469462]  ? do_raw_spin_lock+0xc1/0x200
[ 1241.473688]  ? oom_evaluate_task+0x540/0x540
[ 1241.478086]  ? cgroup_procs_next+0x70/0x70
[ 1241.482309]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1241.486789]  ? oom_badness+0xaa0/0xaa0
[ 1241.490662]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1241.495408]  ? mem_cgroup_iter_break+0x30/0x30
[ 1241.499984]  ? cgroup_file_notify+0x226/0x2f0
[ 1241.504467]  out_of_memory+0xa84/0x1430
[ 1241.508426]  ? kasan_check_read+0x11/0x20
[ 1241.512560]  ? oom_killer_disable+0x3a0/0x3a0
[ 1241.517042]  ? kasan_check_write+0x14/0x20
[ 1241.521262]  ? do_raw_spin_lock+0xc1/0x200
[ 1241.525491]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1241.530317]  ? memcg_memory_event+0x40/0x40
[ 1241.534628]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1241.539385]  ? page_counter_try_charge+0x1c1/0x220
[ 1241.544302]  try_charge+0xc43/0x1690
[ 1241.548015]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1241.553113]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1241.559157]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1241.563998]  ? lock_downgrade+0x900/0x900
[ 1241.568136]  ? lock_release+0x970/0x970
[ 1241.572100]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1241.577894]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1241.582724]  ? mem_cgroup_can_attach+0x580/0x580
[ 1241.587467]  ? memcg_kmem_charge+0x1c2/0x300
[ 1241.591870]  ? __might_sleep+0x95/0x190
[ 1241.595840]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1241.600412]  ? mem_cgroup_protected+0xa60/0xa60
[ 1241.605073]  ? __pte_alloc+0x1c7/0x350
[ 1241.608953]  ? kasan_check_read+0x11/0x20
[ 1241.613089]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1241.617596]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1241.622167]  ? kasan_check_write+0x14/0x20
[ 1241.626395]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1241.631930]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1241.636855]  __handle_mm_fault+0x273a/0x53e0
[ 1241.641253]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1241.646094]  ? lock_acquire+0x1ed/0x520
[ 1241.650064]  ? handle_mm_fault+0x42a/0xc70
[ 1241.654286]  ? lock_downgrade+0x900/0x900
[ 1241.658426]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1241.664214]  ? __do_page_fault+0x67d/0xed0
[ 1241.668441]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1241.673879]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1241.679406]  ? check_preemption_disabled+0x48/0x200
[ 1241.684414]  handle_mm_fault+0x54f/0xc70
[ 1241.688483]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1241.693052]  ? find_vma+0x34/0x190
[ 1241.696581]  __do_page_fault+0x67d/0xed0
[ 1241.700636]  ? mm_fault_error+0x380/0x380
[ 1241.704771]  ? trace_hardirqs_on+0x310/0x310
[ 1241.709179]  ? entry_INT80_compat+0x74/0x7e
[ 1241.713489]  do_page_fault+0xf2/0x7e0
[ 1241.717280]  ? vmalloc_sync_all+0x30/0x30
[ 1241.721422]  ? error_entry+0x70/0xd0
[ 1241.725779]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1241.730780]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1241.735702]  ? do_syscall_64+0x820/0x820
[ 1241.739752]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1241.744581]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1241.749603]  ? trace_hardirqs_off+0x310/0x310
[ 1241.754090]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1241.759618]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1241.764632]  ? page_fault+0x8/0x30
[ 1241.768162]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1241.772992]  ? page_fault+0x8/0x30
[ 1241.776515]  page_fault+0x1e/0x30
[ 1241.779981] RIP: 0023:0x806a9d6
[ 1241.783249] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1241.802146] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1241.807499] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1241.814754] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
15:25:52 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x8300, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x86, 0x0)
ioctl$NBD_DISCONNECT(r2, 0xab08)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendfile64(r3, r1, &(0x7f0000000080), 0x7)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000100)=0xf407)
fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000140)=0x5)

[ 1241.822009] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1241.829262] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1241.836523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1241.854701] Task in /syz4 killed as a result of limit of /syz4
[ 1241.869848] memory: usage 204796kB, limit 204800kB, failcnt 859
[ 1241.887262] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1241.903194] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:53 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f0000000040)={0x10001, 0x2d9, 0x400, {r1, r2+10000000}, 0x101, 0x3})

15:25:53 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x20e, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f00000000c0)=0x10000000)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)

15:25:53 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
lseek(r0, 0x0, 0x0)

15:25:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:53 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x40000000}, 0x6)

[ 1241.909793] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1241.930597] Memory cgroup out of memory: Kill process 24567 (syz-executor4) score 161 or sacrifice child
[ 1241.940850] Killed process 24567 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:53 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x8000009e})

15:25:53 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x8, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:53 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x281ffe, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0xae78, &(0x7f0000000040))
openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/current\x00', 0x2, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000000)={0xf000, 0x8000})
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x575, 0x0)
write$smack_current(r0, &(0x7f00000000c0)='vboxnet1\x00', 0x9)

[ 1242.069638] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
[ 1242.092000] vhci_hcd: default hub control req: 9e00 v8000 i0000 l0
[ 1242.112069] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1242.124464] CPU: 0 PID: 24607 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1242.131860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1242.141203] Call Trace:
[ 1242.141224]  dump_stack+0x1c4/0x2b4
[ 1242.141240]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1242.141259]  ? debug_smp_processor_id+0x1c/0x20
[ 1242.141275]  dump_header+0x27b/0xf72
[ 1242.161004]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1242.166557]  ? pagefault_out_of_memory+0x197/0x197
[ 1242.171495]  ? debug_smp_processor_id+0x1c/0x20
[ 1242.171508]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1242.171524]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1242.186027]  ? perf_trace_lock+0x7a0/0x7a0
[ 1242.190265]  ? perf_trace_lock+0x7a0/0x7a0
[ 1242.194506]  ? debug_smp_processor_id+0x1c/0x20
[ 1242.199185]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1242.204116]  ? mark_held_locks+0x130/0x130
[ 1242.208350]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1242.208366]  ? perf_trace_lock+0x7a0/0x7a0
[ 1242.208382]  ? task_will_free_mem+0x239/0xb30
15:25:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x3, 0x80)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000240)={0x1, 0x228, &(0x7f00000000c0)="72cb44a6497c3e8116a17200986165f8e41488cda1b8f2a7d557b0bd3b05d760fb1cc52ccc99b0e2b50f06e3eb71d4079c0753fe30f730c3f3e85f9adc4bdd8927bf524d1d50226f3305726f6240d23810da7cce175d9d8f971173f66ecf85e7cc6d1588150d4a328c017de258dbe0291b391af159673bb61ec9a2d82f7ebb4ef76697954284276e33d6b99e47f91905e46f41a2c0cd278cd65f37b7f643ab5d7ee70a92cececbcd5cb2ece396d8", &(0x7f0000000180)="9e209a67c6ea40ec0f7e94d2f77cb52681e5d18920724bf0ffe2266dcb237b741918d484e0f28000994b91fc9100a33780bf24f7d6f13a615498954841b664b19e688dfcb3edd705ead210660a2a57417ced5260cc679467c9daf40d4849108143218b4dfa302b4d6d33e88093677c84618ee8fdf3751d9ebe8c9abc6c28350a416517c2fcfba0", 0xae, 0x87})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000280)={<r3=>0x0, 0x400, 0x30}, &(0x7f00000002c0)=0xc)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000300)={r3, 0xa1, "8c5a55c68316967df9e4459a4e7a16e7ac469176a920a53ee1e991c93af734630e02b4cbd7e984d18e762dfa03aef354420217fb5bc6ff1b9891eda6cb982b10521d0633da7b1c9a21b0da1652085a903db256bcdedac0d560d61fd27576f470db2a984e9ede58b431031cfa6962ecd514ca1230a85872f458d3431cf028f03d639aa3f6c09d3a43d2e63f9c1b91f4eca718de3efcc01af5e45136b488a5594ce6"}, &(0x7f00000003c0)=0xa9)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:25:53 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000240)='./file0\x00', 0x4080, 0x61)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f00000002c0)=0x4)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x8000, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={<r4=>0x0}, &(0x7f0000000200)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000280)={r4}, 0x135)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffe, 0x0, 0xd050d55c429bcac5, 0xf, 0x9, "e362f85cbef4ec6398e865178049e9f65cbb05712d86538a77b4f75de90265c7892a76923ac61db1bb3937b9092e72d4ad6cf09ddeb7cb7473881eac82b216a0", "fbdd82479a4b2285222806bd03028095d8a06ec7f999187088ceb859709426a294190749b035db3b5cfc3b2b6aecdd261a45cec703561028f78d41a3ce9fd312", "b292d50b423e4b254f7cc8ad66818a4709ce2261c367e1eefe95baf99f41c882", [0xffff, 0x8]})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

[ 1242.222625]  ? ___ratelimit+0x36f/0x655
[ 1242.226609]  ? lock_downgrade+0x900/0x900
[ 1242.230766]  ? trace_hardirqs_on+0xbd/0x310
[ 1242.235099]  ? kasan_check_read+0x11/0x20
[ 1242.239253]  ? ___ratelimit+0x36f/0x655
[ 1242.243239]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1242.248699]  ? trace_hardirqs_on+0x310/0x310
[ 1242.253118]  ? lock_downgrade+0x900/0x900
[ 1242.257275]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1242.262388]  ? ___ratelimit+0xaa/0x655
[ 1242.266278]  ? idr_get_free+0xec0/0xec0
[ 1242.270243]  ? kasan_check_write+0x14/0x20
[ 1242.274469]  ? do_raw_spin_lock+0xc1/0x200
[ 1242.278695]  oom_kill_process.cold.27+0x10/0x903
[ 1242.283442]  ? kasan_check_write+0x14/0x20
[ 1242.287665]  ? do_raw_spin_lock+0xc1/0x200
[ 1242.291889]  ? oom_evaluate_task+0x540/0x540
[ 1242.296288]  ? cgroup_procs_next+0x70/0x70
[ 1242.300524]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1242.305010]  ? oom_badness+0xaa0/0xaa0
[ 1242.308886]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1242.313640]  ? mem_cgroup_iter_break+0x30/0x30
[ 1242.318219]  ? cgroup_file_notify+0x226/0x2f0
[ 1242.322700]  out_of_memory+0xa84/0x1430
[ 1242.326659]  ? kasan_check_read+0x11/0x20
[ 1242.330801]  ? oom_killer_disable+0x3a0/0x3a0
[ 1242.335283]  ? kasan_check_write+0x14/0x20
[ 1242.339504]  ? do_raw_spin_lock+0xc1/0x200
[ 1242.343732]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1242.348560]  ? memcg_memory_event+0x40/0x40
[ 1242.352870]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1242.357703]  ? page_counter_try_charge+0x1c1/0x220
[ 1242.362633]  try_charge+0xc43/0x1690
[ 1242.366355]  ? lock_downgrade+0x900/0x900
[ 1242.370496]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1242.376544]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1242.382066]  ? should_fail+0x22d/0xd01
[ 1242.385942]  ? percpu_ref_tryget_live+0x168/0x460
[ 1242.390770]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1242.395609]  ? lock_downgrade+0x900/0x900
[ 1242.399752]  ? lock_release+0x970/0x970
[ 1242.403722]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1242.409506]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1242.415033]  ? split_huge_pages_set+0xa90/0xa90
[ 1242.419701]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1242.424530]  ? fs_reclaim_acquire+0x20/0x20
[ 1242.428841]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1242.433497]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1242.437979]  ? __put_compound_page+0xe0/0xe0
[ 1242.442464]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1242.447989]  memcg_kmem_charge+0x135/0x300
[ 1242.452213]  __alloc_pages_nodemask+0x72e/0xde0
[ 1242.456869]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1242.462413]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1242.467517]  ? do_huge_pmd_anonymous_page+0x45e/0x17e0
[ 1242.472788]  ? unlock_page+0x2c2/0x4c0
[ 1242.476665]  ? __thp_get_unmapped_area+0x180/0x180
[ 1242.481583]  ? mark_held_locks+0x130/0x130
[ 1242.485802]  ? vm_mmap+0xc0/0xc0
[ 1242.489159]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1242.494685]  alloc_pages_current+0x10c/0x210
[ 1242.499079]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1242.504604]  pte_alloc_one+0x1b/0x1a0
[ 1242.508393]  __pte_alloc+0x2a/0x350
[ 1242.512008]  __handle_mm_fault+0x41f5/0x53e0
[ 1242.516507]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1242.521348]  ? lock_acquire+0x1ed/0x520
[ 1242.525313]  ? handle_mm_fault+0x42a/0xc70
[ 1242.529536]  ? lock_downgrade+0x900/0x900
[ 1242.533673]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1242.539461]  ? __do_page_fault+0x67d/0xed0
[ 1242.543681]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1242.549117]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1242.554642]  ? check_preemption_disabled+0x48/0x200
[ 1242.559661]  handle_mm_fault+0x54f/0xc70
[ 1242.563711]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1242.568278]  ? find_vma+0x34/0x190
[ 1242.571809]  __do_page_fault+0x67d/0xed0
[ 1242.575860]  ? mm_fault_error+0x380/0x380
[ 1242.579996]  ? trace_hardirqs_on+0x310/0x310
[ 1242.584389]  ? entry_INT80_compat+0x74/0x7e
[ 1242.588701]  do_page_fault+0xf2/0x7e0
[ 1242.592498]  ? vmalloc_sync_all+0x30/0x30
[ 1242.596632]  ? error_entry+0x70/0xd0
[ 1242.600341]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1242.605343]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1242.610346]  ? do_syscall_64+0x820/0x820
[ 1242.614392]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1242.619224]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1242.624233]  ? trace_hardirqs_off+0x310/0x310
[ 1242.628714]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1242.634239]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1242.639250]  ? page_fault+0x8/0x30
[ 1242.642782]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1242.647613]  ? page_fault+0x8/0x30
[ 1242.651146]  page_fault+0x1e/0x30
[ 1242.654585] RIP: 0023:0x806a9d6
[ 1242.657857] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1242.676851] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1242.682199] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1242.689452] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1242.696710] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1242.703963] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1242.711215] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1242.731774] Unknown ioctl 19460
[ 1242.766608] Task in /syz4 killed as a result of limit of /syz4
[ 1242.777199] memory: usage 204760kB, limit 204800kB, failcnt 879
[ 1242.783428] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1242.790296] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1242.800222] Unknown ioctl 19460
15:25:53 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0086426, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{<r1=>0x0}]})
ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000080)={r1})

15:25:53 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:53 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x8001)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x80000000, 0x400002)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000040)=0x7000)
setns(r2, 0x26000000)
syz_execute_func(&(0x7f00000001c0)="26660f382a4843f00fbab68b000000a7c4e11d72d50d839c3d0000000000c4e1f85bcb0ff59700000000660f38dd8bfeefffff7004019b577fbd39c4e1f15cc0")
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000000)={@mcast2, <r3=>0x0}, &(0x7f0000000100)=0x14)
setsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000180)={r3, @rand_addr=0x2, @rand_addr=0x101}, 0xc)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f00000000c0)=0x3000)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
socket$unix(0x1, 0x1, 0x0)
mlock2(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1)

[ 1242.800502] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1242.833387] Memory cgroup out of memory: Kill process 24607 (syz-executor4) score 161 or sacrifice child
[ 1242.843153] Killed process 24607 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1242.855344] oom_reaper: reaped process 24607 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
15:25:53 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x142800}, 0x6)

15:25:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x800, 0x400)
utimensat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={{0x0, 0x2710}}, 0x100)

15:25:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x80000, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000000c0)={<r3=>0x0, 0xff, 0x10}, &(0x7f0000000100)=0xc)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000140)={r3, 0x7, 0xfff}, &(0x7f0000000180)=0x8)
ioctl$void(r2, 0xc0045c78)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:54 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x3000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:54 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
prctl$getreaper(0x0, &(0x7f0000000040))
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x8000009c, 0x0, 0x0, 0x0, 0xfffffffffffffffe})

[ 1243.000698] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0
[ 1243.032608] vhci_hcd: default hub control req: 9c00 v8000 i0000 l0
[ 1243.036411] syz-executor4 cpuset=syz4 mems_allowed=0
15:25:54 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1243.049712] Unknown ioctl -1073456008
[ 1243.058852] vhci_hcd: default hub control req: 9c00 v8000 i0000 l0
[ 1243.069994] Unknown ioctl -1073456008
[ 1243.072311] CPU: 1 PID: 24646 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1243.081194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1243.081199] Call Trace:
[ 1243.081227]  dump_stack+0x1c4/0x2b4
[ 1243.096774]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1243.101975]  ? mark_held_locks+0x130/0x130
[ 1243.106214]  ? mark_held_locks+0x130/0x130
[ 1243.106233]  dump_header+0x27b/0xf72
[ 1243.106255]  ? debug_smp_processor_id+0x1c/0x20
[ 1243.118845]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1243.118861]  ? pagefault_out_of_memory+0x197/0x197
[ 1243.118882]  ? debug_smp_processor_id+0x1c/0x20
[ 1243.134022]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1243.138956]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1243.138976]  ? perf_trace_lock+0x7a0/0x7a0
[ 1243.138996]  ? perf_trace_lock+0x7a0/0x7a0
[ 1243.152453]  ? debug_smp_processor_id+0x1c/0x20
[ 1243.157137]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1243.162070]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1243.162086]  ? perf_trace_lock+0x7a0/0x7a0
[ 1243.162103]  ? task_will_free_mem+0x239/0xb30
[ 1243.176469]  ? ___ratelimit+0x36f/0x655
[ 1243.180457]  ? lock_downgrade+0x900/0x900
[ 1243.184623]  ? trace_hardirqs_on+0xbd/0x310
[ 1243.188947]  ? kasan_check_read+0x11/0x20
[ 1243.193105]  ? ___ratelimit+0x36f/0x655
[ 1243.197086]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1243.202549]  ? trace_hardirqs_on+0x310/0x310
[ 1243.206968]  ? lock_downgrade+0x900/0x900
[ 1243.211128]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1243.216241]  ? ___ratelimit+0xaa/0x655
[ 1243.220141]  ? idr_get_free+0xec0/0xec0
[ 1243.224119]  ? kasan_check_write+0x14/0x20
[ 1243.228372]  ? do_raw_spin_lock+0xc1/0x200
[ 1243.232615]  oom_kill_process.cold.27+0x10/0x903
[ 1243.237384]  ? kasan_check_write+0x14/0x20
[ 1243.241625]  ? do_raw_spin_lock+0xc1/0x200
[ 1243.245872]  ? oom_evaluate_task+0x540/0x540
[ 1243.250284]  ? cgroup_procs_next+0x70/0x70
[ 1243.254510]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1243.258994]  ? oom_badness+0xaa0/0xaa0
[ 1243.262870]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1243.267611]  ? mem_cgroup_iter_break+0x30/0x30
[ 1243.272200]  ? cgroup_file_notify+0x226/0x2f0
[ 1243.276682]  out_of_memory+0xa84/0x1430
[ 1243.280651]  ? kasan_check_read+0x11/0x20
[ 1243.284786]  ? oom_killer_disable+0x3a0/0x3a0
[ 1243.289269]  ? kasan_check_write+0x14/0x20
[ 1243.293493]  ? do_raw_spin_lock+0xc1/0x200
[ 1243.297727]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1243.302566]  ? memcg_memory_event+0x40/0x40
[ 1243.306876]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1243.311796]  ? page_counter_try_charge+0x1c1/0x220
[ 1243.316730]  try_charge+0xc43/0x1690
[ 1243.320439]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1243.326492]  ? tcp_sendmsg+0x2f/0x50
[ 1243.330195]  ? sock_sendmsg+0xd5/0x120
[ 1243.334069]  ? __sys_sendto+0x3d7/0x670
[ 1243.338028]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1243.342339]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1243.346820]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1243.351389]  ? fs_reclaim_acquire+0x20/0x20
[ 1243.355708]  ? lock_downgrade+0x900/0x900
[ 1243.359850]  ? ___might_sleep+0x1ed/0x300
[ 1243.363988]  ? trace_hardirqs_on+0xbd/0x310
[ 1243.368294]  ? lock_downgrade+0x900/0x900
[ 1243.372432]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1243.377544]  ? kasan_unpoison_shadow+0x35/0x50
[ 1243.382129]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1243.387219]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1243.392668]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1243.398215]  ? check_preemption_disabled+0x48/0x200
[ 1243.403225]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1243.407972]  ? mem_cgroup_sk_free+0x90/0x90
[ 1243.412287]  __sk_mem_raise_allocated+0x642/0x1800
[ 1243.417207]  ? __tcp_transmit_skb+0x3fc0/0x3fc0
[ 1243.421873]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1243.426187]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1243.431190]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1243.435847]  ? sock_kzfree_s+0x60/0x60
[ 1243.439734]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1243.444750]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1243.449320]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1243.454323]  ? skb_entail+0x618/0x8c0
[ 1243.458110]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1243.463288]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1243.467946]  __sk_mem_schedule+0x6d/0xe0
[ 1243.471996]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1243.477521]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1243.482015]  ? tcp_sendpage+0x60/0x60
[ 1243.485807]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1243.491331]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1243.495643]  ? aa_profile_af_perm+0x410/0x410
[ 1243.500128]  ? ksys_dup3+0x680/0x680
[ 1243.503832]  ? lock_acquire+0x1ed/0x520
[ 1243.507789]  ? tcp_sendmsg+0x21/0x50
[ 1243.511492]  ? trace_hardirqs_on+0xbd/0x310
[ 1243.515801]  ? lock_release+0x970/0x970
[ 1243.519765]  ? lock_sock_nested+0xe2/0x120
[ 1243.523986]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1243.529512]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1243.535038]  ? check_preemption_disabled+0x48/0x200
[ 1243.540040]  ? lock_sock_nested+0x9a/0x120
[ 1243.544264]  ? lock_sock_nested+0x9a/0x120
[ 1243.548490]  ? __local_bh_enable_ip+0x160/0x260
[ 1243.553150]  tcp_sendmsg+0x2f/0x50
[ 1243.556690]  inet_sendmsg+0x1a1/0x690
[ 1243.560477]  ? ipip_gro_receive+0x100/0x100
[ 1243.564788]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1243.569533]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1243.575060]  ? security_socket_sendmsg+0x94/0xc0
[ 1243.579802]  ? ipip_gro_receive+0x100/0x100
[ 1243.584111]  sock_sendmsg+0xd5/0x120
[ 1243.587812]  __sys_sendto+0x3d7/0x670
[ 1243.591603]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1243.596261]  ? arch_local_save_flags+0x40/0x40
[ 1243.600832]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1243.606281]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1243.611808]  ? compat_put_timespec64+0x110/0x280
[ 1243.616550]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1243.621292]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1243.626384]  ? trace_hardirqs_on+0xbd/0x310
[ 1243.630700]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1243.636225]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1243.640793]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1243.646232]  __ia32_sys_sendto+0xdf/0x1a0
[ 1243.650375]  do_fast_syscall_32+0x34d/0xfb2
[ 1243.654707]  ? do_int80_syscall_32+0x890/0x890
[ 1243.659279]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1243.663849]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1243.668852]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1243.673703]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1243.678716]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1243.683728]  ? recalc_sigpending_tsk+0x180/0x180
[ 1243.688485]  ? kasan_check_write+0x14/0x20
[ 1243.692718]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1243.697551]  entry_SYSENTER_compat+0x70/0x7f
[ 1243.701954] RIP: 0023:0xf7f56ca9
[ 1243.705311] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1243.724208] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1243.732411] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1243.739680] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
15:25:54 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2c00, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:54 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2202, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1243.746934] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1243.754188] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1243.761446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1243.780495] Task in /syz4 killed as a result of limit of /syz4
15:25:54 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x0, 0x0, 0xfffffffffffffffe})
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f0000000140)={0x0, 0xfb, 0x1015, 0x6, 0xfffffffffffffffc, "85cbb9424f63f8aa282a1913752efdcc", "741ff6f306e42a1f25400cb3eafd80dbcb040258681778964d0ed44abf02af54039f77b57c3be1908b60c76303aabb43a1df2ffb38308710b8d057325bd0b3f9205945f957fa7db4e15be868b0366629138591e5b836650021283e08f75f54f61fb07101e41d7545d5193e541952489a9792ae2bc18c497816d0ec03a1a6e10575ede02cbd83b24cc9ed79cddc26521ef076526dd96c307f931b35fd10427f0cd64498bb5f9e51c46cd86120d795779407f7fc82a392fb5fa4251f278d0a4d4a69c8649fafc53ac5d081ff23212c6710325100c6b984b8fe3bf3864739ce9ecd379d6b80fec8b161ca515fa76fc17bcc64d9e5bbe4cf50171c32a986d9dd0f2e38015184a727aa041b8d9e0cdc6bf1b6f498c6f86c496a0420ec3e4d3478c88a228cafdcd565f7abd4be2d3a35158e457701496b93d113c253656183cb8840c1a6f6569ff4c78290bca3a1b6c05612c7e7933e7cd5f79265d90ce5c4784ef67cc6965a105cdc64f5de69e9cf92479233d8546eb4a8df050ec5888274d2a5693aa840bae6390530f34a4f32e73f394dea0523365c065bca1bb58ca945a9cc0998c9fb965a58e97d405d3f9f350760ad26b14d035e4ce6b05f5858bc4ae38419e8cec2e48ce2189280a788fa235241518cb2f033b4de5b92059400179fdb61ef7794902f553736e77e4ac44bbeef75109a766d91627e32be45876f26f2392530fb2a951874df69ebafe86acc1ce8206242cf2612ab3d091d749d76c5503bf9c96665a77e54b30d6558a25b1007279723763806e63389cc74386ec086bdc5bb2ab6677d3e9998efb6f10bd5c8dfa75053f903f55a4f491cf19ba431d29e835d1487e6dd8744600016b8a6e5bfcfc2f829c181c8eec228d573b103b2b3a9d2429b96d24f0aeaf08970906e8cec861f8ee80b19d73cf317c016e8c4a1818db7f2326e444b1d8e56830fab769df4597c0ff51c1e5ae04f90bde99e689b4897945c57cdd7234ee77cc22b857896acd69c2b1eb07a7deea6192c90a951938b9bca3346c679921cf13790a85cf30dcdf3c52e80e0eee6fe08c167b67b9a80c15c016f82e6de0f28f001cff72a1de890fd87b0ba37f22618bc07dac98fd408925a27356bcb0a34c5c27078cfedf59c99e67da309fcb7656e38d86b0ca14b29a249d5c6655a14a486e5fb3b2d3f89ce68f57e41888e904d392268e807d224b45ba2bcb67f8cfb547a0177f4200c29433dae097513091fadd5f38ecb0537a5e532f3488b834b4e31a4c4281f81486f31ece9bf618713971cbb9dbc044cc4f6d00fb70f5f4f8f016f7630ba9951d28c665742e4cab9190283c8f385e9e9e9b75b626ca7728cbbb3786a3c2bf5b2c808526bdade278f302245d7f7c781d0f10efb0b7f7b0665c6f1356427ab491fdaf8837acbd4181e4ceab0ef234c02ac5de89c5377c0cec649db844057f23ea713bb39b5c8bdae963433e26e75d6b12e4f83da327482a09988fad7b3fad4995b7018ce2ce49b78c11ebb3ee8a41e037d64ed0d3b75486d1b9d8de6baa56ec0ea576597e791bfe560dbc7a5060518b980b4aeb0c0a11bae3cb224a8c1188c5498ef3df0d144c31ef84eb20e00b70b9468bd83ee9379a8d3db78b09e018901f423a792b5ec5a8b6b02bb5135652e919d58ef09f5eeb2a4e917ef91d5b5538d72f55799bfafb708635952855bbfc04cac35f6045f04db9ff851a0f789c729f39ca190ce772b2465d0340e84a23b92129fa6b67abcfb3d1c7abe62802c30c78137113f7dfa822b0d64117f9e2d287be8c232e47c791132bd07866297073e46a75cad22fbddf5cf87b6ebe4a3bcd3d115dbdd10ae04d14a24147b6d5782caea370237a7e62fb0cfa0a0511406e87dcc266443ac04a46af618e13e3ab1d82f2035c6607072bb0100a3c84d09848cef7c0c243c84d726f3e80141cc3febf09507d50fe49e9d3fae4752d5e62fd83d64c9f355e46cf7cf4af8792eea038378d0712fda815e5a1dd5111cb2cf93de1ed6daf50e956fd035ffc220f1c5165fd81a6169bedce1bd71eb6df42c78a83ccaf81e3c95451a0bf5616c6d87ef55a7ff5d36b46db95e39420d0e51b201714dcc7d56f4f8d34675016a73afe91c8240286664b293e716e867a5ba9ea48d557f3bcaeccccdfb080f8db1918b5cf313ef145de3143a95be4ad4bbf5fc772189e560fac32f9045657e5d499d4214729e5d0ef9ffc6c8a4e56219deaf72b4459db22e7a926b08f445a2f2af2cd50567424a6a102915463f3b307f6f3e0e362d29eba0fb7b22e124490cc532c1cf6912288ec4e3e1bbb437f8be8defb0969775ff2159666cb8035f6778d0b431e7ec5ee1068c3738634ec6fc3b23b3e5713b4da6416b1cef75ad3e6f6c95921d7e38505d7a99c3459bdf66fb06b8c6bea780cd8dbb65dd321aea738b927e13061b31df9d50fee38472d484820adc39258b66d6a263a8b668ca1d2b3c4dcdbcb6e22c2bb20f4f567f4a18a066fc625bf6dfb1a46eb8a557f7020a82f00cd6194aa4b6931e2b348f585ec22495c7be44baf4e4af786faed5aa8f4a30991d4faf5aee4e171812ad89ee60d12113dca981af6e7622f64199a10b9f6d7f1ea15d57fb2a3016c5cae3f6fbca7d477140241dbd90e784056f72e5f9eb482bbbb442b12d469598c53029e6a2d7d0031f260295b978bb4eb6e56296f9bd98c4e6fc8fd713c51204cc82ec439d6fefab459728a054d1390164ca83585e9da6fbcaa0a51accc7b075fe7e718c51b6d51db02a6d9635e6cb41d4e96916d06ad7633d21f9a0c80073c0b87e506db242ff8811cb41c566db0260b8dab5c7d6da56417c5155d5b35475695a1b341ae6434b7c855a22ded868b2bf0ad0e6294b8ee087719bfb247be7a4c70446d306c0b6deec4062f7430d771c5ed0e92452cbeda4dc2f8a292bb242e4395778cce48a1748a869dc2b5e010df0bf65e590037ee733189615471c31988af9621fa7fe539e868367864718f59fb885950195cfc2c8c68556fff2b5a81984fa741acd55fa338006758f7037ada4671f7e262bed16331d35827d70a0d7cdea5aacc4de625cc1617e2600da3e49c70ab0b7fbfd7eaea663354d3746547659397b4bcedaad6ea4dde12c490fe42902f5d9619f7aecae33da1f2a765c2f669ff9f4d099cd4bd184a1cf21cb10a9375f7673e111e4bd26b6a16600e17f72ad523ae3674412ee2a25a0527ca0053b47eea11babc638238f9381bbe81aed405c11b90f3aa3942bc52af4db8d2962baccfcb432836a240521ab2a6a7fbe75fe5f3e56baafcfcca9c59f7226e70cc34eb61919869cff2e35aea84385f53698e2402d39a2cfb43b0f4e96879a14f9703dfce23df9b208769f005e21778f3e9f91bcac33d6b1ca90ed2e85ed5b4c1544acaa8dc9fd6922f077e544631a24c53fcb26fbbc7f312baf194de75431122bfe200e4ef0e09b4666e901ca4080208457d6697aded07b9af2f8482bedd575725504e55dde3feabdb3d498b6cf98966efa3d2abf9bbb0a8a851dc47e37fa462c0b16a721eeafd9332fc6086a4888ccb0a2246f496342f6ce54822c1561e6fd2982d344e6539eaeeb9c708bd1216bf321bbd102f8639f9a1c528ad965b032e556b1232728538df8a3b964959d8e31fd86ca2aba3fbc6cb0d3d7d74820343b35c184dbda629f0e946597a3831be0ef783ce276a22c8373a1d0191579fa24c8df1714714bf2ed4373b5de869d2e1df9350f1dec24a1aa4140850e3656de4b61da8781ad08d90a04c0d51d5bdbd3611ce57540f7ee8ec6207536067a8f2decccf6502340d816bb2264c22f2d0181ffeb46594830b9994753ff4344ba87884da806679d4c7521ff74d2106ab5c10eb044d56828fe1d6958525ab713ad0718bd452806a6a8e192de19e135789c50e2b4b978b6cde3e4917b9b73b8958c886ae96f88a6efecec7afa1a3ef34c02288f4baf1e447df82d7e619e6c88980a1568b24db40305e4d4f8d2c53f150900bdb484dba8428517c3201d2327c5ef8ae9376cb0fd0d30018930b39e7d9591fd8ee986351cb433312e14460752a653c2c8236e5d907e782a6444482e39d9f4a9a8fab50ce3cc587182040227e607e1a4b19209aa2397cae9e9d9d32dab658b2fe28049ca204f85e1ec5f94bad38c7ee2fb4ef94829a8c3f71007146320a46bb523d3b2e2038e33646e11b98ad6a0d27dc3881b14e4b7974412f692fa5b75e24418a800dde6a6f959f9a9f8b13e62fe993aae69fc591a14d28be667c1754a2ff8f26a32e20a68d1cca49e111045914fc583a513c7e477d6db31d57216e1d9a19656c8ea09f4e07c5967ca4a75b430ec942e1665c122734862550cbd4c5c205d30c1e50148bcaf4030a36fb3dc4fc432ce7ff4afca08b4592d39b1cff656578cf7f532c03960a032a04bed73aa6cd218bd13f0cf845e9e88781882b2f4f2ee17df93ea8f617e4b4f7b22c8e4e34b8b64cd0f592d9b6294f07f99d592facb9f6c77413fc40631edc28429a5458401823cd35016bb7e8ba52b5f448c6d29206b2f02fddc3e72850c1e6623937bb6343abae4b0479b92fa17ff7e565c542c40b5266face182502402a3bce5bd37d27f69ac3923630ada646854023304adb8875bbeda6c9bcb4e729a1103615207dcf87bc5bf26df3729332ea8aae35fc076d274be5047839159202da78f74792871592693281ea470f171912df27a673e1c861fe5ada3df5a3a294a7266ccae5e170470ce64497e2a2a4f625722c282899412c86183b033ae2781d5983dbfb44d43aeece31462dea249df508d1e1a4507b19eb8d5414d5ea0eec9dc97b5f679211f7d8af92c4845374365842f2473f58d23f8548b21829335d6dde8abb39fb6f9bac0ba2a55aeadefc11462ee4bb4dd43c31a9280cbbcd74cd833bfd65a738a93bfd0732df8266c39cef0fe3783ab6cc2b49029e363df66547e5f5289828359843b342259d802b68ca5e8eeeb8c95b9ebe3370a998eb96c2e2b2aea494061c8be8144053db92966e4f4f73692220a76b627816431e892d8c13ab7669217bc9cea9716a4f282d962977510b871ba86077383e63c6aacd11e8157976beb269c72187d7f84b8205b0cdcb4543d1dfd4d3370d3623469c0cf7c613592212efcc0d392ce25618de429c3fa939f58b0c91231cb2f1c50823add4ce896295ca9f4e965bbbce28a4d0357b21fc262123fecc1b4c67e40dabbbb11498ef3f3a5b4d39326d1dde82b220b16325e3d8a3715e5656ead4f114cb220886fe65061470339382787af95325093bc8c5baa77bb37efdc267e85aee752c0e2b5ceb81a40795a4b8f4f0d3ff4f7f2bc0d01b7124fd22257155350dba0999a18c6bcbe92aa721532db3dec6674dee9a575ebbad056498dcdcff1deec74073b9667d86a01169cb6b5852deb613b49e12f2e6abc52b7e4e97411c92b4c3d149e645bb2bb77b4745777bed9f3ed93758e10dcf9e6bfeb6e1f2a492b9fd83d5f24bb265b4e4e66407e505410684f27f48f9f06a594633bcb125b804a6443e4b2d467ba1d1bc046e825433ba22555b079a1de4e3d5a28564f245b288242dbc837f0e2b2ed480cd4780c9a20cbcaee0e3e043a3c73dd564bc876551cbbe3a549aed33ec459e0122274d49ab2b15c3bf56114fe2ab8c6a1ee661d7f40d925686b749df25c7a25870e712e69fe45fb10a8139b061af9333c4964ec4fd9b24762cb167986f2e3df9fbe0271d950cf140b06f648480887d12081f627f2769f577fe6409ac1f14d1e79a7b0bd18608fc152"}, 0x1015, 0x3)
write$binfmt_misc(r0, &(0x7f0000001180)={'syz1', "ca0fdb396842f84cfd4da6151655f0019ba963410a1062a111fd87222ffa3e0723d0092cd0e7e8cb70a516f7888ba01b5284e1884bf5067c91cc810f876761415cfaf65287af4617600935678b37fe302ed432006e2db7bf8962c05d4ac060a5d5c5137ceb9673a501c794e893fdbe6641862ad2c63f0bf42eff57cf0d809b7106fe8547884ae7ebe145332ed8963957f938c3ec870666e2ceacbe2f3e61e7c0e1234ae24f823bfcbbafb56ecb50111edc37c6fb32e22f7c86d5cc6425e4940eecd9f01df81320b69b7285d62cabe52f6d16b5a367df86a0e161bd267eb72f59e81824bb2f4e7a26358acf7afc261c9cc5dab1968de396e63ea8a5da4fe275875009e192e5d771867ab20b385b36493bbf19e1fd917e9649279ee6412edc11ae94461b7974e64d4f0886dc71c7a4e5f8d7791a97f99fd8c7b8e4ad518def630a1d6820973ed122f1decd15623fb5d21e9314dfe0c6997871649e1dd4cbe7eabaa8e24889782c06aaac1cd84e6d27b94664c03333a635c2137e3f26b9a3ba580db5a8c7a9221b50734355f3e66f14262fd541ca97a308944c2ec5f7089592b354173f20e930c3a88b377f265f0e8c9f41e938736e3d78047dd883e7a6517d3d5a2bb1b0d29653aefa6a9514d09e6158726438a1677315ce045ce4215815f105c542908b8a3d1a91e3dcd6c2d225a96ff6fad77e413a6f289f8ea0fe6c6c58a14223d34bdfff8b2992f6e6bc40e16adca9c39a6ecee2be89b8e846c985bf4d1929db7d1b52d7e24eaa542d942e8a3664e3cf153c426bea85a5ceeec67632b9f204727f2ad7af592e991ad252daf95d252c73560168b9b60ce005246b3eaac4619c2d6e4e4722bfe576be0bb43429bbe885630b24539adbce18a8343e0749ac2edc166ded031a8f0132b89536ae4444d6aa919630129e2897e13fc4657a4ed1558229cc945246e920f555642c833f94c2e2284a408f16e78232eef8dc711f6e317406fcb45e05b11e06446c6b7ba310e47fe155837712a147dcf9c264225139d25e70e98029b15a00af4a8f12f9ef4e49fefe057c1391a4fc608f9a0601330c6a511a44b9cec4756ce34f440fcabc7e777e7aeacf7ec22f08af67c24be1257578c882b4b766e10375252a6d1df631a47c873f912183325d822f0c115313e5ba8f4cfcf3d06c91e510ba2f9e69c29d4f56b7de2316b7bb453f6c42c0ada2bd6fe5763655e9e63f2a3c8693115cc675f30020b60e6cdfc5b9080c14a44ce2113b697dcb7f859839e82bd69e84a506ac2fa506553104e6a3f257b91765e7c49ea84ff312b22d6ee4c01a76af5527a52f21efe99708ac5bebbf5a85937339f76b294e6ac471d3b9bc1d922f4fc6474a98d8b596353a2f5b94c7c59d456a250f35fb1d9927a8ffa59262148b32eca9d4367868a8a03b80233246a72f754197a88ba3a3603e1fefacd63a2f34dfb6fa148dd34d53898db3f747c9f3446737ea6048fad9a32f2bbc66d1702973447c93e9427de8dc01231b2a7cb007d1094cc632e7366abf18cb1c5f9ec3405f05cfe479bc55b089247b340adcb9859f5b2d0ad51b3f91798b2a031643e5d73653ff008e0c9a18a910a424cba5c9e325cc5c961b148f1ddc9ed26144c213635c3aa9d2d718751f399208c1f183bf8dfac564fbd8c09e3317858009b33fd18c728c6940e022c4d4c249141ae725f0a1209a1a94d26991be1c58e550ce1ad035189047a762b354afb276e9c56d958b363a638ece90f6c6b5cb03223e4aeb95fa7d327c1969540ba6af3057ba9dce2a4454509766f8a58cfa9274348dc70c533bfd93a1c5d63d4e85ccaa7fae0594596c1e2dbc271a83bf4854503decb9a965cf37b0d3b28e712c79baf9b3a2cf07194d2335a99ee52315dc58c6814dcd857c6051611c45b581303568c594dead039b24d0fa0bd0178527a6cbcedd49f980489dd4e36af8c75492bd0c645ba9c6454c953ff99ee0260484629a5dc80b05ce1bee0e92ea52c7c091165c6dbf5693a14442706e8ebcb891a8c21b2c627453d79379bd982e2798271655123b9c38c4f97f3ecf32390bfe4f073a0b1833fb5a1162773431f6e10ac669b1742bc5c5158723dd49bddd2ab89e1cd17a31fc82fe55c062d4bf09947abf9ccd0bfc0809e13d424e11e31941b811a3ffb8615ec69f5ee8a0f3aa783c961a9575929b208f788767d8cf70cc9930008bb94a3e7e386b232688bbe47407bff338557d8e809980816e0215a2d6e3e8898fc5a062f85835311ca47f0fde7ed55d8cbe7d9447a480132dacd593f8c4d15824917487b441b5e733d00386f4205eebd27a2f5881d591c2748d050bcecb40c12d35ed3721c17a376fbfdabc8d8823a4ec6164be79f287b6d6ecf85a591c3afe2a502e288a1ff457e2a4483f5207790d4231e696616d500d5c32d4eba30442d8b990e13c3eb27baad1b692ce33c8179867b14bb03cfea124f5874390c812f699e34550478c098728eb8018f28fb5422ebd566383f3ed05bde3bb2739bae15519f2b3538b06bc49b3c9b4db7a24fa647ce66649cd7c45eb8fff083a0e3f4aa627d8b2ce77ebefaa49bc806917182f4c84af3e2f3303eccdf65961ec4ab304fe86a80459a0cdca84167bec3492bc3f37f32f3ef6f81d95275f7671f51776d72462581e32b1210eb1d44f2a3f7758cf011fddf13cf336bad60e5451fdc0ad0fa31e3327ca6d453b7ef692ac3ed9be5c3c6c3be72ea1daf0c9948492f4845a72ab39804528e50c46780416274e159f0e9e6b349315c30638228f7bb39e530f6a8ca0b40d00c3e05aee99ab31163ee36b59d596c5f43ce504f7c84011af30af59cc9cfb020f13bb42ccbc13031a2de38fd387af3fb3109d20abcc6b5ceea6af4846eaf0d982c6f847c49937a053566153086b6f04eeefc3cab5c8f199e7148622496cb7f17e7cc8d7574d06333931f0491010d94ddd933c0077cd26063d4741d0ce69552a6f2bb602428e582e21f5df2dc49a53b30162a9ae07c6658ccf4ed47451dbf3e89f54bebcf30fff691c6d540cf1b9d7eab95341999518ad1f9a0c1089cf8dd8272fbb2ba1ddfd96103671c76d02db74b1b54a06c6bcecf8a74e14bca6e6cb32dc4926fa0f21e53804a2d30230d037f7fdd96f8a8c5aa5b0ebbb46da7066c3fda81aca05bb1f565f7f3a93736e555f1be3668299711d6226b03de40a232d860a84fd15fd603b67871acd3cb8d2fdb9fe5fc1880642f8a3a90c5d734a1e8efed8de673d2f91778e70b39b41ad2956891cd670e333495420cc0c8bf65ba32cc2fc50412da13f75877e83671add9ebbb11d02a1ba7a69fb4cd54ac40144e6e2f35629946a9cc429634d3ef9cdfc84fe8bbfb8ae6319bcc025498068dcd63447b64ea63e071ef262d17b4007f44838f138413cb51c99aa4cf2173a785cb7fa34ca6ca562a542ebe252991637b23c5d0d7fcc085b33a7f998375e825ae976c5f3abe0cd5182158adc37d82d3a0b54f49a150a28d467bc216e98572d1b19ab2692295629affa7d3b61a9cff0621416dc8f44b43a9b5184dbca74a75c3fe8a3178c8886e651abbd1768af0e658afb414690686e3925d706c7f4c0fa7c9e28af640b7efe2644cdcf7e460ecaf721fc81e88ac291eda26e755221f3410f07abab3aca0a961c9a503e22e2ff51e34b6e62b479c287f18d27329907b5982eb41673a93ab6b42c155dfd47260f4ff078a891176e92320939328a479094bf3ce5a915436fef65427ea6aadd56f8c69cd7c930dfa0b6bb3c9502d2d4bb536a62558d1691a4a92ac0b87ef3f0f85326516c68a5c70b0d1849399fa5bab90958d65e78830ac762a93b341236ea87f0657f7839173a60465ee12ffb311c5141c4a87b0e80a6cf8dfeaa7c9223b0306e02749a6f259ce06a140f7df09413540ec86afc739de66a686be4f5c7f262d86184dece0755a5f300393c305772790460575d7946a12712c244b8601fe628ac2dc49c4fa059809b027cd895cf5a2924f7fa863efb6ce8ab876bacb7a72a95a881727ba27b190199e5eefd9e33c25b8409b08ec855928f3b834684068a876d018ed0666b6de97163391575b41b9ff5eacf1bac63c3c6201646719a4768c301d500485b7e92d26ccc8bc5d526b2effefd22045193326d5ca19c06fd6a3741475b3ad7d27d322bd143c1accc7b32e8ef3dcd9eea53b04f88ba6137acb4d563cf1d074852a35afd8296871b579f4dcef610d171cd5c4e6e5ef1aeec9de84eee93eecd82cb9cc34772de10c9b4c6163d70a348a87ad0516a5a664c1076b5c0dc7766ed24ff1d38d1aa663670c7179dc08b9937e3dfc844cd4850d3ce8bbf45e24eb0dd8e9169ce3a3b3d1deb181f1d4054c0045bdfb5fac7eba9f12c2bd3130abbd2f3e75c9a55d7fc2c60c106fd3c83f40950deb2634592a58920cb3fa95b4a2a0b936e3a8a099c22f7a9bd6b5b0c517c2efb0b6e8e1ad1f4ef625f5a42849ae604b5c63ca9e5ac50e2a7341409bdbbe5f417104f062acd9c7662a7602665d4d2fe4f0550c0f6e7e61e288d93249cd148fdf4688ce9f1db6688f7edc229787a0efe8cbd1793e5c8bd1bed6b70df3e1df364dd432dfbb99d6c72fbc99afe492a24eed66e48978c2d0e14adeb829fbb22a9e75830d759b355eb1b08d08132b90635c4c99914e3761975687e9649155b7a9581bfc48378a143990d0f72a5d94d87487cffb75c18e07e2d8fafb5fe86f0623490748509a0e9740ac83bc767ab43cd71c3c278f64fdb97a856bd01aa1c67275fc99b5ee3d0383b41659844b7cef09e5b558e2eacb9b9eb85a6c35cfc971bd44f8b63f1e8812b31aee53c611e8b4234feaaf2975a0fe79a6cf76b3af52a9dadbedefe3c053716cd58d84d53ecbb335363666793b3ca202b6782645f4693e8c159dcafdecea55285226a64ad941eac0ad2d7cd5bd3f9d2623fa09e6ca2dec96d65dd193921da5905de048d88b2d9a240f3f4ac39c1c0cd2569f737d1f04dee482847f327027b04e8cfab1baa55bae1037ee3bf2bad09858598adc8d44cb41aa9440262b4edc532ffd3d69f2b4a1f782a989cc91167dd7524d920296711f3a744971aedcd13aa863f6fdc7b4d9e4c74845001124022cde75b521a92f08d7ee8b370b96c3c4947b935fef46634b66af9df8d4dee9b7b1ca2e3a177d65f5c558f7b3893396df7f086013c59744e1b42796a852c19f55ab7bc676eccd055813bcb97f50305d24d55d7d3445e24970d09345880b2c55ad75a0f12fab89a5451283e285db44419f7f95cc6b5874ea409a1de13cced4bea68d741747dcc28d009a1702938cde23ce9eecbc751a1fff9af2678b0711aa455e20686aae78638a191709487350a04fb3feb8d6a9bcc9f97f75522c146784d43e7f862eb07f738afcff18b2900734c4b149ee5ec0d8f9b8afec42f28a7d0c07947d28ef01ac0410f0a893d6c8e76e0f60c207be296d5eac3665a1ecc336e8835649fd895531cc7feec596f1e6ca931ea9ad622d3775beb142247841e773a53811fbf612f9d7d8bb04911e48f604d1171131d5f3bf1b1e97b39aaddd8f7374a9586d76fb490eb0e73d50ca5adfafab22395442bc630aa933800c4083d5ab77cfb2228ed7f29015fceb4753094221c11a92b0f95517792fd512241c69a7eebe3f0d2b0e4e26c78e44b3b24762d9f2fdf346b9409f059b92e465b4bd66fd32b643d4cd18937bfbddbf5234cd4378e6f56a98df8d4de8235da245dc5c3f8ee9c9db7c66017f5ed002ce52be0167b9ef6561be93a7d85556ca5cdcd7c"}, 0x1004)

15:25:54 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x7, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:54 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)=0x63f, 0x4)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000000c0)={[{0x10000, 0x0, 0x4, 0x5, 0x8, 0x1, 0x9, 0x9, 0xfe8, 0x0, 0x9, 0x9, 0x200000000000}, {0xa7d4, 0x3, 0x3, 0x6b4018c0, 0x5, 0x2, 0x0, 0x3, 0x6, 0x22, 0x1, 0x70ff, 0x3}, {0xa1e, 0x1, 0x0, 0x4, 0x10000, 0x200, 0x3, 0xaa, 0x356, 0x80000001, 0x3ff, 0x401, 0x9}], 0xf0b})

15:25:54 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000)=0x6, 0x4)

[ 1243.811586] memory: usage 204792kB, limit 204800kB, failcnt 928
[ 1243.819460] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1243.826557] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1243.843302] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:55 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x100000000000000}, 0x6)

15:25:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x111000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0x6000)

15:25:55 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a3, 0xffff, 0x0, 0x80000000000007})
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x117, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000140)={0x10, 0x30, 0xfa00, {&(0x7f0000000000), 0x0, {0xa, 0x4e20, 0x6, @loopback, 0x100}, r1}}, 0x38)
rmdir(&(0x7f0000000180)='./file0\x00')

15:25:55 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x600, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1243.887553] Memory cgroup out of memory: Kill process 24645 (syz-executor4) score 161 or sacrifice child
[ 1243.913071] Killed process 24645 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1243.926798] oom_reaper: reaped process 24645 (syz-executor4), now anon-rss:0kB, file-rss:32792kB, shmem-rss:0kB
15:25:55 executing program 2:
r0 = memfd_create(&(0x7f0000000000)='/vboxnet1\x00', 0x4)
sendto$inet6(r0, &(0x7f0000000140)="1dc8609014c7e76befc39f6655120b77d8ffada646992586a775105e4d0cf5d4ee6d3e7dc417f578940d618ad511bee9df9bdba09c624d082fb816be540743b97d7454d3a9d708a8c8885012251a84564d56a4266c7b988bc54ed0e9910d8289ea5aa7273c30658cf83f152251672f0fa8d729defe4ee6a92a5237f134926ff953d142b3abb474e08593c096840cd2ab85500379460316b59482818138489e64f66fbb643f173abc7c800053f18ee18dd4e0b9c407ecb4180a418051c8794ee19b6ab3b59eb1b7124f71da6861e434fd1c2861c4c5d66d7ff56e22c7e6fd56de7b97d1e0c20f276f63181084c227efcfeb30", 0xf2, 0x40, &(0x7f0000000040)={0xa, 0x4e22, 0x400, @mcast1, 0x8001}, 0x1c)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1243.971592] vhci_hcd: invalid port number 255
[ 1243.977933] vhci_hcd: invalid port number 255
[ 1243.989337] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
[ 1244.037107] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1244.042295] CPU: 1 PID: 24697 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1244.049660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1244.059013] Call Trace:
[ 1244.061607]  dump_stack+0x1c4/0x2b4
[ 1244.065256]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1244.070451]  ? mark_held_locks+0x130/0x130
[ 1244.074678]  ? mark_held_locks+0x130/0x130
[ 1244.078913]  dump_header+0x27b/0xf72
[ 1244.082624]  ? debug_smp_processor_id+0x1c/0x20
[ 1244.087290]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1244.092816]  ? pagefault_out_of_memory+0x197/0x197
[ 1244.097741]  ? debug_smp_processor_id+0x1c/0x20
[ 1244.102396]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1244.107313]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1244.112231]  ? perf_trace_lock+0x7a0/0x7a0
[ 1244.116450]  ? perf_trace_lock+0x7a0/0x7a0
[ 1244.120673]  ? debug_smp_processor_id+0x1c/0x20
[ 1244.125329]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1244.130260]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1244.135784]  ? perf_trace_lock+0x7a0/0x7a0
[ 1244.140007]  ? task_will_free_mem+0x239/0xb30
[ 1244.144500]  ? ___ratelimit+0x36f/0x655
[ 1244.148462]  ? lock_downgrade+0x900/0x900
[ 1244.152706]  ? trace_hardirqs_on+0xbd/0x310
[ 1244.157010]  ? kasan_check_read+0x11/0x20
[ 1244.161147]  ? ___ratelimit+0x36f/0x655
[ 1244.165107]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1244.170543]  ? trace_hardirqs_on+0x310/0x310
[ 1244.174936]  ? lock_downgrade+0x900/0x900
[ 1244.179072]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1244.184159]  ? ___ratelimit+0xaa/0x655
[ 1244.188035]  ? idr_get_free+0xec0/0xec0
[ 1244.191998]  ? kasan_check_write+0x14/0x20
[ 1244.196219]  ? do_raw_spin_lock+0xc1/0x200
[ 1244.200443]  oom_kill_process.cold.27+0x10/0x903
[ 1244.205188]  ? kasan_check_write+0x14/0x20
[ 1244.209412]  ? do_raw_spin_lock+0xc1/0x200
[ 1244.213642]  ? oom_evaluate_task+0x540/0x540
[ 1244.218059]  ? cgroup_procs_next+0x70/0x70
[ 1244.222282]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1244.226765]  ? oom_badness+0xaa0/0xaa0
[ 1244.230648]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1244.235390]  ? mem_cgroup_iter_break+0x30/0x30
[ 1244.239969]  ? cgroup_file_notify+0x226/0x2f0
[ 1244.244449]  out_of_memory+0xa84/0x1430
[ 1244.248434]  ? kasan_check_read+0x11/0x20
[ 1244.252566]  ? oom_killer_disable+0x3a0/0x3a0
[ 1244.257046]  ? kasan_check_write+0x14/0x20
[ 1244.261269]  ? do_raw_spin_lock+0xc1/0x200
[ 1244.265498]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1244.270334]  ? memcg_memory_event+0x40/0x40
[ 1244.274647]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1244.279489]  ? page_counter_try_charge+0x1c1/0x220
[ 1244.284412]  try_charge+0xc43/0x1690
[ 1244.288115]  ? lock_downgrade+0x900/0x900
[ 1244.292253]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1244.298298]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1244.303825]  ? should_fail+0x22d/0xd01
[ 1244.307787]  ? percpu_ref_tryget_live+0x168/0x460
[ 1244.312613]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1244.317458]  ? lock_downgrade+0x900/0x900
[ 1244.321595]  ? lock_release+0x970/0x970
[ 1244.325566]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1244.331347]  ? create_empty_buffers+0xdb0/0xdb0
[ 1244.336009]  ? check_preemption_disabled+0x48/0x200
[ 1244.341015]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1244.345844]  ? fs_reclaim_acquire+0x20/0x20
[ 1244.350164]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1244.354821]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1244.359305]  ? lock_downgrade+0x900/0x900
[ 1244.363442]  memcg_kmem_charge+0x135/0x300
[ 1244.367684]  __alloc_pages_nodemask+0x72e/0xde0
[ 1244.372343]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1244.377343]  ? lock_acquire+0x1ed/0x520
[ 1244.381301]  ? ext4_page_mkwrite+0x211/0x14a0
[ 1244.385792]  ? set_page_dirty_lock+0x190/0x190
[ 1244.390362]  ? ext4_page_mkwrite+0xcd9/0x14a0
[ 1244.394850]  ? lock_downgrade+0x900/0x900
[ 1244.398981]  ? lock_downgrade+0x900/0x900
[ 1244.403120]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1244.408643]  alloc_pages_current+0x10c/0x210
[ 1244.413043]  pte_alloc_one+0x1b/0x1a0
[ 1244.416830]  __pte_alloc+0x2a/0x350
[ 1244.420464]  alloc_set_pte+0x1352/0x17d0
[ 1244.424515]  ? do_swap_page+0x2c60/0x2c60
[ 1244.428651]  ? ext4_change_inode_journal_flag+0x3e0/0x3e0
[ 1244.434175]  ? up_read+0x1a/0x110
[ 1244.437620]  ? ext4_filemap_fault+0x8d/0xad
[ 1244.441926]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1244.447448]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1244.452987]  ? unlock_page+0x2c2/0x4c0
[ 1244.456860]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1244.462386]  ? do_page_mkwrite+0x380/0x660
[ 1244.466619]  ? lock_page+0x170/0x170
[ 1244.470319]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1244.475843]  ? pud_val+0x88/0x100
[ 1244.479306]  finish_fault+0x179/0x2d0
[ 1244.483097]  __handle_mm_fault+0x361a/0x53e0
[ 1244.487496]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1244.492321]  ? __kasan_slab_free+0x119/0x150
[ 1244.496721]  ? tun_get+0x22d/0x370
[ 1244.500246]  ? tun_chr_close+0x180/0x180
[ 1244.504295]  ? blkcg_maybe_throttle_current+0xa38/0x1080
[ 1244.509737]  ? lock_acquire+0x1ed/0x520
[ 1244.513711]  ? handle_mm_fault+0x42a/0xc70
[ 1244.517931]  ? lock_downgrade+0x900/0x900
[ 1244.522071]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1244.527869]  ? __do_page_fault+0x67d/0xed0
[ 1244.532092]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1244.537528]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1244.543055]  ? check_preemption_disabled+0x48/0x200
[ 1244.548060]  handle_mm_fault+0x54f/0xc70
[ 1244.552109]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1244.556678]  ? find_vma+0x34/0x190
[ 1244.560209]  __do_page_fault+0x67d/0xed0
[ 1244.564258]  ? mm_fault_error+0x380/0x380
[ 1244.568398]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1244.573931]  do_page_fault+0xf2/0x7e0
[ 1244.577720]  ? vmalloc_sync_all+0x30/0x30
[ 1244.581855]  ? error_entry+0x70/0xd0
[ 1244.585555]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1244.590554]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1244.595471]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1244.600298]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1244.605298]  ? trace_hardirqs_off+0x310/0x310
[ 1244.609779]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1244.614780]  ? page_fault+0x8/0x30
[ 1244.618309]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1244.623142]  ? page_fault+0x8/0x30
[ 1244.626669]  page_fault+0x1e/0x30
[ 1244.630106] RIP: 0023:0x804966e
[ 1244.633381] Code: 02 83 c0 43 e8 83 ff ff ff 8d 76 00 53 83 ec 08 8b 0d 28 00 46 08 8b 15 24 00 46 08 39 ca 8d 99 00 00 00 01 72 15 39 da 73 11 <89> 02 8d 42 04 a3 24 00 46 08 83 c4 08 89 d0 5b c3 53 51 52 68 90
[ 1244.652264] RSP: 002b:000000000845fc30 EFLAGS: 00010287
[ 1244.657622] RAX: 0000000000000000 RBX: 000000002e320000 RCX: 000000002d320000
[ 1244.664888] RDX: 000000002d320000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1244.672140] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1244.679394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
15:25:55 executing program 1:
r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x8b, 0x202e80)
ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f00000000c0)=0xd7)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:25:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:55 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2c, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1244.686658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1244.703701] Task in /syz4 killed as a result of limit of /syz4
[ 1244.722240] memory: usage 204796kB, limit 204800kB, failcnt 960
[ 1244.729135] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:55 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x2040000ffffff, 0x200000)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

[ 1244.744064] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1244.750891] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1244.771826] Memory cgroup out of memory: Kill process 24697 (syz-executor4) score 160 or sacrifice child
15:25:55 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000000)=0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:55 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2900000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1244.785235] Killed process 24697 (syz-executor4) total-vm:69988kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:55 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x3f000000}, 0x6)

[ 1244.818895] oom_reaper: reaped process 24697 (syz-executor4), now anon-rss:0kB, file-rss:32156kB, shmem-rss:0kB
15:25:55 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0xfffffffffffffffe, 0xfff, 0x0, 0x80, 0xffffffffffffffff})

15:25:55 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xb00000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1244.931406] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1244.957403] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1244.963358] CPU: 1 PID: 24726 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1244.970732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1244.980086] Call Trace:
[ 1244.982685]  dump_stack+0x1c4/0x2b4
[ 1244.986321]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1244.991528]  ? debug_smp_processor_id+0x1c/0x20
[ 1244.996207]  dump_header+0x27b/0xf72
[ 1244.999939]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1245.005490]  ? pagefault_out_of_memory+0x197/0x197
[ 1245.010423]  ? debug_smp_processor_id+0x1c/0x20
[ 1245.015089]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1245.020007]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1245.024928]  ? perf_trace_lock+0x7a0/0x7a0
[ 1245.029149]  ? perf_trace_lock+0x7a0/0x7a0
[ 1245.033376]  ? debug_smp_processor_id+0x1c/0x20
[ 1245.038030]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1245.042949]  ? mark_held_locks+0x130/0x130
[ 1245.047169]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1245.052694]  ? perf_trace_lock+0x7a0/0x7a0
[ 1245.056921]  ? task_will_free_mem+0x239/0xb30
[ 1245.061407]  ? ___ratelimit+0x36f/0x655
[ 1245.065366]  ? lock_downgrade+0x900/0x900
[ 1245.069505]  ? trace_hardirqs_on+0xbd/0x310
[ 1245.073810]  ? kasan_check_read+0x11/0x20
[ 1245.077946]  ? ___ratelimit+0x36f/0x655
[ 1245.082010]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1245.087447]  ? trace_hardirqs_on+0x310/0x310
[ 1245.091844]  ? lock_downgrade+0x900/0x900
[ 1245.095983]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1245.101072]  ? ___ratelimit+0xaa/0x655
[ 1245.104950]  ? idr_get_free+0xec0/0xec0
[ 1245.108911]  ? kasan_check_write+0x14/0x20
[ 1245.113132]  ? do_raw_spin_lock+0xc1/0x200
[ 1245.117364]  oom_kill_process.cold.27+0x10/0x903
[ 1245.122107]  ? kasan_check_write+0x14/0x20
[ 1245.126331]  ? do_raw_spin_lock+0xc1/0x200
[ 1245.130572]  ? oom_evaluate_task+0x540/0x540
[ 1245.134987]  ? cgroup_procs_next+0x70/0x70
[ 1245.139209]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1245.143690]  ? oom_badness+0xaa0/0xaa0
[ 1245.147571]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1245.152315]  ? mem_cgroup_iter_break+0x30/0x30
[ 1245.156893]  ? cgroup_file_notify+0x226/0x2f0
[ 1245.161384]  out_of_memory+0xa84/0x1430
[ 1245.165348]  ? kasan_check_read+0x11/0x20
[ 1245.169494]  ? oom_killer_disable+0x3a0/0x3a0
[ 1245.173975]  ? kasan_check_write+0x14/0x20
[ 1245.178196]  ? do_raw_spin_lock+0xc1/0x200
[ 1245.182425]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1245.187256]  ? memcg_memory_event+0x40/0x40
[ 1245.191577]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1245.196328]  ? page_counter_try_charge+0x1c1/0x220
[ 1245.201244]  try_charge+0xc43/0x1690
[ 1245.204945]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1245.210039]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1245.216081]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1245.220908]  ? lock_downgrade+0x900/0x900
[ 1245.225042]  ? lock_release+0x970/0x970
[ 1245.229007]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1245.234797]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1245.239715]  ? mem_cgroup_can_attach+0x580/0x580
[ 1245.244455]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1245.249372]  ? update_load_avg+0x2470/0x2470
[ 1245.253771]  ? __might_sleep+0x95/0x190
[ 1245.257731]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1245.262303]  ? mem_cgroup_protected+0xa60/0xa60
[ 1245.266974]  ? swp_swapcount+0x530/0x530
[ 1245.271019]  ? perf_sched_cb_inc+0x350/0x350
[ 1245.275422]  ? finish_task_switch+0x1f5/0x900
[ 1245.279914]  ? lock_downgrade+0x900/0x900
[ 1245.284050]  ? finish_task_switch+0x1b5/0x900
[ 1245.288535]  ? trace_hardirqs_on+0xbd/0x310
[ 1245.292867]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1245.298394]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1245.303316]  wp_page_copy+0x46c/0x14f0
[ 1245.307190]  ? finish_task_switch+0x1b5/0x900
[ 1245.311690]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1245.317220]  ? follow_pfn+0x2e0/0x2e0
[ 1245.321025]  ? __switch_to_asm+0x34/0x70
[ 1245.325073]  ? __switch_to_asm+0x34/0x70
[ 1245.329121]  ? __switch_to_asm+0x40/0x70
[ 1245.333171]  ? do_wp_page+0x76c/0x1390
[ 1245.337048]  ? lock_downgrade+0x900/0x900
[ 1245.341181]  ? kasan_check_write+0x14/0x20
[ 1245.345411]  ? kasan_check_read+0x11/0x20
[ 1245.349553]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1245.353955]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1245.358522]  ? __pte_alloc_kernel+0x220/0x220
[ 1245.363008]  ? trace_hardirqs_off+0x310/0x310
[ 1245.367487]  ? trace_hardirqs_on+0x310/0x310
[ 1245.371884]  do_wp_page+0x774/0x1390
[ 1245.375591]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1245.380248]  ? lock_release+0x970/0x970
[ 1245.384208]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1245.389734]  ? check_preemption_disabled+0x48/0x200
[ 1245.394738]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1245.400274]  ? kasan_check_write+0x14/0x20
[ 1245.404498]  ? do_raw_spin_lock+0xc1/0x200
[ 1245.408722]  __handle_mm_fault+0x2c60/0x53e0
[ 1245.413126]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1245.417955]  ? debug_smp_processor_id+0x1c/0x20
[ 1245.422617]  ? lock_acquire+0x1ed/0x520
[ 1245.426581]  ? handle_mm_fault+0x42a/0xc70
[ 1245.430800]  ? lock_downgrade+0x900/0x900
[ 1245.434941]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1245.440726]  ? __do_page_fault+0x67d/0xed0
[ 1245.444946]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1245.450385]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1245.455914]  ? check_preemption_disabled+0x48/0x200
[ 1245.460923]  handle_mm_fault+0x54f/0xc70
[ 1245.464971]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1245.469546]  ? find_vma+0x34/0x190
[ 1245.473078]  __do_page_fault+0x67d/0xed0
[ 1245.477127]  ? mm_fault_error+0x380/0x380
[ 1245.481260]  ? trace_hardirqs_on+0x310/0x310
[ 1245.485656]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1245.491185]  do_page_fault+0xf2/0x7e0
[ 1245.494972]  ? vmalloc_sync_all+0x30/0x30
[ 1245.499117]  ? error_entry+0x70/0xd0
[ 1245.502817]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1245.507824]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1245.512742]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1245.517582]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1245.522583]  ? trace_hardirqs_off+0x310/0x310
[ 1245.527066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1245.532591]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1245.537619]  ? page_fault+0x8/0x30
[ 1245.541146]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1245.545976]  ? page_fault+0x8/0x30
[ 1245.549502]  page_fault+0x1e/0x30
[ 1245.552948] RIP: 0023:0x804f1a4
[ 1245.556219] Code: 1a 8b 45 00 85 c0 0f 85 d9 00 00 00 83 c6 01 83 c7 6c 83 fe 10 0f 84 bd 00 00 00 80 7f f8 00 8d 47 f4 89 fd 89 44 24 24 75 d7 <c6> 47 f8 01 89 77 f4 89 f8 c6 47 11 00 c7 47 fc 00 00 00 00 c7 07
[ 1245.575105] RSP: 002b:000000000845fc40 EFLAGS: 00010246
15:25:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x0, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x6, 0x42)
socketpair(0xb, 0x1, 0x757, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r2, 0x0, 0x800, r3})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0xae78, &(0x7f0000000040))

15:25:56 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x80000, 0x200000000001)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f0000000140))
dup3(r0, r0, 0x80000)

[ 1245.580457] RAX: 000000000814af60 RBX: 000000000845fd3c RCX: 0000000000000028
[ 1245.587709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000814af6c
[ 1245.594979] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1245.602233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1245.609490] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:56 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x89ffffff, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1245.681433] Task in /syz4 killed as a result of limit of /syz4
[ 1245.700375] memory: usage 204800kB, limit 204800kB, failcnt 996
[ 1245.713190] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1245.720076] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040)=0x2000)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x1, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f00000000c0)=0x2, 0x4)
eventfd(0xb7c)

15:25:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000380)=ANY=[@ANYBLOB="6d73af676c650000000300000000000000f9ffdfffffffffffffff005668ce324c80b3f6cb001f00000006000040d6057f20f0ea4a96b004006bb955730900000000000000ac03000004a8848a165ee19bb61212e6d801000010020000b0040000b0040000b00400000200000000000049c9b4ec73bc42ca0a99ec030c540ad75c2949a1c8a784d2b5bc3da51320c86c00775d02443bb4ff876312f67259a0a3e2a1967268bd74016d3fad4fb05461c8098e212a4edcf12e3458009ffebbfa0f9f3b06cb47025b00134a100b1ae10389f0a4f3fa80ba6e6c7bb9cf0efd2a1dda1ef8231bfd07c7979ac5e60ef5fa78e4369421c42ffb01bb2649a977cebce22e277f803eb7d61f4be4f9ae4911fe9904f97e3f566502cdf8d08d06d08e3c17b68c41d890ce811ebb5bce1321ff6d271f21345d5455b268c6f2b753059b61b093e9f61219d2ee485c7dddccffd210e78396d6b73f2d0172cfb2c7e7eecacc9aeb732a2fb4ceefb870d2c2aede9f96d899cb86b6"], 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x401, 0x103000)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f00000000c0)=0x3)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000100)=0x2)

15:25:56 executing program 2:
syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)

[ 1245.727562] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:56 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x9, 0x100)
connect(r0, &(0x7f0000000000)=@ipx={0x4, 0x6, 0x1, "f5af0d3ad5f0", 0xa7}, 0x80)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:56 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2b00, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1245.835037] Memory cgroup out of memory: Kill process 24726 (syz-executor4) score 160 or sacrifice child
[ 1245.863539] Killed process 24726 (syz-executor4) total-vm:69988kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:25:57 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x3000000}, 0x6)

15:25:57 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000140)='trusted.overlay.opaque\x00', &(0x7f0000000100)='y\x00', 0x2, 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = request_key(&(0x7f0000000080)='big_key\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000180)='trusted.overlay.opaque\x00', 0xfffffffffffffff9)
keyctl$clear(0x7, r2)
iopl(0x0)
socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f00000001c0))

[ 1245.923130] oom_reaper: reaped process 24726 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:57 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x6})
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={<r1=>0x0, @in={{0x2, 0x4e21, @loopback}}, 0x1ff80000000000, 0x3, 0x2, 0xffffffff, 0x2}, &(0x7f0000000140)=0x98)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={r1, 0x7}, 0x8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000001c0)={@in={{0x2, 0x4e23, @rand_addr=0x8}}, 0xfffffffffffffffc, 0x49c, 0x80, "04e43e81460872386575d585b55a6583acf4951f0863f2780d5e3e445bc977913f8e81d5e4203555750533898956b4943c2eb8afb589432751f29468b24fa8c32b2930fee67e5e8e759bd69d05b3460e"}, 0xd8)

15:25:57 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x6, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:57 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000))
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[{0x3, 0x100}, {0x3, 0x1233f323}, {0x2, 0x5}, {0x8, 0x100}], 0x4)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={<r1=>0x0, 0x80000, r0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={<r2=>0x0, 0x0, 0x1000})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140)={r1, r2})

[ 1246.031212] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1246.085811] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1246.109903] CPU: 1 PID: 24780 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1246.117302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1246.126759] Call Trace:
[ 1246.129356]  dump_stack+0x1c4/0x2b4
[ 1246.133010]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1246.138204]  ? debug_smp_processor_id+0x1c/0x20
[ 1246.142880]  dump_header+0x27b/0xf72
[ 1246.146605]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1246.152146]  ? pagefault_out_of_memory+0x197/0x197
[ 1246.157082]  ? debug_smp_processor_id+0x1c/0x20
[ 1246.161752]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1246.166686]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1246.171621]  ? perf_trace_lock+0x7a0/0x7a0
[ 1246.175855]  ? perf_trace_lock+0x7a0/0x7a0
[ 1246.180096]  ? debug_smp_processor_id+0x1c/0x20
[ 1246.184767]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1246.189700]  ? mark_held_locks+0x130/0x130
[ 1246.193942]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1246.199490]  ? perf_trace_lock+0x7a0/0x7a0
[ 1246.203728]  ? task_will_free_mem+0x239/0xb30
[ 1246.208234]  ? ___ratelimit+0x36f/0x655
[ 1246.212308]  ? lock_downgrade+0x900/0x900
[ 1246.216461]  ? trace_hardirqs_on+0xbd/0x310
[ 1246.220790]  ? kasan_check_read+0x11/0x20
[ 1246.224945]  ? ___ratelimit+0x36f/0x655
[ 1246.228926]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1246.234375]  ? trace_hardirqs_on+0x310/0x310
[ 1246.238786]  ? lock_downgrade+0x900/0x900
[ 1246.242946]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1246.248053]  ? ___ratelimit+0xaa/0x655
[ 1246.251944]  ? idr_get_free+0xec0/0xec0
[ 1246.255920]  ? kasan_check_write+0x14/0x20
[ 1246.260169]  ? do_raw_spin_lock+0xc1/0x200
[ 1246.264409]  oom_kill_process.cold.27+0x10/0x903
[ 1246.269164]  ? kasan_check_write+0x14/0x20
[ 1246.273401]  ? do_raw_spin_lock+0xc1/0x200
[ 1246.277650]  ? oom_evaluate_task+0x540/0x540
[ 1246.282067]  ? cgroup_procs_next+0x70/0x70
[ 1246.286307]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1246.290800]  ? oom_badness+0xaa0/0xaa0
[ 1246.294687]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1246.299446]  ? mem_cgroup_iter_break+0x30/0x30
[ 1246.304053]  ? cgroup_file_notify+0x226/0x2f0
[ 1246.308552]  out_of_memory+0xa84/0x1430
[ 1246.312528]  ? kasan_check_read+0x11/0x20
[ 1246.316680]  ? oom_killer_disable+0x3a0/0x3a0
[ 1246.321177]  ? kasan_check_write+0x14/0x20
[ 1246.325414]  ? do_raw_spin_lock+0xc1/0x200
[ 1246.329657]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1246.334517]  ? memcg_memory_event+0x40/0x40
[ 1246.338843]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1246.343611]  ? page_counter_try_charge+0x1c1/0x220
[ 1246.348549]  try_charge+0xc43/0x1690
[ 1246.352271]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1246.357384]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1246.363443]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1246.368295]  ? lock_downgrade+0x900/0x900
[ 1246.372443]  ? lock_release+0x970/0x970
[ 1246.376442]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1246.382262]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1246.387113]  ? mem_cgroup_can_attach+0x580/0x580
[ 1246.391872]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1246.396802]  ? update_load_avg+0x2470/0x2470
[ 1246.401217]  ? __might_sleep+0x95/0x190
[ 1246.405203]  mem_cgroup_try_charge+0x5ea/0xe10
15:25:57 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

[ 1246.409807]  ? mem_cgroup_protected+0xa60/0xa60
[ 1246.414484]  ? swp_swapcount+0x530/0x530
[ 1246.418549]  ? perf_sched_cb_inc+0x350/0x350
[ 1246.422973]  ? finish_task_switch+0x1f5/0x900
[ 1246.427481]  ? lock_downgrade+0x900/0x900
[ 1246.431637]  ? finish_task_switch+0x1b5/0x900
[ 1246.436140]  ? trace_hardirqs_on+0xbd/0x310
[ 1246.440482]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1246.446023]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1246.450947]  wp_page_copy+0x46c/0x14f0
[ 1246.454822]  ? finish_task_switch+0x2f5/0x900
[ 1246.459306]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1246.464849]  ? follow_pfn+0x2e0/0x2e0
[ 1246.468636]  ? __switch_to_asm+0x34/0x70
[ 1246.472680]  ? __switch_to_asm+0x34/0x70
[ 1246.476726]  ? __switch_to_asm+0x40/0x70
[ 1246.480777]  ? do_wp_page+0x76c/0x1390
[ 1246.484655]  ? lock_downgrade+0x900/0x900
[ 1246.488793]  ? kasan_check_write+0x14/0x20
[ 1246.493015]  ? kasan_check_read+0x11/0x20
[ 1246.497152]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1246.501549]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1246.506121]  ? __pte_alloc_kernel+0x220/0x220
[ 1246.510606]  do_wp_page+0x774/0x1390
[ 1246.514326]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1246.518986]  ? lock_release+0x970/0x970
[ 1246.522949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1246.528480]  ? check_preemption_disabled+0x48/0x200
[ 1246.533484]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1246.539012]  ? kasan_check_write+0x14/0x20
[ 1246.543580]  ? do_raw_spin_lock+0xc1/0x200
[ 1246.547805]  __handle_mm_fault+0x2c60/0x53e0
[ 1246.552206]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1246.557126]  ? debug_smp_processor_id+0x1c/0x20
[ 1246.561790]  ? lock_acquire+0x1ed/0x520
[ 1246.565761]  ? handle_mm_fault+0x42a/0xc70
[ 1246.569982]  ? lock_downgrade+0x900/0x900
[ 1246.574120]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1246.579908]  ? __do_page_fault+0x67d/0xed0
[ 1246.584128]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1246.589564]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1246.595091]  ? check_preemption_disabled+0x48/0x200
[ 1246.600096]  handle_mm_fault+0x54f/0xc70
[ 1246.604147]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1246.608732]  ? find_vma+0x34/0x190
[ 1246.612259]  __do_page_fault+0x67d/0xed0
[ 1246.616327]  ? mm_fault_error+0x380/0x380
[ 1246.620483]  ? trace_hardirqs_on+0x310/0x310
[ 1246.624880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1246.630405]  do_page_fault+0xf2/0x7e0
[ 1246.634193]  ? vmalloc_sync_all+0x30/0x30
[ 1246.638332]  ? error_entry+0x70/0xd0
[ 1246.642035]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1246.647036]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1246.651950]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1246.656777]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1246.661780]  ? trace_hardirqs_off+0x310/0x310
[ 1246.666262]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1246.671786]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1246.676786]  ? page_fault+0x8/0x30
[ 1246.680314]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1246.685144]  ? page_fault+0x8/0x30
[ 1246.688672]  page_fault+0x1e/0x30
[ 1246.692111] RIP: 0023:0x804f1a4
15:25:57 executing program 5:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0xd200000000000000, 0x200000)
connect$vsock_dgram(r0, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10)
r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0xffe, 0x800)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100))

[ 1246.695381] Code: 1a 8b 45 00 85 c0 0f 85 d9 00 00 00 83 c6 01 83 c7 6c 83 fe 10 0f 84 bd 00 00 00 80 7f f8 00 8d 47 f4 89 fd 89 44 24 24 75 d7 <c6> 47 f8 01 89 77 f4 89 f8 c6 47 11 00 c7 47 fc 00 00 00 00 c7 07
[ 1246.714268] RSP: 002b:000000000845fc40 EFLAGS: 00010246
[ 1246.719624] RAX: 000000000814af60 RBX: 000000000845fd3c RCX: 0000000000000028
[ 1246.726889] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000814af6c
[ 1246.734146] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1246.741398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1246.748651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:25:57 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000000)={0xeabf, 0x4, 0x5, 'queue0\x00', 0x3})
write$P9_RRENAME(r0, &(0x7f0000000180)={0x7, 0x15, 0x2}, 0x7)
ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000140))

15:25:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffe)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:57 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2c000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1246.770572] Task in /syz4 killed as a result of limit of /syz4
[ 1246.802831] memory: usage 204764kB, limit 204800kB, failcnt 1028
[ 1246.825525] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:25:57 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000040)={0x0, 0xfffffffffffffffd, 0x0, 0x3})

15:25:57 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)={<r1=>0x0, 0x9, 0x3, [0x7fffffff, 0x92, 0x0]}, &(0x7f0000000040)=0xe)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000140)={r1, @in={{0x2, 0x4e20, @broadcast}}, 0x2, 0xffffffff, 0x3, 0x0, 0x400}, &(0x7f0000000080)=0x98)
bind(r0, &(0x7f0000000240)=@ax25={0x3, {"5079c24ab8581f"}, 0x7f}, 0x80)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f0000000200)={0x80000000})

[ 1246.871006] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1246.913464] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB
15:25:58 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x80550000}, 0x6)

15:25:58 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xe020000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
sync_file_range(r2, 0x3, 0x401, 0x4)

15:25:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
connect$rds(r1, &(0x7f0000000080)={0x2, 0x4e22, @loopback}, 0xc)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:25:58 executing program 2:
pipe(&(0x7f0000000080))
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000040)={0xffff, 0x0, 0x0, 0x0, 0xffffffffffffffff})
write$P9_RLERRORu(r0, &(0x7f0000000000)={0x22, 0x7, 0x1, {{0x15, '/dev/bus/usb/00#/00#\x00'}, 0x4}}, 0x22)

[ 1246.957008] Memory cgroup out of memory: Kill process 24780 (syz-executor4) score 160 or sacrifice child
[ 1246.968251] Killed process 24780 (syz-executor4) total-vm:69988kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1246.979522] oom_reaper: reaped process 24780 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:58 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x4, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1247.010248] vhci_hcd: default hub control req: ffff v0000 i0000 l0
[ 1247.035041] vhci_hcd: default hub control req: ffff v0000 i0000 l0
15:25:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x40000, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-vsock\x00', 0x2, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000280)=0x3, 0x4)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x10000, 0x0)
ioctl$SG_SET_TIMEOUT(r2, 0x2201, &(0x7f0000000240)=0xfffffffffffffff9)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @local, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @remote={0xac, 0x14, 0x223}}, @icmp=@timestamp_reply={0x7, 0x3}}}}}, &(0x7f0000000040))
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
r4 = dup3(r0, r0, 0x80000)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000680)={0x7, r4, 0x1})
connect$l2tp(r4, &(0x7f0000000140)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x2, 0x4, 0x1, 0x2, {0xa, 0x4e21, 0xfff8000000000000, @ipv4={[], [], @multicast2}, 0x3}}}, 0x1e4)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000001600)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000700000004000000a4040000800200004001000080020000c0030000c0030000c003000004000000000000000000000000000000000006d0973f056499e25f5b7a2f0372f0ec28df45fb26b226114fc7c42defc0e0f90fa4550a185455e50f8441cc7361465a325eb0107f537c8bd7654df62f9949b2d5294b274ef4a4e55980fbdd8ce2bdc6063dc43598702f04e28058611e022873333795ddb5c7482eaed5b31845bc3569e0515edd859dcf1467d3d36858d5a075d24bcdb307a0613606e8741ee1a8601c29b629446b80499dedfa2540d9c1bfc4bf53cc205fc92c44db737acc4abb88767ebd68d293c51902357df082ef9f809d4702746c3fa1f86f4d414ab99d032b6545b17d8a23b25dfeeb655d9e97fc49e92c5085a4918066e5b930f2190e460b0af4bc7026fbe4f50d815ba1842e", @ANYPTR=&(0x7f00000006c0)=ANY=[@ANYBLOB="00000000000000000000000000000000004002504c8cf631c3d8000000000000f23ea500000000000000000095000000000000000000000000006e42a99400000000000000"], @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c65000000000000000000000000000000000000000000000000aaaabaaaaaaa0000000000000000000000000000000000000000000000000000e0000002ffffffff05000000ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac1414bbac1414aa0b00000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000180c20000010000000000000000000091267832a94c00000000000000000000ffffffffe000000202000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e400000000000000000000000000000000000000000000ddffff2300000000000000000000000000000000000000000000000000000000000000feffffff6c966f92bbbe4951aadf98599fa8a94b8cfd9b67bddff7b609a59cda26e8d775294f421d06a16975af2690388e8cbe6eb18c45b9310212e399c7334dce474c6620ad8f90f5b8cf4038c75e1c9dda57574042290cf36326182c731e81d7bb2f34827699081086ed283abd593153c55d0e0f5e144e259b12f533340ad140bac5263b6432429dd0b491cb1143db1e67250c53fef4fd74d0b4faa238727dd389ac0e179820abfe2afd2a62855d5c94b6fa9e6e1493cb63d1f50607b2dfb38cb2cb37e5c4fec5561d960e4c4426e7714dc003cfdca3e7642ccc8d17eb331101824c6f97a9eacbe353ad50dd3c0041e6398f4f63ae3cb92b28203a9277394d92b062ac5b5075b921a6029a488dccff453aeee9f1f9cb5a205a238d6b23c12d39ab1b28d87b84de40961a274751cad94a3ef484d311f973d92741d90475e8fc801a073537ab73ae65df62fe47cb4e003752047938061c5db8dce6df027fff0b90c66641696147160dc816a0f00816cccf634ed1e3d4697b355bdfb4629dfa57fe8d31a7e14177522ec511fb45816a4c4c8ee0ed35af6fbbee1f60d463"], 0x4f0)
write$FUSE_NOTIFY_INVAL_INODE(r4, &(0x7f0000000100)={0x28, 0x2, 0x0, {0x6, 0x8, 0x41}}, 0x28)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x4)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))
r5 = gettid()
sched_getscheduler(r5)

[ 1247.073477] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0
[ 1247.105820] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1247.110974] CPU: 1 PID: 24829 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1247.118336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1247.127705] Call Trace:
[ 1247.127726]  dump_stack+0x1c4/0x2b4
[ 1247.127744]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1247.133935]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.143732] QAT: Invalid ioctl
[ 1247.143758]  dump_header+0x27b/0xf72
[ 1247.150658]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.156204]  ? pagefault_out_of_memory+0x197/0x197
[ 1247.156223]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.156241]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.165824]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.165843]  ? perf_trace_lock+0x7a0/0x7a0
[ 1247.165854]  ? perf_trace_lock+0x7a0/0x7a0
[ 1247.165879]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.175960] QAT: Invalid ioctl
[ 1247.179918]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.179935]  ? mark_held_locks+0x130/0x130
[ 1247.184786] QAT: Invalid ioctl
[ 1247.188819]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.188841]  ? perf_trace_lock+0x7a0/0x7a0
[ 1247.194089] QAT: Invalid ioctl
[ 1247.196933]  ? task_will_free_mem+0x239/0xb30
[ 1247.196958]  ? ___ratelimit+0x36f/0x655
[ 1247.204352]  ? lock_downgrade+0x900/0x900
[ 1247.214090]  ? trace_hardirqs_on+0xbd/0x310
[ 1247.214103]  ? kasan_check_read+0x11/0x20
[ 1247.214122]  ? ___ratelimit+0x36f/0x655
[ 1247.217494] QAT: Invalid ioctl
[ 1247.221770]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1247.221783]  ? trace_hardirqs_on+0x310/0x310
[ 1247.221800]  ? lock_downgrade+0x900/0x900
[ 1247.225890] QAT: Invalid ioctl
[ 1247.229890]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1247.229913]  ? ___ratelimit+0xaa/0x655
[ 1247.238343]  ? idr_get_free+0xec0/0xec0
[ 1247.238354]  ? kasan_check_write+0x14/0x20
[ 1247.238371]  ? do_raw_spin_lock+0xc1/0x200
[ 1247.245501]  oom_kill_process.cold.27+0x10/0x903
[ 1247.245517]  ? kasan_check_write+0x14/0x20
[ 1247.245533]  ? do_raw_spin_lock+0xc1/0x200
[ 1247.255355]  ? oom_evaluate_task+0x540/0x540
[ 1247.255371]  ? cgroup_procs_next+0x70/0x70
[ 1247.255387]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1247.262694]  ? oom_badness+0xaa0/0xaa0
[ 1247.262712]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1247.318839]  ? mem_cgroup_iter_break+0x30/0x30
[ 1247.323427]  ? cgroup_file_notify+0x226/0x2f0
[ 1247.327910]  out_of_memory+0xa84/0x1430
[ 1247.331870]  ? kasan_check_read+0x11/0x20
[ 1247.336002]  ? oom_killer_disable+0x3a0/0x3a0
[ 1247.340481]  ? kasan_check_write+0x14/0x20
[ 1247.344705]  ? do_raw_spin_lock+0xc1/0x200
[ 1247.348944]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1247.353791]  ? memcg_memory_event+0x40/0x40
[ 1247.358102]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1247.362935]  ? page_counter_try_charge+0x1c1/0x220
[ 1247.367855]  try_charge+0xc43/0x1690
[ 1247.371566]  ? lock_downgrade+0x900/0x900
[ 1247.375703]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1247.381747]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1247.387531]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1247.393059]  ? should_fail+0x22d/0xd01
[ 1247.396933]  ? percpu_ref_tryget_live+0x168/0x460
[ 1247.401760]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1247.406609]  ? lock_downgrade+0x900/0x900
[ 1247.410745]  ? lock_release+0x970/0x970
[ 1247.414717]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1247.420503]  ? __kernel_text_address+0xd/0x40
[ 1247.424987]  ? __save_stack_trace+0x8d/0xf0
[ 1247.429301]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1247.434139]  ? fs_reclaim_acquire+0x20/0x20
[ 1247.438453]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1247.443108]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1247.447589]  ? entry_INT80_compat+0x74/0x7e
[ 1247.451902]  memcg_kmem_charge+0x135/0x300
[ 1247.456127]  __alloc_pages_nodemask+0x72e/0xde0
[ 1247.460787]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1247.465791]  ? percpu_ref_put_many+0x13e/0x260
[ 1247.470360]  ? trace_hardirqs_on+0xbd/0x310
[ 1247.474672]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1247.480021]  ? kasan_kmalloc+0xc7/0xe0
[ 1247.483895]  ? kasan_slab_alloc+0x12/0x20
[ 1247.488032]  ? kmem_cache_alloc_node+0x303/0x730
[ 1247.492772]  ? kasan_check_write+0x14/0x20
[ 1247.496999]  ? do_raw_spin_lock+0xc1/0x200
[ 1247.501225]  copy_process+0xa09/0x8780
[ 1247.505104]  ? check_preemption_disabled+0x48/0x200
[ 1247.510108]  ? check_preemption_disabled+0x48/0x200
[ 1247.515125]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.520653]  ? check_preemption_disabled+0x48/0x200
[ 1247.525653]  ? native_load_gs_index+0x10/0x30
[ 1247.530142]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.534804]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.539717]  ? perf_sched_cb_inc+0x350/0x350
[ 1247.544116]  ? __cleanup_sighand+0x70/0x70
[ 1247.548342]  ? lock_downgrade+0x900/0x900
[ 1247.552485]  ? finish_task_switch+0x1b5/0x900
[ 1247.556971]  ? trace_hardirqs_on+0xbd/0x310
[ 1247.561275]  ? kasan_check_read+0x11/0x20
[ 1247.565410]  ? finish_task_switch+0x1f5/0x900
[ 1247.569889]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1247.575330]  ? check_preemption_disabled+0x48/0x200
[ 1247.580336]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.584988]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.589909]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1247.595607]  ? lock_downgrade+0x900/0x900
[ 1247.599737]  ? perf_trace_lock+0x7a0/0x7a0
[ 1247.603958]  ? mark_held_locks+0x130/0x130
[ 1247.608185]  ? trace_hardirqs_on+0xbd/0x310
[ 1247.612490]  ? kasan_check_read+0x11/0x20
[ 1247.616624]  ? rcu_read_unlock_special.part.39+0x8a4/0x11f0
[ 1247.622321]  ? mark_held_locks+0x130/0x130
[ 1247.626541]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1247.631972]  ? kasan_check_write+0x14/0x20
[ 1247.636198]  ? mark_held_locks+0x130/0x130
[ 1247.640418]  ? check_preemption_disabled+0x48/0x200
[ 1247.645423]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.650074]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.654989]  ? mark_held_locks+0x130/0x130
[ 1247.659211]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.664733]  ? check_preemption_disabled+0x48/0x200
[ 1247.669735]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.674392]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.679310]  ? mark_held_locks+0x130/0x130
[ 1247.683533]  ? perf_trace_lock+0x7a0/0x7a0
[ 1247.687759]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1247.692763]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1247.697505]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.703027]  ? check_preemption_disabled+0x48/0x200
[ 1247.708030]  ? debug_smp_processor_id+0x1c/0x20
[ 1247.712680]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1247.717595]  ? lock_downgrade+0x900/0x900
[ 1247.721729]  ? perf_trace_lock+0x7a0/0x7a0
[ 1247.726392]  ? change_protection+0x1718/0x29a0
[ 1247.730964]  ? lock_downgrade+0x900/0x900
[ 1247.735102]  ? kasan_check_read+0x11/0x20
[ 1247.739240]  ? ___might_sleep+0x1ed/0x300
[ 1247.743382]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1247.747951]  ? arch_local_save_flags+0x40/0x40
[ 1247.752518]  ? kasan_check_write+0x14/0x20
[ 1247.756740]  ? do_raw_spin_lock+0xc1/0x200
[ 1247.760976]  ? perf_iterate_sb+0x189/0xc60
[ 1247.765197]  ? lock_downgrade+0x900/0x900
[ 1247.769337]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1247.775142]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.780665]  ? check_preemption_disabled+0x48/0x200
[ 1247.785672]  ? perf_iterate_sb+0x1b0/0xc60
[ 1247.789893]  ? prot_none_hugetlb_entry+0x150/0x150
[ 1247.794807]  ? perf_event_comm_output+0x750/0x750
[ 1247.799648]  ? find_get_context.isra.94+0x730/0x730
[ 1247.804651]  ? validate_mm+0x386/0x630
[ 1247.808525]  ? lock_downgrade+0x900/0x900
[ 1247.812673]  ? kasan_check_read+0x11/0x20
[ 1247.816807]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1247.821204]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1247.825773]  ? kfree+0x1bf/0x230
[ 1247.829132]  ? perf_event_mmap+0x134/0x1350
[ 1247.833444]  ? perf_event_fork+0x30/0x30
[ 1247.837498]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.843022]  ? vma_set_page_prot+0x243/0x320
[ 1247.847418]  ? vma_wants_writenotify+0x510/0x510
[ 1247.852160]  ? do_mprotect_pkey+0x8d8/0xa60
[ 1247.856471]  _do_fork+0x1cb/0x11d0
[ 1247.860001]  ? fork_idle+0x1d0/0x1d0
[ 1247.863703]  ? up_write+0x7b/0x220
[ 1247.867226]  ? up_read+0x110/0x110
[ 1247.870750]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1247.876274]  ? apparmor_file_mprotect+0xde/0x110
[ 1247.881018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1247.886542]  ? security_file_mprotect+0x94/0xc0
[ 1247.891197]  ? do_mprotect_pkey+0x8dd/0xa60
[ 1247.895976]  ? trace_hardirqs_off+0xb8/0x310
[ 1247.900370]  ? mprotect_fixup+0xc60/0xc60
[ 1247.904504]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1247.909069]  ? trace_hardirqs_on+0x310/0x310
[ 1247.913462]  ? trace_hardirqs_on+0xbd/0x310
[ 1247.917767]  ? entry_INT80_compat+0x74/0x7e
[ 1247.922075]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1247.927517]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1247.932520]  do_int80_syscall_32+0x1fe/0x890
[ 1247.936911]  ? entry_INT80_compat+0x6c/0x7e
[ 1247.941216]  ? do_syscall_64+0x820/0x820
[ 1247.945261]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1247.950090]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1247.955097]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1247.960111]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1247.964943]  entry_INT80_compat+0x74/0x7e
[ 1247.969078] RIP: 0023:0x8081a44
[ 1247.972354] Code: 8b 44 24 04 89 41 08 c7 41 04 00 00 00 00 53 56 57 8b 74 24 24 8b 54 24 20 8b 5c 24 18 8b 7c 24 28 b8 78 00 00 00 89 19 cd 80 <5f> 5e 5b 85 c0 0f 8c b1 51 fd ff 74 01 c3 89 f5 f7 c7 00 00 01 00
[ 1247.991238] RSP: 002b:000000000845fb50 EFLAGS: 00000296 ORIG_RAX: 0000000000000078
[ 1247.998933] RAX: ffffffffffffffda RBX: 00000000003d0f00 RCX: 00000000f5f52224
[ 1248.006189] RDX: 00000000f5f52ba8 RSI: 000000000845fb80 RDI: 00000000f5f52ba8
[ 1248.013441] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1248.020693] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
15:25:59 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:25:59 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000000))
getsockopt$inet_buf(r0, 0x0, 0x3f, &(0x7f0000000140)=""/163, &(0x7f0000000040)=0xffffffffffffff8d)

15:25:59 executing program 1:
r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x100000001, 0x200000)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f00000000c0)={0x7, 0x3, 0x7, 0xfffffffffffffff8, 0x9, 0x6})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000100)=0x1ffc00000000, 0x4)

15:25:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x3d34, 0x4140)
ioctl$SG_GET_VERSION_NUM(r2, 0x2282, &(0x7f00000000c0))
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000040)={0x2, 0x9fd, &(0x7f0000000180)="95759052c803ab5b56e921acfb23f32c1f2f5e5b2ba35ebda7d99c04c064347f9287527b09293697c7d928dd8ca555b8031d94fc63a82f05d13d9f49a996209c0ac6fa7224db76644650fed474fa3e6cd59b92eca926d1c6fa76038010f6ccb844a612669ff0e0340df254caee4bbb767240235e2bf034de9fa6fb2b2c9819f783fb9e384441ff6defab395ad2264053f844cd6e5fb3d2dbbe4728a78651e19132cdf288a5cc790693cae6c7be5c8d6433fdb9bb21e909e7ef5489c2afc7a738085f4585fc85625216c58900b6a5ebeb06f571345738ae5bc7eebd2135af55e85ff0b21b106b683169ae4fb422465e92f2ec6d62b128c069b8dd", &(0x7f0000000280)="cce3500a20a1262af432abb89b8ee0608106008ebf0a40b87f46edfd6dd35c6f3940b3300bbeaf2fe07cc456d15f8ce8ad1d2eb2d2881a1f3a3ce067a024d61304aeb37f2ee34ceb44f006ccdad2265b4697e032bd20e98bb4ce8e91ec4570e7ec8dbbfff9e1714ca2778dccf1ea238ea717064bbce05ff84f538d905d670eec954e55bfff0d23a365df1ed09872554c87bca662a6bccb71f05d28456b2f179a6940689b4a0fa6b99ea856afcf409c80ae93bb96a8b5ee08c0d3ae3d3f3d942c9dbf8babfe4bb9f273ed8320f570e77a8cad863a", 0xfa, 0xd4})
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000100)=0x2, 0x4)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000140))

[ 1248.027956] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1248.043642] Task in /syz4 killed as a result of limit of /syz4
[ 1248.049660] memory: usage 204756kB, limit 204800kB, failcnt 1048
15:25:59 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x4000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1248.127204] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1248.150614] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1248.171835] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1248.208111] Memory cgroup out of memory: Kill process 24829 (syz-executor4) score 160 or sacrifice child
15:25:59 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xe}, 0x6)

15:25:59 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:25:59 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x29000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:25:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080))
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x80001, 0x0)
accept4$packet(0xffffffffffffff9c, &(0x7f0000000640)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000680)=0x14, 0x800)
ioctl$PERF_EVENT_IOC_ID(r2, 0x80042407, &(0x7f00000000c0))

15:25:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1248.232109] Killed process 24829 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1248.243611] oom_reaper: reaped process 24829 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:25:59 executing program 2:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x100)
r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x81, 0x3)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f00000000c0)={0x1000000000000000, 0x0, 0xffffff7f, 0x3ff, 0x1})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000100)={0x8, 0x85ba, 0x6, 0x1000, 0x6})

[ 1248.319393] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1248.341150] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1248.347896] CPU: 0 PID: 24872 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1248.355278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1248.364642] Call Trace:
[ 1248.367244]  dump_stack+0x1c4/0x2b4
[ 1248.370887]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1248.376092]  ? debug_smp_processor_id+0x1c/0x20
[ 1248.380768]  dump_header+0x27b/0xf72
[ 1248.384487]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.384503]  ? pagefault_out_of_memory+0x197/0x197
[ 1248.384522]  ? debug_smp_processor_id+0x1c/0x20
[ 1248.394957]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1248.394969]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1248.394987]  ? perf_trace_lock+0x7a0/0x7a0
[ 1248.394997]  ? perf_trace_lock+0x7a0/0x7a0
[ 1248.395015]  ? debug_smp_processor_id+0x1c/0x20
[ 1248.413833]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1248.413847]  ? mark_held_locks+0x130/0x130
[ 1248.413861]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.413877]  ? perf_trace_lock+0x7a0/0x7a0
[ 1248.441618]  ? task_will_free_mem+0x239/0xb30
[ 1248.446113]  ? ___ratelimit+0x36f/0x655
[ 1248.450079]  ? lock_downgrade+0x900/0x900
[ 1248.454216]  ? trace_hardirqs_on+0xbd/0x310
[ 1248.458523]  ? kasan_check_read+0x11/0x20
[ 1248.462658]  ? ___ratelimit+0x36f/0x655
[ 1248.466620]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1248.472056]  ? trace_hardirqs_on+0x310/0x310
[ 1248.476449]  ? lock_downgrade+0x900/0x900
[ 1248.480588]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1248.485683]  ? ___ratelimit+0xaa/0x655
[ 1248.489561]  ? idr_get_free+0xec0/0xec0
[ 1248.493611]  ? kasan_check_write+0x14/0x20
[ 1248.497831]  ? do_raw_spin_lock+0xc1/0x200
[ 1248.502056]  oom_kill_process.cold.27+0x10/0x903
[ 1248.506802]  ? kasan_check_write+0x14/0x20
[ 1248.511022]  ? do_raw_spin_lock+0xc1/0x200
[ 1248.515244]  ? oom_evaluate_task+0x540/0x540
[ 1248.519640]  ? cgroup_procs_next+0x70/0x70
[ 1248.523863]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1248.528342]  ? oom_badness+0xaa0/0xaa0
[ 1248.532215]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1248.536958]  ? mem_cgroup_iter_break+0x30/0x30
[ 1248.541541]  ? cgroup_file_notify+0x226/0x2f0
[ 1248.546025]  out_of_memory+0xa84/0x1430
[ 1248.549984]  ? kasan_check_read+0x11/0x20
[ 1248.554119]  ? oom_killer_disable+0x3a0/0x3a0
[ 1248.558601]  ? kasan_check_write+0x14/0x20
[ 1248.562822]  ? do_raw_spin_lock+0xc1/0x200
[ 1248.567053]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1248.571880]  ? memcg_memory_event+0x40/0x40
[ 1248.576186]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1248.580942]  ? page_counter_try_charge+0x1c1/0x220
[ 1248.585859]  try_charge+0xc43/0x1690
[ 1248.589567]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1248.594659]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1248.600799]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1248.605627]  ? lock_downgrade+0x900/0x900
[ 1248.609762]  ? lock_release+0x970/0x970
[ 1248.613728]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1248.619509]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1248.624951]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1248.629788]  ? mem_cgroup_can_attach+0x580/0x580
[ 1248.634532]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.640063]  ? check_preemption_disabled+0x48/0x200
[ 1248.645071]  ? __might_sleep+0x95/0x190
[ 1248.649032]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1248.653607]  ? mem_cgroup_protected+0xa60/0xa60
[ 1248.658262]  ? mark_held_locks+0x130/0x130
[ 1248.662498]  ? css_next_child+0x1c3/0x620
[ 1248.666634]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.672159]  ? check_preemption_disabled+0x48/0x200
[ 1248.677161]  ? mark_held_locks+0x130/0x130
[ 1248.681384]  ? debug_smp_processor_id+0x1c/0x20
[ 1248.686040]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1248.690955]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1248.696483]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1248.701398]  wp_page_copy+0x46c/0x14f0
[ 1248.705269]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.710802]  ? follow_pfn+0x2e0/0x2e0
[ 1248.714674]  ? perf_trace_lock+0x7a0/0x7a0
[ 1248.718898]  ? do_wp_page+0x76c/0x1390
[ 1248.722774]  ? lock_downgrade+0x900/0x900
[ 1248.727108]  ? kasan_check_read+0x11/0x20
[ 1248.731250]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1248.735653]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1248.740233]  ? __pte_alloc_kernel+0x220/0x220
[ 1248.744719]  do_wp_page+0x774/0x1390
[ 1248.748422]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1248.753080]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1248.757757]  ? lock_downgrade+0x900/0x900
[ 1248.761890]  ? lock_release+0x970/0x970
[ 1248.765851]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.771386]  ? check_preemption_disabled+0x48/0x200
[ 1248.776385]  ? kasan_check_read+0x11/0x20
[ 1248.780521]  ? pmd_val+0x88/0x100
[ 1248.783964]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1248.789497]  ? kasan_check_write+0x14/0x20
[ 1248.793722]  ? do_raw_spin_lock+0xc1/0x200
[ 1248.797946]  __handle_mm_fault+0x2c60/0x53e0
[ 1248.802348]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1248.807179]  ? debug_smp_processor_id+0x1c/0x20
[ 1248.811833]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1248.816764]  ? lock_acquire+0x1ed/0x520
[ 1248.820728]  ? handle_mm_fault+0x42a/0xc70
[ 1248.824947]  ? lock_downgrade+0x900/0x900
[ 1248.829084]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1248.834867]  ? __do_page_fault+0x67d/0xed0
[ 1248.839091]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1248.844540]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1248.850061]  ? check_preemption_disabled+0x48/0x200
[ 1248.855064]  handle_mm_fault+0x54f/0xc70
[ 1248.859112]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1248.863681]  ? find_vma+0x34/0x190
[ 1248.867208]  __do_page_fault+0x67d/0xed0
[ 1248.871259]  ? mm_fault_error+0x380/0x380
[ 1248.875403]  ? trace_hardirqs_on+0x310/0x310
[ 1248.879799]  do_page_fault+0xf2/0x7e0
[ 1248.883584]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.889122]  ? vmalloc_sync_all+0x30/0x30
[ 1248.893640]  ? error_entry+0x70/0xd0
[ 1248.897346]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1248.902345]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1248.907270]  ? do_syscall_64+0x820/0x820
[ 1248.911320]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1248.916151]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1248.921150]  ? trace_hardirqs_off+0x310/0x310
[ 1248.925635]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1248.931159]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1248.936162]  ? page_fault+0x8/0x30
[ 1248.939687]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1248.944517]  ? page_fault+0x8/0x30
[ 1248.948050]  page_fault+0x1e/0x30
[ 1248.951486] RIP: 0023:0x8051180
15:25:59 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2b000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1248.954753] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1248.973636] RSP: 002b:000000000845fba0 EFLAGS: 00010246
[ 1248.978981] RAX: 000000008184eac8 RBX: 0000000000000ac8 RCX: 0000000000000000
[ 1248.986338] RDX: 000000008184eac8 RSI: 0000000000000000 RDI: 0000000000000000
[ 1248.993592] RBP: 000000008184eacc R08: 0000000000000000 R09: 0000000000000000
[ 1249.000842] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1249.008104] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:00 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40046607, &(0x7f0000000040)=0x2)
ioctl$int_out(r0, 0x5462, &(0x7f0000000000))

15:26:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x40, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f00000000c0)={<r2=>0x0, 0x9}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140)={r2, 0x8}, &(0x7f0000000180)=0x8)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040))

15:26:00 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)={r0, 0x401, 0x7, "c1ff6855fbd21d4dc965b57dd1da7340154eba6479563e146947d7562dba377e230f9d068623301cddee42ec7ef69072fc17a478cd16fe52ce16b91e7d95c1ffe2f933873c77ff07e169d3e54fa8b74a71d483cf8df14968b26a1c05a56e8e1da3b63735818300e6496d4d91f63b6388412d6718442d5bd7558be6ce906619ff27cd9c92bcd21245906deff181de687692515fc6ace1e751dd2fca6bf0b042930d1b4f28095aed2df36ea21426320cda0c"})
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:00 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x700, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x200, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x0, 0x400)
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f00000002c0)={&(0x7f0000ffd000/0x3000)=nil, 0x3000})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x400000, 0x0)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000180)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})
r4 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xff, 0x840)
shutdown(r1, 0x1)
ioctl$DRM_IOCTL_LOCK(r4, 0x4008642a, &(0x7f0000000100)={0x0, 0x8})
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000200)=0x6000)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f00000000c0)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x1})
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
ioctl$KVM_SET_XSAVE(r3, 0x5000aea5, &(0x7f00000008c0)={"988ecea56d7ac76f2abba6d0f3cd9d90d5fa61d433f56aec8268206e1269dd91f5655942eefa6d7d83f462f9f6b98b17687a27c3e2ca210a36588d8f4f5b3a1c630ac906126b905f3478b1b85d93417f3a93be3a6ff28cb082f154282188bebd5f120443e5e1d5f9454e369f36460503f8d227ed56e96d4dd6508a775577955fd657a488d1d9f969e927ae84eeaed99b8dcdcd15b4aa2c4960edcb99507d95fc2e115b238919e15563de87df7af8cf3da28831dffab790f5201ba084338330d13ecf72cb5de58519341638aa39336aadcfeaab3c766780201a5bb427ad470f4318c3d8a333e98c641e1cdd4737401037534a4ed04613dd9ff1f135d0d11dd4e3e81e765ac308dc752a91aa8f78b5feba40638505a956bd856bbd4a472c033156cbce2ab7bb248f7c2e132ce5f8145dc8901fb7a50a810fd23a3256e30c3fcda74ac4f54a6c589a2b91e8e47a4fbd873fb98b0b924193fecdcd975caee7db0bf9ec1daf268500487b7bbbe99b690add5cc90a9008c4e3dbdf8d010e0d52d696ec5078354df7af06219c8e9bb2654210df85d29a5556e508e5064e04630baa133976270c5309ac260a8c5cccd499149255cbd69af2c9e9e5f478c110528430ca8efc0fbc8edf8112987a5f9dc1f182f28089b36c4f56d6d3456c7dd38387030d9c3666ab31249d3ff128c531e79b5653cdf0b2785fd6fcfe24aec1ee26f70ccf563c53ed8b5625187864109a09d6167289ededc96ad036665e34cc7a2c278e3504c82774b6dbd048e04ea67dae91c735fba17704a38e34c2b252388190c7a6f8c6505fb5fc716efe70137df846c28171e335c0a5f233c541cad9ae90ce3a16d620cd8831790c0802288874684f7b846be0f34ef1e31cf0eccae49c29fb05479cd2c1234d7e0332615ed3f0fb04c6deeefe66783c171718ba3d7a2a1eea0e9f5f73e94ed9adc0e7443d5db80761f74c2a4ecd34627c46955da8fbe185ed5d57d1f167d01980d39ee32a43ae6146998934c36024fc13774dcfe8e804d7f33886e2c8d72e3c3e295040bd6c1b01c232609f9a69047b5fdc50e79fdef35e8265305282df4bd60178b851610235a1691ec64a71df6d32e842e71a38930595ce8c07e7b05860b9265055509b756c76b35f923b04ee7464ea1e5cf0623b03cd2af5a00a4ebf791a388c1b99e1cf2f7fb9d1d7de4c119e30fc0f4f0ef061494dc96496655902ac1a69fb0f3a6b5b833d098438d11683538edacfca8e6ee6d3bb9553addb37ae1d05ad07ac6d1ade10812110620f2df178c9570012049b902ad40743938639c25bc2a870b2434b265ea46da895de18fff5e11a40bfb412d4ba66ee3d0346166b7c5ae77d8e10d864e47ceef83ab49bfcf8d9de63ae7d712c51bbb41d2f75843c9671f3c37e6e6c7784b73d364866679b728392243235460b707f0c6d459a15"})
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000006c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00022cbd7000fedbdf250a0000003c00020008000800fbffffff0800080000000000060002004e210400080007000c810000080007005000000006000700400000780800b200080000005d42f4f1178d205b2c79563519229ba8a0c64d976ff7eb7f89ebce3c37e2d8771893da437ea4f4b019a53dd703334c2fcac0a30ad0bbc34b058d145280debac3d532e3a0306c97b80613112c427ebdf94951359b5c4a2f99793c1341047a604e2613697f228d0600000000000000290f6708eb1334fd6ef0fa675b3b3062fbd1b39c437ef2244522887cc3ee7b4920532254ae89d492af8d4e463d3ca8af1f6813422ddf57790a161b81db6589ae2b8be91969c6b3f10fa6d650b0d2974fe49d556636aaf92839ebedede4c6a8e6f98df8fd70b5eb80fa073dcadb2e8870e0c601b0cf123a7491f38d0b2df56eb608e8e4810e01004161fc71d0cb3ef328cbf73603e943befc938fa05b1063b93bf83055e7f199121030d626f122c93abf63499a31ca4a4191c3c48902f3ebfe29524cc7931464bcaf61810348141b325c7a22a876d00986b201c93a80923c6e63e3fc2e7d77b76de21c684a9055efca39f84741e9549e2cab7e0381fefa0994bcbfd6b3a04fe64c8063250a591df34fb94b28edec984925fc42b0cd132eeb9d65ddb586bc6560da9a3f85f4f87bdd43fbdf0900c3158896a560cb12"], 0x50}, 0x1, 0x0, 0x0, 0x4004011}, 0x4004000)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
ioctl$VT_WAITACTIVE(r1, 0x5607)

[ 1249.094101] Task in /syz4 killed as a result of limit of /syz4
[ 1249.112914] memory: usage 204800kB, limit 204800kB, failcnt 1061
[ 1249.127221] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1249.136930] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1249.163050] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:108KB inactive_file:0KB active_file:0KB unevictable:0KB
15:26:00 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x15e76}, 0x6)

15:26:00 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x100, 0x0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000100)='nbd\x00')
sendmsg$NBD_CMD_STATUS(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000226bd7000fedbdf25050000000c0006000200000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:26:00 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x6)

15:26:00 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x3c00, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000080)=""/61, &(0x7f00000000c0)=0x3d)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1249.250960] Memory cgroup out of memory: Kill process 24872 (syz-executor4) score 160 or sacrifice child
[ 1249.261572] Killed process 24872 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1249.276800] oom_reaper: reaped process 24872 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:26:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup2(r1, r1)
setsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000080)=0xd4, 0x4)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
socket$bt_hidp(0x1f, 0x3, 0x6)
setsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f00000000c0)=0x9, 0x4)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:00 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x8db, 0xfffffffffffffffe)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1249.360305] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1249.387760] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1249.423011] CPU: 1 PID: 24915 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1249.430396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1249.439747] Call Trace:
[ 1249.442340]  dump_stack+0x1c4/0x2b4
[ 1249.442357]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1249.442376]  ? debug_smp_processor_id+0x1c/0x20
[ 1249.455815]  dump_header+0x27b/0xf72
[ 1249.455839]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.455854]  ? pagefault_out_of_memory+0x197/0x197
[ 1249.455873]  ? debug_smp_processor_id+0x1c/0x20
[ 1249.474652]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1249.479569]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1249.484491]  ? perf_trace_lock+0x7a0/0x7a0
[ 1249.488712]  ? perf_trace_lock+0x7a0/0x7a0
[ 1249.492937]  ? debug_smp_processor_id+0x1c/0x20
[ 1249.497591]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1249.502505]  ? mark_held_locks+0x130/0x130
[ 1249.506832]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.512444]  ? perf_trace_lock+0x7a0/0x7a0
[ 1249.516665]  ? task_will_free_mem+0x239/0xb30
[ 1249.521156]  ? ___ratelimit+0x36f/0x655
[ 1249.525115]  ? lock_downgrade+0x900/0x900
[ 1249.529254]  ? trace_hardirqs_on+0xbd/0x310
[ 1249.533560]  ? kasan_check_read+0x11/0x20
[ 1249.537696]  ? ___ratelimit+0x36f/0x655
[ 1249.541657]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1249.547092]  ? trace_hardirqs_on+0x310/0x310
[ 1249.551484]  ? lock_downgrade+0x900/0x900
[ 1249.555630]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1249.560717]  ? ___ratelimit+0xaa/0x655
[ 1249.564608]  ? idr_get_free+0xec0/0xec0
[ 1249.568565]  ? kasan_check_write+0x14/0x20
[ 1249.572785]  ? do_raw_spin_lock+0xc1/0x200
[ 1249.577012]  oom_kill_process.cold.27+0x10/0x903
[ 1249.581752]  ? kasan_check_write+0x14/0x20
[ 1249.585974]  ? do_raw_spin_lock+0xc1/0x200
[ 1249.590200]  ? oom_evaluate_task+0x540/0x540
[ 1249.594617]  ? cgroup_procs_next+0x70/0x70
[ 1249.598839]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1249.603322]  ? oom_badness+0xaa0/0xaa0
[ 1249.607195]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1249.611946]  ? mem_cgroup_iter_break+0x30/0x30
[ 1249.616519]  ? cgroup_file_notify+0x226/0x2f0
[ 1249.621000]  out_of_memory+0xa84/0x1430
[ 1249.624957]  ? kasan_check_read+0x11/0x20
[ 1249.629092]  ? oom_killer_disable+0x3a0/0x3a0
[ 1249.633571]  ? kasan_check_write+0x14/0x20
[ 1249.637790]  ? do_raw_spin_lock+0xc1/0x200
[ 1249.642018]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1249.646858]  ? memcg_memory_event+0x40/0x40
[ 1249.651165]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1249.655911]  ? page_counter_try_charge+0x1c1/0x220
[ 1249.660826]  try_charge+0xc43/0x1690
[ 1249.664527]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1249.669634]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1249.675677]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1249.680512]  ? lock_downgrade+0x900/0x900
[ 1249.684648]  ? lock_release+0x970/0x970
[ 1249.688612]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1249.694418]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1249.699862]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1249.704690]  ? mem_cgroup_can_attach+0x580/0x580
[ 1249.709430]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.714955]  ? check_preemption_disabled+0x48/0x200
[ 1249.719973]  ? __might_sleep+0x95/0x190
[ 1249.723933]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1249.728875]  ? mem_cgroup_protected+0xa60/0xa60
[ 1249.733534]  ? mark_held_locks+0x130/0x130
[ 1249.737760]  ? css_next_child+0x1c3/0x620
[ 1249.741893]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.747437]  ? check_preemption_disabled+0x48/0x200
[ 1249.752439]  ? mark_held_locks+0x130/0x130
[ 1249.756662]  ? debug_smp_processor_id+0x1c/0x20
[ 1249.761316]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1249.766234]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1249.771761]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1249.776681]  wp_page_copy+0x46c/0x14f0
[ 1249.780567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.786095]  ? follow_pfn+0x2e0/0x2e0
[ 1249.789879]  ? perf_trace_lock+0x7a0/0x7a0
[ 1249.794100]  ? do_wp_page+0x76c/0x1390
[ 1249.797975]  ? lock_downgrade+0x900/0x900
[ 1249.802113]  ? kasan_check_read+0x11/0x20
[ 1249.806245]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1249.810639]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1249.815219]  ? __pte_alloc_kernel+0x220/0x220
[ 1249.819703]  do_wp_page+0x774/0x1390
[ 1249.823406]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1249.828062]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1249.832630]  ? lock_downgrade+0x900/0x900
[ 1249.836867]  ? lock_release+0x970/0x970
[ 1249.840825]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.846350]  ? check_preemption_disabled+0x48/0x200
[ 1249.851362]  ? kasan_check_read+0x11/0x20
[ 1249.855498]  ? pmd_val+0x88/0x100
[ 1249.858941]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1249.864470]  ? kasan_check_write+0x14/0x20
[ 1249.868691]  ? do_raw_spin_lock+0xc1/0x200
[ 1249.872914]  __handle_mm_fault+0x2c60/0x53e0
[ 1249.877323]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1249.882170]  ? debug_smp_processor_id+0x1c/0x20
[ 1249.886842]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1249.892271]  ? lock_acquire+0x1ed/0x520
[ 1249.896233]  ? handle_mm_fault+0x42a/0xc70
[ 1249.900452]  ? lock_downgrade+0x900/0x900
[ 1249.904591]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1249.910374]  ? __do_page_fault+0x67d/0xed0
[ 1249.914598]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1249.920032]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1249.925557]  ? check_preemption_disabled+0x48/0x200
[ 1249.930559]  handle_mm_fault+0x54f/0xc70
[ 1249.934608]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1249.939174]  ? find_vma+0x34/0x190
[ 1249.942712]  __do_page_fault+0x67d/0xed0
[ 1249.946763]  ? mm_fault_error+0x380/0x380
[ 1249.950895]  ? trace_hardirqs_on+0x310/0x310
[ 1249.955295]  do_page_fault+0xf2/0x7e0
[ 1249.959083]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1249.964604]  ? vmalloc_sync_all+0x30/0x30
[ 1249.968741]  ? error_entry+0x70/0xd0
[ 1249.972441]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1249.977444]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1249.982358]  ? do_syscall_64+0x820/0x820
[ 1249.986402]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1249.991230]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1249.996229]  ? trace_hardirqs_off+0x310/0x310
[ 1250.000711]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.006235]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1250.011241]  ? page_fault+0x8/0x30
[ 1250.014769]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1250.019600]  ? page_fault+0x8/0x30
[ 1250.023125]  page_fault+0x1e/0x30
[ 1250.026561] RIP: 0023:0x8051180
[ 1250.029828] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1250.048713] RSP: 002b:000000000845fba0 EFLAGS: 00010246
[ 1250.054061] RAX: 000000008184eac8 RBX: 0000000000000ac8 RCX: 0000000000000000
[ 1250.061314] RDX: 000000008184eac8 RSI: 0000000000000000 RDI: 0000000000000000
[ 1250.068567] RBP: 000000008184eacc R08: 0000000000000000 R09: 0000000000000000
15:26:01 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40, 0x4000000000001)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x4})
tee(r0, r1, 0x1, 0x3)

15:26:01 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f00000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000300)=0x8008000)
inotify_init1(0x80800)
r3 = syz_open_dev$audion(&(0x7f0000000340)='/dev/audio#\x00', 0x7, 0x10001)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000000c0)={@multicast2, @local, <r4=>0x0}, &(0x7f0000000100)=0xc)
ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f00000003c0)=&(0x7f0000000380))
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
syncfs(r3)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000200)={{{@in, @in6=@ipv4={[], [], @broadcast}, 0x4e21, 0x0, 0x4e20, 0xffff, 0x2, 0x20, 0x0, 0x33, r4, r5}, {0x1ff, 0x5, 0x7, 0x7, 0x100000001, 0x5, 0x2, 0x2}, {0x80, 0x8000, 0x100000001, 0xffffffffffff0000}, 0x4, 0x6e6bb1, 0x2, 0x1, 0x2, 0x1}, {{@in6=@ipv4={[], [], @multicast2}, 0x4d5, 0x6c}, 0xa, @in6=@ipv4={[], [], @local}, 0x0, 0x6, 0x1, 0x0, 0x2, 0x8338}}, 0xe8)
fcntl$addseals(r1, 0x409, 0xd)

15:26:01 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x3, 0x4, 0x1})

[ 1250.075823] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1250.083076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1250.094275] Task in /syz4 killed as a result of limit of /syz4
[ 1250.114319] memory: usage 204800kB, limit 204800kB, failcnt 1085
15:26:01 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xb000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1250.142534] QAT: Invalid ioctl
[ 1250.146909] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1250.170872] QAT: Invalid ioctl
[ 1250.181383] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1250.194062] QAT: Invalid ioctl
[ 1250.198487] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:108KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1250.222545] QAT: Invalid ioctl
[ 1250.244975] Memory cgroup out of memory: Kill process 24915 (syz-executor4) score 160 or sacrifice child
[ 1250.273198] Killed process 24915 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:26:01 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x1f4}, 0x6)

15:26:01 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$sock_ifreq(r0, 0x89a3, &(0x7f0000000380)={'ip6tnl0\x00', @ifru_data=&(0x7f0000000400)="3d8f05a3aed744dfaf46a5b422efd5f8d3c2497804cbd285c0e3d9c374c4f362"})
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r1=>0xffffffffffffffff}}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r1, 0x2}}, 0x18)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, 0xffffffffffffff9c})
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000500)={<r2=>0x0, 0x1000, "fa924d37820a744f74d833c22e46c0de1020535f41b47b2f64de51648b801f9d8d0259de345840f18c51eb7ff89d428d4a2355526ecc207572b66d8713e79b7229189ec0d5707f66faea2738f4b529b83fccdc37e77cce7fcfc324b8f3bd136cd13b166e90ab8323aa3463ca18a0b4972878f43c923c1c88c161c10b525322ebe19323b4f687df27155f5cf75a8208eac07eb7a05e3cc5006f18ec2137019760f19d0a1ed89e62a81ece5786c5361c702e8f7501d4049dc1c36dacdd8203c5bb16dcf6b3a5d3a88f312cf65a6bfe444e9bc8f28f068de088346f9cc57ada5401dbb8a64b893bbd0834d4189f84320af36afabf5cf332e8cc14ba699b81f29aeadd49dc73461b55f039c38cc9a96e47f872f09e2af20021627b962895d2a2d1261b930f28801b351efe33d4046deaaf0b65fefd56d471f22e74eee55b2d65b178f957b378dab3622609b718f4676de6d3053c61bd0c286c9a6fae69ebd1effad732a05bfe8e711417ecdf65a580ebf62b72e5416a1276693cf19f01b471b8c92bbac4511039e1e256baa33f219dd09ad1a0c1a9a008ae8677d110a4a3e36d8caae3ecad265d2fbac398835f45532c2f23cc4a41cdc6af89a4df9f0c93bc275f5900333323d819e34c086922cfcc57fc997d5f55fb7e785968730bef6a1f5e6161b7c43cb27bfb93ae5a8b78a1657534582aa65a31d9ef8096186ee6efaec696a65c4a64292e481e473212bd17d38fe694667684b20233e3858e890884de8f0d700b092180f82a1db7316a549aaecb8dd6821f09c5417d54a1375d38dff0249e9dd83e26851998a1c4e54643d4718c8ec4dd1ebe1e7dbdaa18687ec37909fd56e0655374e3c78078e173a371983192cd0bf785ff9db20aa078f53e43f0269f89842dccc375c35267f58ddd1ff952b345134f1016bfdd5a57540d272a52093842c4ea3f817e1087158161f84998580d26cc76c02395a22cae8a86bd3b53036799015fe3b9d2794ad234d8436a243471be87d1f46fc560f5a1a4adc9757422ef43dd2ca1144c825d9f6ec8cf0349ec274921e06f659bee40fb02c647acafa2fdd526f634c532d03c989e6470f4ac25cb37c436d14b382ecb09e2b4dff0401b984bfc715d292985aac315b184e3748222dea838fe99280dd9b35226cd30cf7403cd698e286a9300fe8589764ffcbd12fb180998979a1ab70165b57e4fe1c4c70c766c0dba910439d3ade4dbf5476de850f6c8d1047d66e3e9e3f3789b39433a03b8e89e07ae80b9e8299facca43b1dad6aaee822a2298e6b580dce373394c5e032c3f6b0389f1733f80600b251c92bfef0b47004bfc8da77d228530cbe41a8853e5586dd2beb206b6439b69ec63bb3ef9930ce6a14ecb48e287c4d4daf7dbdcfd9c794c2304a9a7434b5c48ecea1244bcc1e49ed5421dfa09d5717f6d73e7b679d12c0e8e95c3caa8039486268c00dcd121a27037028ce25ae0773e7104b1d3842437f869f524521118114bd7aebd981731c85cc658a8a1df123621a1ee02d2e383966d74b01423a1870dde9f6e9644a95bf710e85a438380949ef75d3fab83a9a17553fcc1c962d64897c83c66b553ada0dde2926c94381d593b6de47a26fdf6c001d2f384769001a0145dcc36e70fc8d93a07a7cceffd0d8a60fce5aa34d57974832da9b03c31887a66222647aad9edc7095d292107ae1d57e9decf9f258f16cf719b742fc40e1f5e9528a16316ac555edcde6d6f71bda72f39daaddc895bc77ec0d9aa16111db0d814a2f3d3498f2210ec8963e3e203ff975984723ff34a8680ac23205353a50f8a3769c906cbf5dc4648ed312338ef78338a52c179906776d28085290a7cd6b58eb9bba8963822920cf62b682e551af3b6c6dac14bd0addcf55e6a7112da06414ddb0624eadb2a1c056405d20f9f551fa44e548b4f11931acf512cd51a2b7f1b1ef90fec096476ba6dd7469f35ef956bb8fd76b97d824d9eaa123a0cbcf23efb320ac05158fc48db9ef9ff6b1b924f4354c7e28e9babebdd316763713bcdee839700b0f8a2bd2fee820c1ac8c3673d963ef9b504eb0eb7505ad4c3ef2e5bda5b0233de263d887685dea07519da13aef112d63161e59d1a653efce38ded2859e647dc031d5eb75f06b600ebfc42fdc79e8cbb88db40324dbb617cef13545621845fa37ea004ffe356ce81f720aefbd0c894bb024ee38e1fda35b31aabe42aef32149c76b57db88afa82b821d3f4525f5d796293b2847335bf0b58193011d698664ffeb3c4d3908d6ec09433ac8e0de4dcb2cd48790ca154fb4913f29b95da4859b42a75e18b2be2b4bc3f892e61fd8560935c6a139ddde89af166413bc48701ad7c04d4257615997f6706d893b45ed1513153acaf542be0cc710c6eaf803f34d65033665124e05446d44150beb5be4d83218e5eefa42566d163d608dc91253e862e07351bb93fbc582d3c673084667833976f17584c3a7e3786b194fa8f6b154f0670a36849f565f39f45a4b07ceb36e34643c1ad513431d389e3aa9b3874864104afe2d0861a2014c5bfa5101a0274796d3e731dc69415b2c76af627e4bc1a2f5dbc5d666590e37db61420891ca1d21e6bee49533ed88008bb5b6338e4120337721b5566fc139546ab95bbfc1215d530bfd471f2b81e170e1be3b487ff341c6f131c964e45017e9a43364515d484527be406ecef71f3a1b435426994ab37b213194e05004cc070f5911dce7091de7bb77457c620f623f18fddd277eb6ebb9f1f2c3878968a7e47e63077de7e4ed55ed825a5beb562b7fa239800176be935da6c7c307b68531ae0d4a9a9763dcc2791f783a4c0b29e07de666a68492322c262aa3e58c16f5595151d30861caf8ddeae6916e8fe3f1334d2975b03b7df7d6b6ecde4f73c636a8022b4dfa4ac6d03750ac43ab9b3cddf3d6a7ae989afd36bf45e76ac4b65b0a53c19f4533d83d13a93ae2d068f1d43037ff6227a9aa10eb2768719fa6f0ba80b9edf3609a757a636acb18ff3faf7969949cff7c29ba81053339935d33d7476f19b75e69012036282d0fcb12a166b7adc64dbb44e5ee12940c3b767175bbc69a7fced246d56155ee70a952b75ac018a73817f7b4daa4ddf462a44cbb6271c99b08392b223107e06f8529752ec75b18438df7a90f922137458962f13029a864ae1446cb763222f78686f956ec9e74418453cb5d23aeae53ac4cdd50efb58c936c83886456d43fbfe81f31494feea08159b366187299e369deec1b5ff9c7d39231f677aa7d9abc16d9dcbee8f5b42e6e189d152858ae7803e9342fb38cc70d56d0d9b9698b751b9333ae328f6e6c3a4b1ea2374a0a5e738123c4fe2b49da9f76638697295671e4b1ef9e859ce5dbc1c5cdc3c71681ab343901abcedb53fd5cb7db0b95e94b768abc213c7ac0674465b3a0a074e3c50863ae81f9c005a6d877cd00bc0e292c86ee7fecb12e2225561aefa422704a980d18ffa70ea420747cb13fd9d09c82a1109a75ff51c5b039f271ad5b8c792ad95d7987e3a15c1aa6e83c3f685b67abec73e38e7f9ab121319ee8af83d83f9a1f9cdb6dbb01a82aebdcfe890d9b63146ef085a77183f854965c178bf5abac76418e52e69b9211341cc76819294e21c92fe081d84734d9adba45b339bda1a8b13a8f017aba278386ac0d7aa3afb6aa5fb2f01254c6525397fdd8c237474eb0200000074dcf69c8e664ea833fa46ff41a427c197c5f1ebb9f99c9ce90b9a0b01ce981ffec88967b53ec59a1f87ddfff0510dc62147052481286ff3a3aaba1a34481e663c17b7723e5952d9f6007724fba27ad357747ccdca06e98bcb804f01e25c2d6a7d9a74532cdd91600ab999215e0e50d877c5a6217a35023e61ac476d008bc6b91afa938f512f41139e0c702dad22c0993a1a4e36c6ecc0d9fda05b616bc81ca96878aab012296ed55831f42ba867f70f2b9de64645f85abe595c1258327ff03de8a0a25d0a3b70825b2943ec6cea7596eb27bb5174ffb67dfaba720e7316b5127c751ba2609c762ba514e046d2ee35d8697f1a37e6015205f0f077b03cdfe5153bea1a3a3335d7a7c3ebacfb317043fbfef6d00a308d5156bdcf30a8876a435d5e8587a6ea5676d6bf087215b2da7a5a8d9b9477f71180ac7ba9582f847b398e04b589015d4d984560b04650b3eb99d89a76fbdf68251df78be124ebc5a089b2e594c35e8167b0e1f203eac2974a7b78897682ce218999aebde6f60a8a78c29468928194d7b90acebc1266a602b8f3717b2dc24096c5759c4ea913bf6afea8fa8159b74e9034743daa09613df3333704a7348a8dd2678b1dd09a59f9d52838870a9c87284d8dc36dbcf765db834389989cddbcfd60a9638b5713f0d59902c20d14263c7dfce2827a748071eccd3a55edf975202db57a8b0024e398d9e7ccbbecb31a999ce5a3d13a96c9a6a8f62ce83f8d54299f8399f750671da6735f49557265b818e34cfc04d3e952b14d3b867260e2d1d221828fb1a9729a22fd285acb91052f14cce2b8e82be77613fd2bb47d5edb69dac2813adabbb9d59c4951b3ec0eb491138a46b7cd50f1d2e16590ec622078d7807c581e0499ed8d0feb90306a794113dd370ce724b8359ae5e75c973ee4db6eb702bd47acae78762d9bee201f3089339f0199e89f6c9cc6cd0f61e4d1006efd2681557abf3fbdf90a4399219eb49e1c87b66a64c796d769bcb7082601b04cb1be015d50cc251a0464666649fca393306c0e2ca1bd0297c7409ef7599bfc28635d0269bcbc801acfe1dcb5eae3be66a42632572450e331180e4041dfdbe7899960df9440622a96a921d828e769d0e02fb134dbf41b5279aa09125dd5e0419920098ce2027afe8d5c612563f098efd6fe7433bdf8bb57be53e1f4ec5e3234101f67face34bdd81b5e274fdd10c9b848f5a40ef858e29ea766d0cdb995afeb04849c4417980e8b20217a68d0d449c1a6ff7e6bd2cef5c4a25fa3c2c50b8af715d58ad5488d949f628eca6a6395254299656f1450558d0d5fbfc7e08687f8b9a784120726b6e02a4dc1b292afea97b795325ca8e9055cb243a7bba28e1599272b21eaa8400313857dcd74462fcaba6942ce4596bb681e883880aa661e5abb78d0567003d4a23e0cabaa86aa9ca0531d56dfb1ed37ddfa66897b0cd50fedef8bf2f031f99ae341207e8b12e3697967e58311c1ae6c58ad1e21fc84a51cb18006ae9d2d12de3e7f72666a80a31420e2f567d69e056f657cee7ffe492e60b8de9165f62b2aad49f8df3a572cc9c1a84ae64ea9bc4d9e9f6f54a2c2071e7bc64f570c729527a7efa949bb4dd930170e0714a31d67e8411b6bf8ddd26eb6ee43352c93792000fa8478675fc45dcc1d909c902729a26d8d31b87b16758cf51ee0f300ac7428f04f2a1147e2fb0819937396ac4bba0f59bff407d1fc2e27427f120b0f8e15aeb4c7ed9f494052924cd2f88edb3a0858f79064bc492062b5d0de6dae96d8f9d102dd671797ff651b98863d8a44ab70570aeb730fdad278b9e78f6da1c21b7d600668f71db76094bfa6f6aea18da879a79b5d6279188a3a421a096a29b39641131ffe397ec8228662ebee185413361bab59b49c41173aa70878fcaf1c0b58c5d808c22ce697bd60dafe18447644358b29834efd2d2af849976ea99c8fd47fae89518d00c905fdc49b2f05e5963086bea6701cc24222f4c55f3706f750a135ada94aebbb1af9543ff7d2a686320b2a07addef8b6dc37ba40b94a2a50c5adaf8e2470a24b0ad4d93ec56a06e8983c"}, &(0x7f0000001540)=0x1008)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000001580)={r2, 0x20, "4931c8b8adb3c9c1af435e9b31e7ff27f1cd8027f37797f717c9d3b20f0c8081"}, &(0x7f00000015c0)=0x28)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f00000003c0)={0x0, 0x7530}, 0x8)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000480)={0x6, {0x2, 0x4e20, @broadcast}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}, {0x2, 0x4e24, @multicast2}, 0x142, 0x8, 0x1, 0x6, 0xffffffff, &(0x7f0000000440)='veth0_to_team\x00', 0x7fff, 0x800000000, 0x2})

15:26:01 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x89ffffff00000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:01 executing program 3:
socketpair(0x1b, 0x3, 0x5, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
accept4$vsock_stream(r0, &(0x7f00000000c0)={0x28, 0x0, 0x0, @reserved}, 0x10, 0x800)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getdents64(r0, &(0x7f0000000100)=""/54, 0x36)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)

15:26:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000080)={0xbd, 0x7fffffff, 0x1000, 0x4})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:01 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x0, 0x800000000000000})

[ 1250.290933] oom_reaper: reaped process 24915 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:26:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

[ 1250.379601] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1250.392962] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1250.399274] CPU: 1 PID: 24963 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1250.406634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1250.416060] Call Trace:
[ 1250.416083]  dump_stack+0x1c4/0x2b4
[ 1250.416102]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1250.427563]  ? debug_smp_processor_id+0x1c/0x20
[ 1250.432236]  dump_header+0x27b/0xf72
[ 1250.435967]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.441513]  ? pagefault_out_of_memory+0x197/0x197
[ 1250.446454]  ? debug_smp_processor_id+0x1c/0x20
[ 1250.451131]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1250.456073]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1250.461007]  ? perf_trace_lock+0x7a0/0x7a0
[ 1250.465240]  ? perf_trace_lock+0x7a0/0x7a0
[ 1250.469469]  ? debug_smp_processor_id+0x1c/0x20
[ 1250.474129]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1250.479051]  ? mark_held_locks+0x130/0x130
[ 1250.483275]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.488801]  ? perf_trace_lock+0x7a0/0x7a0
[ 1250.493028]  ? task_will_free_mem+0x239/0xb30
[ 1250.497524]  ? ___ratelimit+0x36f/0x655
[ 1250.501483]  ? lock_downgrade+0x900/0x900
[ 1250.505619]  ? trace_hardirqs_on+0xbd/0x310
[ 1250.509925]  ? kasan_check_read+0x11/0x20
[ 1250.514060]  ? ___ratelimit+0x36f/0x655
[ 1250.518023]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1250.523459]  ? trace_hardirqs_on+0x310/0x310
[ 1250.527855]  ? lock_downgrade+0x900/0x900
[ 1250.531995]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1250.537085]  ? ___ratelimit+0xaa/0x655
[ 1250.540992]  ? idr_get_free+0xec0/0xec0
[ 1250.544951]  ? kasan_check_write+0x14/0x20
[ 1250.549173]  ? do_raw_spin_lock+0xc1/0x200
[ 1250.553419]  oom_kill_process.cold.27+0x10/0x903
[ 1250.558183]  ? kasan_check_write+0x14/0x20
[ 1250.562410]  ? do_raw_spin_lock+0xc1/0x200
[ 1250.566635]  ? oom_evaluate_task+0x540/0x540
[ 1250.571033]  ? cgroup_procs_next+0x70/0x70
[ 1250.575262]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1250.579744]  ? oom_badness+0xaa0/0xaa0
[ 1250.583620]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1250.588363]  ? mem_cgroup_iter_break+0x30/0x30
[ 1250.592937]  ? cgroup_file_notify+0x226/0x2f0
[ 1250.597422]  out_of_memory+0xa84/0x1430
[ 1250.601383]  ? kasan_check_read+0x11/0x20
[ 1250.605523]  ? oom_killer_disable+0x3a0/0x3a0
[ 1250.610003]  ? kasan_check_write+0x14/0x20
[ 1250.614226]  ? do_raw_spin_lock+0xc1/0x200
[ 1250.618450]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1250.623278]  ? memcg_memory_event+0x40/0x40
[ 1250.627583]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1250.632327]  ? page_counter_try_charge+0x1c1/0x220
[ 1250.637241]  try_charge+0xc43/0x1690
[ 1250.640944]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1250.646040]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1250.652084]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1250.656916]  ? lock_downgrade+0x900/0x900
[ 1250.661070]  ? lock_release+0x970/0x970
[ 1250.665043]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1250.670830]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1250.676362]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1250.681191]  ? mem_cgroup_can_attach+0x580/0x580
[ 1250.685938]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.691472]  ? check_preemption_disabled+0x48/0x200
[ 1250.696481]  ? __might_sleep+0x95/0x190
[ 1250.700444]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1250.705015]  ? mem_cgroup_protected+0xa60/0xa60
[ 1250.709674]  ? mark_held_locks+0x130/0x130
[ 1250.713908]  ? css_next_child+0x1c3/0x620
[ 1250.718042]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.723568]  ? check_preemption_disabled+0x48/0x200
[ 1250.728570]  ? mark_held_locks+0x130/0x130
[ 1250.732793]  ? debug_smp_processor_id+0x1c/0x20
[ 1250.737448]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1250.742363]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1250.747899]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1250.752819]  wp_page_copy+0x46c/0x14f0
[ 1250.756700]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.762225]  ? follow_pfn+0x2e0/0x2e0
[ 1250.766011]  ? perf_trace_lock+0x7a0/0x7a0
[ 1250.770235]  ? do_wp_page+0x76c/0x1390
[ 1250.774113]  ? lock_downgrade+0x900/0x900
[ 1250.778255]  ? kasan_check_read+0x11/0x20
[ 1250.782391]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1250.786787]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1250.791357]  ? __pte_alloc_kernel+0x220/0x220
[ 1250.795847]  do_wp_page+0x774/0x1390
[ 1250.799550]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1250.804204]  ? __handle_mm_fault+0x1e6c/0x53e0
[ 1250.808782]  ? lock_downgrade+0x900/0x900
[ 1250.812917]  ? lock_release+0x970/0x970
[ 1250.816875]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.822406]  ? check_preemption_disabled+0x48/0x200
[ 1250.827407]  ? kasan_check_read+0x11/0x20
[ 1250.831540]  ? pmd_val+0x88/0x100
[ 1250.834979]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1250.840503]  ? kasan_check_write+0x14/0x20
[ 1250.844725]  ? do_raw_spin_lock+0xc1/0x200
[ 1250.848952]  __handle_mm_fault+0x2c60/0x53e0
[ 1250.853353]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1250.858185]  ? debug_smp_processor_id+0x1c/0x20
[ 1250.862841]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1250.867766]  ? lock_acquire+0x1ed/0x520
[ 1250.871726]  ? handle_mm_fault+0x42a/0xc70
[ 1250.875956]  ? lock_downgrade+0x900/0x900
[ 1250.880104]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1250.885898]  ? __do_page_fault+0x67d/0xed0
[ 1250.890125]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1250.896018]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1250.901543]  ? check_preemption_disabled+0x48/0x200
[ 1250.906550]  handle_mm_fault+0x54f/0xc70
[ 1250.910598]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1250.915168]  ? find_vma+0x34/0x190
[ 1250.918701]  __do_page_fault+0x67d/0xed0
[ 1250.922753]  ? mm_fault_error+0x380/0x380
[ 1250.926890]  ? trace_hardirqs_on+0x310/0x310
[ 1250.931286]  do_page_fault+0xf2/0x7e0
[ 1250.935071]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.940602]  ? vmalloc_sync_all+0x30/0x30
[ 1250.944756]  ? error_entry+0x70/0xd0
[ 1250.948467]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1250.953470]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1250.958389]  ? do_syscall_64+0x820/0x820
[ 1250.962438]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1250.967275]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1250.972289]  ? trace_hardirqs_off+0x310/0x310
[ 1250.976776]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1250.982301]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1250.987303]  ? page_fault+0x8/0x30
[ 1250.990827]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1250.995657]  ? page_fault+0x8/0x30
[ 1250.999183]  page_fault+0x1e/0x30
[ 1251.002623] RIP: 0023:0x8051180
[ 1251.005894] Code: f8 0c 89 c8 89 da 05 00 00 00 80 83 d2 00 83 fa 00 0f 87 33 ff ff ff 3d ff ff ff 7e 0f 86 5b ff ff ff e9 23 ff ff ff 8d 76 00 <89> 04 9d 00 00 14 08 eb af 31 f6 90 8d 74 26 00 80 3d 19 00 46 08
[ 1251.024780] RSP: 002b:000000000845fba0 EFLAGS: 00010246
15:26:02 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x222, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:02 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x71edeb0c, 0x200)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000040)={<r1=>0x0, 0x81, 0x30, 0x7, 0x40}, &(0x7f0000000080)=0x18)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000140)={r1, 0x2, 0x4}, &(0x7f0000000180)=0x8)
r2 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r2, 0xc0185500, &(0x7f0000000100)={0x800000a0})
fallocate(r2, 0x0, 0x200, 0x800)

[ 1251.030128] RAX: 000000008184eac8 RBX: 0000000000000ac8 RCX: 0000000000000000
[ 1251.037384] RDX: 000000008184eac8 RSI: 0000000000000000 RDI: 0000000000000000
[ 1251.044636] RBP: 000000008184eacc R08: 0000000000000000 R09: 0000000000000000
[ 1251.051888] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1251.059140] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1251.080325] Task in /syz4 killed as a result of limit of /syz4
[ 1251.094042] memory: usage 204760kB, limit 204800kB, failcnt 1111
[ 1251.101008] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1251.107961] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:26:02 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=<r1=>0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000040)='net/udplite6\x00')
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000080)=@sack_info={<r3=>0x0, 0x0, 0x1}, &(0x7f0000000140)=0xc)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000180)={r3, @in={{0x2, 0x4e23, @rand_addr=0x7}}, 0x1000, 0x5}, &(0x7f0000000240)=0x88)

15:26:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
readahead(r0, 0x983, 0x8)

15:26:02 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x3, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1251.126651] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:108KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1251.148124] Memory cgroup out of memory: Kill process 24963 (syz-executor4) score 160 or sacrifice child
[ 1251.163143] Killed process 24963 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:26:02 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
write$P9_RRENAMEAT(r0, &(0x7f0000000040)={0x7, 0x4b, 0x1}, 0x7)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000080)={0x3, 0x9})
ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f00000001c0))
fcntl$setflags(r0, 0x2, 0x1)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={<r1=>0x0, r0, 0x0, 0xd, &(0x7f00000000c0)='/lo[]}cgroup\x00', 0xffffffffffffffff}, 0x30)
sync_file_range(r0, 0x44, 0x0, 0x3af216128f8bde81)
ptrace$getsig(0x4202, r1, 0x7, &(0x7f0000000180))

[ 1251.233571] oom_reaper: reaped process 24963 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:26:02 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x700000000000000}, 0x6)

15:26:02 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x300000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:02 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x50000, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x3f, 0x2, 0xf03, 0x8001, 0x10001})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080))

15:26:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x8, 0x200)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup2(r0, r0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = dup2(r1, r1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000000c0)={0xf000, 0x10b000})

15:26:02 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x8, 0x101)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000140)="9cdd9dd02c9c8adcc42448bff8b8311ba7c7075ba9e7ae0ea5c4f6047cc629fbb914f831dc512fb94d5eda5059dc530e952fc37f2d5702aa55de4413192bfe1904d7023e8d93f1664cc910b2d1ea6df4cb3a8d69612fb3803b0cea85125f7e97a619dfddb5000819a2ac3cbcb35c6404ca78fb14ea019a1a5d189ec129cca126fbb1c1980820cb56ef66035802317638213485b52e0208086cbcf95d6ccb3b6ee975d05ffc6b3397b1bf543f93c63e65e31016614fd3e3d53b3abf0d797e9f010df45393edebd7bab7eb09180969a034e215b75b54ec74f4815e0a80cc8678ffdef1523a58c4b9dbf63b819f41a3b88dc65f9b9b9f07f650c1631d0349809d68")

15:26:02 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x8000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x5ffec, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = socket(0x19, 0x4, 0x200)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000080)={<r3=>0x0, 0x2, 0x0, 0x1, 0x5}, &(0x7f00000000c0)=0x18)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)={r3, 0xffffffff, 0x1, [0x7]}, &(0x7f0000000140)=0xa)

[ 1251.380136] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
15:26:02 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
recvmmsg(r0, &(0x7f0000005040)=[{{&(0x7f0000000240)=@pppol2tp, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000080)=""/7, 0x7}, {&(0x7f00000002c0)=""/219, 0xdb}, {&(0x7f00000003c0)=""/36, 0x24}, {&(0x7f0000000400)=""/16, 0x10}, {&(0x7f0000000440)=""/164, 0xa4}, {&(0x7f0000000500)=""/144, 0x90}], 0x6, 0x0, 0x0, 0x4}, 0x7}, {{&(0x7f0000000600)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, &(0x7f0000001700)=[{&(0x7f0000000680)=""/82, 0x52}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2, &(0x7f0000001740)=""/11, 0xb, 0x8001}, 0xa78c}, {{&(0x7f0000001780), 0x80, &(0x7f0000001940)=[{&(0x7f0000001800)=""/7, 0x7}, {&(0x7f0000001840)=""/90, 0x5a}, {&(0x7f00000018c0)=""/74, 0x4a}], 0x3, &(0x7f0000001980)=""/58, 0x3a, 0x2}, 0x3}, {{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f00000019c0)=""/113, 0x71}, {&(0x7f0000001a40)=""/188, 0xbc}, {&(0x7f0000001b00)=""/157, 0x9d}, {&(0x7f0000001bc0)=""/64, 0x40}, {&(0x7f0000001c00)=""/222, 0xde}], 0x5, &(0x7f0000001d40)=""/255, 0xff, 0x59cd62a1}, 0x80000000}, {{0x0, 0x0, &(0x7f0000002300)=[{&(0x7f0000001e40)=""/220, 0xdc}, {&(0x7f0000001f40)=""/88, 0x58}, {&(0x7f0000001fc0)=""/124, 0x7c}, {&(0x7f0000002040)=""/76, 0x4c}, {&(0x7f00000020c0)=""/102, 0x66}, {&(0x7f0000002140)=""/56, 0x38}, {&(0x7f0000002180)=""/209, 0xd1}, {&(0x7f0000002280)=""/3, 0x3}, {&(0x7f00000022c0)=""/23, 0x17}], 0x9, &(0x7f0000002380)=""/88, 0x58, 0x600000000000}, 0x3}, {{&(0x7f0000002400)=@nl, 0x80, &(0x7f00000049c0)=[{&(0x7f0000002480)=""/246, 0xf6}, {&(0x7f0000002580)=""/232, 0xe8}, {&(0x7f0000002680)=""/28, 0x1c}, {&(0x7f00000026c0)=""/128, 0x80}, {&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/63, 0x3f}, {&(0x7f0000003780)=""/139, 0x8b}, {&(0x7f0000003840)=""/142, 0x8e}, {&(0x7f0000003900)=""/144, 0x90}, {&(0x7f00000039c0)=""/4096, 0x1000}], 0xa, &(0x7f0000004a40)=""/86, 0x56, 0x1}, 0x4}, {{&(0x7f0000004ac0)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000004c40)=[{&(0x7f0000004b40)=""/153, 0x99}, {&(0x7f0000004c00)=""/11, 0xb}], 0x2, &(0x7f0000004c80)=""/100, 0x64, 0x10000}, 0xb56}, {{&(0x7f0000004d00)=@xdp={0x2c, 0x0, <r1=>0x0}, 0x80, &(0x7f0000005000)=[{&(0x7f0000004d80)=""/163, 0xa3}, {&(0x7f0000004e40)=""/169, 0xa9}, {&(0x7f0000004f00)=""/224, 0xe0}], 0x3, 0x0, 0x0, 0x9}, 0x800}], 0x8, 0x20, &(0x7f0000005140)={0x77359400})
sendmsg$nl_route(r0, &(0x7f0000005240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000005200)={&(0x7f0000005180)=@newneigh={0x54, 0x1c, 0x20, 0x70bd25, 0x25dfdbfe, {0x1e, 0x0, 0x0, r1, 0xd0, 0x10, 0xa}, [@NDA_PORT={0x8, 0x6, 0x4e21}, @NDA_LLADDR={0xc, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, @NDA_DST_IPV4={0x8, 0x1, @local}, @NDA_CACHEINFO={0x14, 0x3, {0x309, 0x1a, 0x7c0000000, 0x5}}, @NDA_VNI={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x2000c004}, 0x40)

15:26:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000080)=<r1=>0x0)
move_pages(r1, 0x4, &(0x7f00000000c0)=[&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000100)=[0x5b, 0x3], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

[ 1251.456850] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1251.484359] CPU: 0 PID: 25000 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1251.491815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1251.501166] Call Trace:
[ 1251.501188]  dump_stack+0x1c4/0x2b4
[ 1251.501205]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1251.501223]  ? debug_smp_processor_id+0x1c/0x20
[ 1251.501241]  dump_header+0x27b/0xf72
[ 1251.501262]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1251.501277]  ? pagefault_out_of_memory+0x197/0x197
[ 1251.501292]  ? debug_smp_processor_id+0x1c/0x20
[ 1251.501305]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1251.501317]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1251.501339]  ? perf_trace_lock+0x7a0/0x7a0
[ 1251.512703]  ? perf_trace_lock+0x7a0/0x7a0
[ 1251.512725]  ? debug_smp_processor_id+0x1c/0x20
[ 1251.521076]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1251.521091]  ? mark_held_locks+0x130/0x130
[ 1251.521110]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1251.531537]  ? perf_trace_lock+0x7a0/0x7a0
[ 1251.531553]  ? task_will_free_mem+0x239/0xb30
[ 1251.531577]  ? ___ratelimit+0x36f/0x655
[ 1251.550279]  ? lock_downgrade+0x900/0x900
[ 1251.550297]  ? trace_hardirqs_on+0xbd/0x310
[ 1251.550314]  ? kasan_check_read+0x11/0x20
[ 1251.564126]  ? ___ratelimit+0x36f/0x655
[ 1251.564143]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1251.564157]  ? trace_hardirqs_on+0x310/0x310
[ 1251.564171]  ? lock_downgrade+0x900/0x900
[ 1251.564190]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1251.578158]  ? ___ratelimit+0xaa/0x655
[ 1251.578175]  ? idr_get_free+0xec0/0xec0
[ 1251.578191]  ? kasan_check_write+0x14/0x20
[ 1251.586722]  ? do_raw_spin_lock+0xc1/0x200
[ 1251.586741]  oom_kill_process.cold.27+0x10/0x903
[ 1251.586757]  ? kasan_check_write+0x14/0x20
[ 1251.595189]  ? do_raw_spin_lock+0xc1/0x200
[ 1251.595206]  ? oom_evaluate_task+0x540/0x540
[ 1251.595222]  ? cgroup_procs_next+0x70/0x70
[ 1251.595239]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1251.608776]  ? oom_badness+0xaa0/0xaa0
[ 1251.608792]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1251.608808]  ? mem_cgroup_iter_break+0x30/0x30
[ 1251.617366]  ? cgroup_file_notify+0x226/0x2f0
[ 1251.617382]  out_of_memory+0xa84/0x1430
[ 1251.626342]  ? kasan_check_read+0x11/0x20
[ 1251.626357]  ? oom_killer_disable+0x3a0/0x3a0
[ 1251.626369]  ? kasan_check_write+0x14/0x20
[ 1251.626386]  ? do_raw_spin_lock+0xc1/0x200
[ 1251.626406]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1251.626421]  ? memcg_memory_event+0x40/0x40
[ 1251.712784]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1251.717625]  ? page_counter_try_charge+0x1c1/0x220
[ 1251.722541]  try_charge+0xc43/0x1690
[ 1251.726731]  ? lock_downgrade+0x900/0x900
[ 1251.730959]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1251.737094]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1251.742616]  ? should_fail+0x22d/0xd01
[ 1251.746492]  ? percpu_ref_tryget_live+0x168/0x460
[ 1251.751325]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1251.756157]  ? lock_downgrade+0x900/0x900
[ 1251.760292]  ? lock_release+0x970/0x970
[ 1251.764257]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1251.770051]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1251.775576]  ? split_huge_pages_set+0xa90/0xa90
[ 1251.780237]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1251.785068]  ? fs_reclaim_acquire+0x20/0x20
[ 1251.789400]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1251.794061]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1251.798543]  ? __put_compound_page+0xe0/0xe0
[ 1251.802944]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1251.808471]  memcg_kmem_charge+0x135/0x300
[ 1251.812796]  __alloc_pages_nodemask+0x72e/0xde0
[ 1251.817471]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1251.822999]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1251.828006]  ? do_huge_pmd_anonymous_page+0x45e/0x17e0
[ 1251.833269]  ? unlock_page+0x2c2/0x4c0
[ 1251.837147]  ? __thp_get_unmapped_area+0x180/0x180
[ 1251.842063]  ? mark_held_locks+0x130/0x130
[ 1251.846283]  ? vm_mmap+0xc0/0xc0
[ 1251.849643]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1251.855167]  alloc_pages_current+0x10c/0x210
[ 1251.859563]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1251.865092]  pte_alloc_one+0x1b/0x1a0
[ 1251.868882]  __pte_alloc+0x2a/0x350
[ 1251.872498]  __handle_mm_fault+0x41f5/0x53e0
[ 1251.876902]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1251.881744]  ? lock_acquire+0x1ed/0x520
[ 1251.885707]  ? handle_mm_fault+0x42a/0xc70
[ 1251.889929]  ? lock_downgrade+0x900/0x900
[ 1251.894068]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1251.899855]  ? __do_page_fault+0x67d/0xed0
[ 1251.904090]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1251.909533]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1251.915075]  ? check_preemption_disabled+0x48/0x200
[ 1251.920081]  handle_mm_fault+0x54f/0xc70
[ 1251.924129]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1251.928699]  ? find_vma+0x34/0x190
[ 1251.932228]  __do_page_fault+0x67d/0xed0
[ 1251.936279]  ? mm_fault_error+0x380/0x380
[ 1251.940417]  ? trace_hardirqs_on+0x310/0x310
[ 1251.944828]  do_page_fault+0xf2/0x7e0
[ 1251.948628]  ? vmalloc_sync_all+0x30/0x30
[ 1251.952763]  ? error_entry+0x70/0xd0
[ 1251.956466]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1251.961466]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1251.966381]  ? do_syscall_64+0x820/0x820
[ 1251.970429]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1251.975373]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1251.980376]  ? trace_hardirqs_off+0x310/0x310
[ 1251.984859]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1251.990386]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1251.995392]  ? page_fault+0x8/0x30
[ 1251.998920]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1252.003752]  ? page_fault+0x8/0x30
[ 1252.007283]  page_fault+0x1e/0x30
[ 1252.010726] RIP: 0023:0x806a9d6
[ 1252.014011] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
15:26:02 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x300, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1252.032902] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1252.038252] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1252.045505] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1252.052759] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1252.060012] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1252.067272] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1252.108750] Task in /syz4 killed as a result of limit of /syz4
[ 1252.120099] memory: usage 204800kB, limit 204800kB, failcnt 1153
[ 1252.126990] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1252.137591] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:26:03 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000000)={'lo\x00'})

15:26:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080)=0x5000)

15:26:03 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f00, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:03 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
mknodat(r0, &(0x7f0000000040)='./file0\x00', 0x8100, 0x48b)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000003940)={'vcan0\x00', <r1=>0x0})
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x6)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x101400)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000003980)={@multicast1, @multicast1, r1}, 0xc)

15:26:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f00000000c0))
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
socket$alg(0x26, 0x5, 0x0)

15:26:03 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xe0ffffff}, 0x6)

[ 1252.144779] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1252.165214] Memory cgroup out of memory: Kill process 25000 (syz-executor4) score 161 or sacrifice child
[ 1252.175271] Killed process 25000 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1252.186622] oom_reaper: reaped process 25000 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:26:03 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xffffff89, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
fadvise64(r0, 0x0, 0x2, 0x0)
pwrite64(r0, &(0x7f0000000080)="3a48ec720fa589391b66be754aeb574e53c3a2f7f6e051b830ae535504b90c6e7ecfe7f6c02a41302c70a578ea2fcb91dc7aecc7ec3b974e4579db39b51a0f0d4fc08aed28d93a0c58be5444186848cbf6745aebed2956898e224fe50e51fcece3eebf0d3cdc44c271bd43d53172bbc5846a5a7c7682eecd9c80e39af4980f8d88693b2e9d4b09f3ed90c2e8193de285f1e3c79af7c909a2b0a318947634dba699ed9a28014802a94c803364f2b32fbb637e9a8a635ea11f54e24fcc2b91368c4ddd3e79fd54391080b0272d4abfd44739a19207b75eda4802a843f1204c18e994b7b987201e461d1cba9b37991dc06e3dfbf964599610f3f7556079e20a784689e2737a446d8796f0c6c8e61af3493e1d64650e108f3a0c6b9d3f7d18dd00862aa1b874d6bc2f246d0157d0c1f690a4b346362ad44b6363f203ad2a09c0c270c1b6735faaecaae5d89c0a0ab158d2380451e8b5eab46e66436eb829d97b1850f5e1cb2dbde8cd29ced7e90437f64f8c38817592bddeff696aff9e5903263f230626b4b32c6d6e90357e7c4f6af93930b029ce27767ceb15f898ccdc7bd10e890ec37b37094203d5729d041b5dde69ffb42b39aa2f7b1d91f2042941e8e044a07153448f69bb0493f9d1fa07244f5745dc0869cdc7f6b72fde0007c814ff7baf7fc5cf294519e2289d87368a96b6c18ed024776eafb0bedcf32c9f3abbf462d8a0d1b3d043524164a48b976881883defccc7eb1470079cc569219fbbe8f77b8f604200d77b34ca75f343dbe4afacce3ffc721fc4e21ec3e6926de1a707cb8fbeebc84f3aee616a571c5c90d9b95a69045131ce01ff2caaa5de623f532c9ce90d80f1c4f85b74ee89cd01e4021430c96b1397d9c20e0ea1fed7212deebe4364cd5b1f7736bdfe0e2bda0f778889cfb71c9ef3eda1eec4bbb40a10b7326a7a0789f13a17f600b18844d34cdde545c39c04fd69ae68615fcb92f7c283136d5aca4dee73387687733e8e4e36da5ab3a4a5c80accd0bb125889a013dc6beea033dddfaf18370619d1e9a5bfa0e92106f6856d92465fc7f34fbb93ccb61bacbf725c5b7c6a4c78b7b25a0b5c279192edebafc6573a5c162fe4729647f458c2fab7158acc0b41e869a9171c76914fe97abc3fb531f34ab736567ccd1e3635fb30c79662f7b5fa40e3293ce0a02ea57ac4c839cdb9e52da9d1fe5561ad7dd673e331a1f3e6c5ab126e87c29b6ba6495a4676da0672e6ffd487958059260d7ffde015b7f40dcc0cb07f3d320eff2ef2eee54ee81814924a4c822062012e873a81494b3f79d31152988d98a99450141b688a3db20bdad9ef02ab6f18cbb28c75b6605d1391e6c9966b512e889a69e1c6ba09bce703ce6306f65486dda88dec90dd81f3c7aceebf7ffd2981e8be1e8f2cd6e8da648d087e3fad8205e6e13d8b7d64f2147f94300d7e6809f7242e30d0d1798a28721187b6157cf4d4434c0f85687a73318b211a9bcac6d233776b6741fc7c1251fdf19236d808df20d8f51d7e5963e8f66bbe7a011d90d0197f1a5454c1cbb2f25666876e24a9f1a1052f0c4069606f27a0d99e6cb570fb1363faed44e657fb21206dbbd2da1c190b4d2cbd0a623151c2053b4972be7b09510b739d02f22ea9ae54b3662d91eece4223c57ce0d6fab9750dd3e064cd38aeed787f5ebf60f3dbb25091aaa11352c4383e87f790684705744a33fc9fd14b769af9e6cc978e89e72ac92729bf8ca57af22d60bc96d085fd6e8a4323469ac3f563b2b7b8057519ac3810659fdb606dc1e535f3ced6c19750ef6355c81f74405f0b49ba2e1a71c2288e187dfddf76dfc8d5891cf0b3e43ed355766084c02c9df032629183eae01b1e18fa95edea57dd1e5bd48b47d3309cafef30ad09ca3df1dac9c59896079f605a6e63fe05d9c810df8cad4bd17001813e0e4ed2d1d3e6db5c4bac61569ed3574c1fedf714fb83e5556da9aaee4507e00f10abed78fcbb43c63128c3bd0cf3dcee9077362f932af5d2861f29aad2fe23f53f114b69606d74170a22c4f4225b9bc2f342c6b80d0d9e37044e25fd343244247ca6375656b482da86d3a92e40eaafbee07bbc19fc7459e1f7f420f34c946f9e9e1ed7f435700be2ac012c8fae84b5d4e6869ed66d931de45865e13ff286be65ebb2e377f274ed066a7a8608e93f4cd402fb3e2eb72120b077d7fc46a3d1d11f3c20ff47944bc70e516ff3fdb76dedfbbb5944c48ab68124cedbf07e13c7610fe5c5e9546de8815e071af31a74a91977137d392b4978bff7c0ab0324136b9274d902940c8342d20704bbdd1ca3e98caab020d588e650daaf9f98bce7be184688d7400793dfc25519ccd911ecebc21a310c013e2351059b639f274541176fdcd3594ef1384c23fb0e51a1737e6c9eb0154ca698ba8d0a5e161d3a2f055d82cac263cde1336e7e09b29afe3c6ae38b2e6545ea61093173ce8d27b290b390713b72c41cc42fd7777eabec6b9123e57a3e1df352850485243e4e06727e0d65a83e2ae1b96703a3a5420a5cd8c3a09fe56271b57c5d858a44382644f27116713144c11f35f8dd000397baa95da493d52db8fbe96449bfd339c5ba3bb12b89ce3c6b5c85fe7c8b5e4eace5d68693f5f32d749a1f4b64c5b5dba96694fae9c9dc0bfa08da694559a089d7cb407bd91e95d594218d57007383630ba79121ab9101e1bde22011a496b584400d12311ba7c7da365f836d2ef2ebbce0b1ed5720e41c87710962ba0b086043df642937bd4ce177c94a365854cb005d0288bb9d73e380eddcbf641f776ca06966aac37e91cdd8b4ceeab05be1dcb653d3775b45ed8172c49a3e1132635dc5743900b5ea709ca76d5fcce9fb4c575acc4904ca1615632108707e2e3fbce571fa3c4970ca66a068006b316ca771741042dd465982d5f8d3e40ade17ecd3b33a0d1ebef9ee20b10020f0253cdc4ef4525ae48fafc951f02844cc5719c0587f2fde1c72bb6840da0e831051e224d4e91f7b32044ab7c5867cb292604c03c35639a3e114e11a02d20928e0fc031898fd7bc1394fa23cc17def66f4d0418c9e95be4b725c17841e63feefdd793b65d52f4d37a80fe802af2f6e28e91c246cc19cdb6c1be7cce072958e35ff85879be65481203aa0102c5cd0b873eca34dcb65d80ed265074399ba16cd0d978ddf3aa75ebc7b180542806550e61f3da62ab7eec19e0c6ca0506c31d8448cf5a7404f56b46260d8d827fb2c880c8340b91bdb33987a55db9ba63d958102d21ebc24c7f94aefd0115983a0cfc32333c3cefe4ddbdff319f4774595ecb983014a50c978f50426089a467189a2b1223c92b441000b266cd005d1fa40ec376a6661bfaa9ec4dea36d2c22e43976a6834cadf10b4927788f61868fdc0d58656cde2347dca9884e9b71c92607523173044deaff31fcf69900137ce3ad46d096aaa862dd358b4b71ce8405ae0e420eed9f6a4b6277b7f0347ef91c7e957cf8a35ce3c309678831777784d3b0e2b5aa4ea1883ed9efcdf587de58eb7b1be94bf1a54d9479fb4d3fe83b197af628ef2abbf78aefb79e84d05de2fd882a375e272d2a1c7ec01359aada7e7fbe5af871514d60b69658624c58b6f842c40110e4470dffd5ce77126fa733f67dde97381921156fde9183db9c3399b3567ad4d7156da877f21d7329e02a9232c6914fbc32175e7d1e405b822cd6bb7960094f30e226491e82087caf8d5765f3b6d5cfe70fa40e40dae590ff668435d9dfb79ded4bdadea6ee7e1a997cbe38ba6ca7df11b2052b4977bd3b33b05dc25bba30c21527033294f47326db80f048f3e5a22bacfe36f8db77ff7b9d8d0a7a50ebf6c1164e1d1c70b0bc2d874ca10fb0b0fe66365a027455ee430f0c2bdf6a1a5999b4cae588b377818542f287ca704817a88db8dc673b589a1ed60699e2fe33ae75917b475229aad4032a1c73b41d948b0c712de68d95551439a32dd5f5854799668a3b6a06e0835f3b1df448a0d9d733e2d52e6db50081ec791b427747b5065b852231f22fee22066c71bd83faef15cb5bbc543d6554c7b598482b18a1c99e9f66e1bcee0a5beb73c680abd8e1391b5139304a5d6a32cd5e3b2358e226d2bbcf517c0d7d91a6e05e960a58f8b17406ea383a3dbd0efd126abd7c67745cb152aee4ec74fe6b892d94c786b329b584cbf500a14cb7d8266e27a8b426e7a75d19f8b69c6b9935a15f3d37aa1a626cade87c0edafa8cf5a0691ea2c777aec431713640da738ec06e53783620b894797adce480a007fb598c016181b63ee820cb83c4fa55d4887311e3bb785361510bb182385c83d38934f294f6377be20da83216b009a1ed258aea79191da12c5e4c6d0a1b4a483fe6b9a768c2392aeae9d07e32c2aefdbe795f5a4d15657468815f83cf8052ad115bae277912bd0af68de0ddec9df6931b7b6a8f714675aba2d5f21f485df95e520d3b6a1181cb28cd038fd97be0534a15926a69089cd54d93ff161d4f99668a962e92008572e271a68b9264ca80bf1050ab6586ef30dde65d91068f78e3fea01f8b5de8a76def49b38ae42ee4d44531847201f7a877a358427e4d9a13efc89eac0fa7757b45cd36119e98458d9f1afb25d56b9c8fe8383b4435e77e9e1815518d79b909e510b469d01557d4340ca695c80a2ded8174885d372f3113b125f0a7540b814e89e33616e06bcc5b9c78fa72d2f0a6a5a35023bec8831c58e3151640fcf09adfd9bc2829cc0bc967c6a4d0142ec7993129ed042bb2b5591896da5066da26b5b7f56beb6c0e4b7f92314512cdf5648558fc7d3cda7eaaab7568f90e2379a811c0a4aae9a280975b3ab9afe835c958edbfca4d9ebf716ddd660c5db581b7ca93ec5681b718c5dab51d78d5bb977cc51db507f1e39ff4a17aa730263d144eb5ff2d3b877808fefe5aa52edec4ba8f29e6485b6dee9a2295c3ff7f1e05908eeea5ce55e49afc3b69500869656bd61b3db688d4124f262ec2139e30c6da57b934d27e064c65a0b0a0e7392d82058a50f802e69dac976893859a23c935aef34ca1319c152a29ae45de8c4b0c67c15b418aace18bc08d51784d19b5d8ab52f5ffc8910fc345189b6d8cb58e8e23f08acebc5eee580fdce1be4586a54b4644d71087549b93aaa44214d280dcdd913025ef4e3798726dbe4dbd19fc01cb8dc9e5572a57194e34f81fe726ddc225729afc4904938bd9c14b1501cc04655503f7281b82005681037889a841ec0f29bb5b74fb1624e002bcf62099245d849ecb82cdf32aed96c7c4fcd92dd57f674526b95890b9457073b1321adef11da302283d16c8cb94f8c92796bb9eb16f3fe0d3681a22f958ad6a2b322dfb5186a0a2d0ef0104ae3e3bfab684f6b1c026dd1ef0d62a031fbbc1aee332c232b6305f1c2b232416aee1aa548df64af278b37ef80f6632664d98da13b9826b2c92799f3ad5066d6be900282759f69ef01093a654f2a678ca6b6420f8fc815dd0540b53a6a4757d0388c644fe0c79adf7161abab2f2db0de13e74d5101b08db7245e63101cd388430719dc07ca9839fb88a759979c5009cd6fdcffa6a72f3c0a3047fc1d73cb297ece4e36c4702eb1821ca33cb0a251826efb5b42944862f2a3e015983e97921369ab0ce194cee28046b19b78fcab09978327883ea13049f7a84d94ae860544a3301a27ae91a5d54b3b23a2cd652ea5d076fb68a5f4568e607297b187c9c95541fe4b6e5ae2e2243f708b16ffe755e676cc72163452cdd5679982c6857035b0525df024cf74827ec31c08d5b", 0x1000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000012c0))
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000001300))
getpgid(0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001380)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000001340)='/dev/kvm\x00', 0xffffffffffffffff}, 0x30)
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f00000013c0))
getpgid(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001440)={<r2=>0x0, 0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000001400)="405d73797374656d776c616e3125f600", 0xffffffffffffffff}, 0x30)
r3 = getpgid(r2)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000001180)='/dev/snapshot\x00', 0x102, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r4, 0xc0a45322, &(0x7f00000011c0))
r5 = syz_open_dev$dspn(&(0x7f0000001140)='/dev/dsp#\x00', 0x0, 0x2040)
perf_event_open(&(0x7f00000010c0)={0x3, 0x70, 0x8, 0x2, 0x1, 0x4a2, 0x0, 0x9, 0x0, 0x4, 0x7, 0x40, 0x0, 0x80, 0x7, 0x3f, 0x7, 0x200, 0x7ec, 0x4, 0x40, 0xe8c5, 0x3eb7, 0x7, 0x80000001, 0x6, 0x3, 0x6, 0x7ff, 0x3ff, 0x4, 0x81, 0x3, 0x100000000006c3, 0x7, 0x4ca, 0xa750, 0x0, 0x0, 0x7, 0x2, @perf_bp={&(0x7f0000001080), 0x4}, 0x1000, 0x6, 0x4, 0x6, 0x1, 0x2, 0x4128dd75}, r3, 0x2, r5, 0x2)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fcntl$F_SET_FILE_RW_HINT(r6, 0x40e, &(0x7f0000001280)=0x3)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:03 executing program 2:
r0 = syz_open_dev$vcsn(&(0x7f0000000200)='/dev/vcs#\x00', 0x1000000000000006, 0x100)
prctl$setendian(0x14, 0x0)
ioctl$RTC_EPOCH_READ(r0, 0x8004700d, &(0x7f0000000140))
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x102)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a2, 0x0, 0x0, 0x8000})
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000080)={0x7962, 0x7, 0x8000, 0x4, 0x3})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000000)=0x3000)

[ 1252.295278] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1252.342960] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1252.362021] CPU: 1 PID: 25045 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1252.369422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1252.378777] Call Trace:
[ 1252.381374]  dump_stack+0x1c4/0x2b4
[ 1252.385100]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1252.390299]  ? debug_smp_processor_id+0x1c/0x20
[ 1252.394962]  dump_header+0x27b/0xf72
[ 1252.398681]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1252.404213]  ? pagefault_out_of_memory+0x197/0x197
[ 1252.409156]  ? debug_smp_processor_id+0x1c/0x20
[ 1252.413815]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1252.418729]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1252.423664]  ? perf_trace_lock+0x7a0/0x7a0
[ 1252.427884]  ? perf_trace_lock+0x7a0/0x7a0
[ 1252.432106]  ? debug_smp_processor_id+0x1c/0x20
[ 1252.436777]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1252.441693]  ? mark_held_locks+0x130/0x130
[ 1252.445919]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1252.451446]  ? perf_trace_lock+0x7a0/0x7a0
[ 1252.455668]  ? task_will_free_mem+0x239/0xb30
[ 1252.460160]  ? ___ratelimit+0x36f/0x655
[ 1252.464123]  ? lock_downgrade+0x900/0x900
[ 1252.468265]  ? trace_hardirqs_on+0xbd/0x310
[ 1252.472572]  ? kasan_check_read+0x11/0x20
[ 1252.476708]  ? ___ratelimit+0x36f/0x655
[ 1252.480669]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1252.486109]  ? trace_hardirqs_on+0x310/0x310
[ 1252.490506]  ? lock_downgrade+0x900/0x900
[ 1252.494645]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1252.499733]  ? ___ratelimit+0xaa/0x655
[ 1252.503610]  ? idr_get_free+0xec0/0xec0
[ 1252.507568]  ? kasan_check_write+0x14/0x20
[ 1252.511791]  ? do_raw_spin_lock+0xc1/0x200
[ 1252.516015]  oom_kill_process.cold.27+0x10/0x903
[ 1252.520760]  ? kasan_check_write+0x14/0x20
[ 1252.524987]  ? do_raw_spin_lock+0xc1/0x200
[ 1252.529213]  ? oom_evaluate_task+0x540/0x540
[ 1252.533611]  ? cgroup_procs_next+0x70/0x70
[ 1252.537835]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1252.542317]  ? oom_badness+0xaa0/0xaa0
[ 1252.546195]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1252.550941]  ? mem_cgroup_iter_break+0x30/0x30
[ 1252.555520]  ? cgroup_file_notify+0x226/0x2f0
[ 1252.560008]  out_of_memory+0xa84/0x1430
[ 1252.563981]  ? kasan_check_read+0x11/0x20
[ 1252.568116]  ? oom_killer_disable+0x3a0/0x3a0
[ 1252.572596]  ? kasan_check_write+0x14/0x20
[ 1252.576817]  ? do_raw_spin_lock+0xc1/0x200
[ 1252.581047]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1252.585878]  ? memcg_memory_event+0x40/0x40
[ 1252.590184]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1252.594932]  ? page_counter_try_charge+0x1c1/0x220
[ 1252.599850]  try_charge+0xc43/0x1690
[ 1252.603553]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1252.608645]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1252.614691]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1252.619520]  ? lock_downgrade+0x900/0x900
[ 1252.623664]  ? lock_release+0x970/0x970
[ 1252.627630]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1252.633523]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1252.638356]  ? mem_cgroup_can_attach+0x580/0x580
[ 1252.643102]  ? memcg_kmem_charge+0x1c2/0x300
[ 1252.647499]  ? __might_sleep+0x95/0x190
[ 1252.651462]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1252.656034]  ? mem_cgroup_protected+0xa60/0xa60
[ 1252.660695]  ? __pte_alloc+0x1c7/0x350
[ 1252.664575]  ? kasan_check_read+0x11/0x20
[ 1252.668713]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1252.673125]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1252.677694]  ? kasan_check_write+0x14/0x20
[ 1252.681917]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1252.687458]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1252.692389]  __handle_mm_fault+0x273a/0x53e0
[ 1252.696791]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1252.701633]  ? lock_acquire+0x1ed/0x520
[ 1252.705711]  ? handle_mm_fault+0x42a/0xc70
[ 1252.709940]  ? lock_downgrade+0x900/0x900
[ 1252.714082]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1252.719871]  ? __do_page_fault+0x67d/0xed0
[ 1252.724093]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1252.729533]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1252.735059]  ? check_preemption_disabled+0x48/0x200
[ 1252.740067]  handle_mm_fault+0x54f/0xc70
[ 1252.744121]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1252.748699]  ? find_vma+0x34/0x190
[ 1252.752231]  __do_page_fault+0x67d/0xed0
[ 1252.756285]  ? mm_fault_error+0x380/0x380
[ 1252.760420]  ? trace_hardirqs_on+0x310/0x310
[ 1252.764821]  do_page_fault+0xf2/0x7e0
[ 1252.768607]  ? vmalloc_sync_all+0x30/0x30
[ 1252.772751]  ? error_entry+0x70/0xd0
[ 1252.776465]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1252.781493]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1252.786409]  ? do_syscall_64+0x820/0x820
[ 1252.790467]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1252.795296]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1252.800387]  ? trace_hardirqs_off+0x310/0x310
[ 1252.804877]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1252.810405]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1252.815511]  ? page_fault+0x8/0x30
[ 1252.819042]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1252.823870]  ? page_fault+0x8/0x30
[ 1252.827397]  page_fault+0x1e/0x30
[ 1252.830838] RIP: 0023:0x804848a
15:26:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x8000, 0x501400)
r2 = getpgid(0xffffffffffffffff)
r3 = geteuid()
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000003800)={<r5=>0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000037c0)='/dev/kvm\x00', 0xffffffffffffffff}, 0x30)
fstat(r0, &(0x7f0000003840)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
stat(&(0x7f00000038c0)='./file0\x00', &(0x7f0000003900)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000039c0)={<r8=>0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000003980)='/dev/kvm\x00', 0xffffffffffffffff}, 0x30)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000003a00)={{{@in=@rand_addr, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000003b00)=0xe8)
fstat(r0, &(0x7f0000003b40)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000003bc0)=<r11=>0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000003c00)={{{@in6, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in=@broadcast}, 0x0, @in=@loopback}}, &(0x7f0000003d00)=0xe8)
fstat(r0, &(0x7f0000003d40)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000004180)=<r14=>0x0)
fstat(r0, &(0x7f00000041c0)={0x0, 0x0, 0x0, 0x0, <r15=>0x0})
getresgid(&(0x7f0000004240)=<r16=>0x0, &(0x7f0000004280), &(0x7f00000042c0))
r17 = gettid()
stat(&(0x7f0000004300)='./file0\x00', &(0x7f0000004340)={0x0, 0x0, 0x0, 0x0, <r18=>0x0})
lstat(&(0x7f00000043c0)='./file0\x00', &(0x7f0000004400)={0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0})
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000004480)=<r20=>0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000005ec0)={<r21=>0x0})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000005f00)={r21, 0x80000, r1})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000044c0)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0}}, {{@in=@dev}, 0x0, @in6=@dev}}, &(0x7f00000045c0)=0xe8)
r23 = getegid()
r24 = fcntl$getown(r0, 0x9)
lstat(&(0x7f0000004a40)='./file0\x00', &(0x7f0000004a80)={0x0, 0x0, 0x0, 0x0, <r25=>0x0})
r26 = getgid()
sendmmsg$unix(r1, &(0x7f0000005e00)=[{&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000140)="5d441ce5da8520b79d1a55a6276e7bc12f5ea5", 0x13}, {&(0x7f0000000180)="0ca1dd98b5cc8280005061fa667ef0adb73b4b5b148af105c45158f167ac917a2a83ff49cf7f10fd61b6ef026a866e318b3a7b70f9cfee310ee098c196b5f33846c896ae2718910a48c3105af7458a01586868b13f2b4ea612d98a413c722c6ce0882e38ef0d9886bfba11be3706da8240c129421ce5e28da8a9b1db2163a8c632419415b988f0235c48c62196b4000dabc086ac93b6fa32c7f55638e53e62a958f2063862952a2b7ffd7713325e52d14870a9c10b7c97bfa2c1583366ad69deb0f5abb118601e4c4aa50d4ae9", 0xcd}], 0x2, &(0x7f0000000380)=[@cred={0x18, 0x1, 0x2, r2, r3, r4}], 0x18, 0x20000000}, {&(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000440)="7e68ab402a5fbd26ae4c0a3aecea6e6a49d1d59477846b88d80c32cae5c771370f8318a2cfb990ff764f726f469fc10ae9", 0x31}], 0x1}, {&(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000003780)=[{&(0x7f0000000540)="c60cec025ad3f117f4a9ea1f567032ed87fccf25793ce4f395a082cee91330b745b8150d889fea8ae4fcbd694809b05857e054b158070450ce877cc4bd3bbf7c17", 0x41}, {&(0x7f00000005c0)="6405d4b3702e28ffd1b9f9d78847fdd8171b48b607ccab7259a3d00638ffa3c7f269341d04586728701811be85beb479e0bc6e5645b2a47db77207749b3cf4d1ccd7fa99439112553f9d2d2e9d3bf5902aaedf4083ce520e969c845438426bad6e4be9b34dba519d7c2f4e43406097b19584ccfe7b7318ad4b9ff41cec11d2859c108c27374a7c55dec2303755cceec40349923a15ce0b394b07a5fd9376a7c58256ba06cbbdc512e75b3d7c29758ed60780afefadc06f9bf656470f41cf2f7410a8f9d35b8978e1", 0xc8}, {&(0x7f00000006c0)="68dfe062922ac84eb346524e4d43247dd4cb20b19ca8f93c35558f0600be97cb6b02a1cd9ffe8d643be3d56469fac2343358a0b0d4c25568bb3fd1f20333efc6f9f7888f77b69613b54c31c4def30900c16d376f156a21640cc661c4f0fd5afc386eea3fce16997c0da84595da55dcf899edbeaec212667b286703eaab583ab2c89edd58d9b45a80a34a1eb376fd06d06ec2b3f57e814d0b2707a465060ea34844dae4d522a8a112de0985a08f002588404a79c32ddcc003c9768ea577001de765c5ae1c4f1c5cb24d806ab12abfbd7325e306e44ee24f9338475fb75777b05e33de0d39a36cdf5df659f68d804ad5ec4c77849dbeb331cb186fa5b4ac004b0fc55396850636a9982a52c335b80baed9f9162beb9c7e1436b9fd1828e2c5c79006add7527b826f6b7445d8a7a8d07827cbe152133de59d4f6e25cb28cf450781ac1c59f8fbf38253ad173c4588b6e4318c06e38ae94ba8ad075e36511b4e25f788be3d5de8524f15f9ac482fad042d1142f183f8c86d0023600a65aedde406354f7a426f06c916b74ab0e4c8a8e618b6ca5d46a6bdde880df0d1731e8430f6dd59b5c08c0c9aca0412f4b217beaadfa980447eacc88bdcbf163671ae10a712e30dfffef3a3e94a17487c1a0c5dea079283a2b97fe92716f5f5df93bff1c8eceb1160d9970efdc19017069a6e4df3fb04977549bba8ee5592aab1aa9409b098192dac0f353242802f468b8853004cf567fcd6261b2116c2d1cf75ce19137a3ce52ec604f0eee6114e4b87085274e96ac5237c549cd4d23d7636320aeb8f040df5514070281abe958dfc2f94671e258c16c37c4bce09a3ec56ae378f1d93a48a4d106d6876b4b29a5bf45aac84943fcbfac2a86fd905e28e846a89b349ee45d09914e3be22f655d13c07366fcfa9a0183a8ef02b16325b31d2f71ba2e7fc97ad12ae52edbe5d53f13d59229651118e31b84a9024d6f62efed6ca74b9a31518a617186b844cc36108ea675ccc4b03eda0acd0ccadc1050a64737e4c66c665979ccf3061fb933443a7ba40149209bdf7995aaec45557185c08e998bc6ca17df13b40df7c4b6c634901349c305139942f38d863a76f3c12f3464aa6d530ff531d345a2daaf375377dc810513a26f8d9d0ee61c935ab52d33e7a4996ab3e5fc924489ea431b5f709b43034cf2dc08b3564f0596cd5de2fdc4c89adfca2e341686935526959015204b33b17a8726c4729417e84633c5905f5c9e953580c838e495ccfd2a79afbea5c744d03c943305c19676c9b7a66f6fb0894a54062d35e3e14b021c456e8e9260ab5aedfe933612b9ee0c93a1992ddd6090501f99c9073b1a03786b97687ee0d284543f88313a466a8422ae8099b634cbac48568f5cc0ba92f0922f026123cb38a1cc1af2462150ead7d4d672d7707b871bd50988bb432173ab3d4f2106e5162f1e2601ade4ad42a4b5c9bbc845d2813f83f09186b0dde62e1a61246d7629a13255d0a8fc6c0e18eea5ab0b7fde72adc9c4e73beefe5f917c1c5bcffc2a2ccb94f94cf925030198c52c529df14edec5ee65e47dae579c1ca3bcd7d1e067b0b11725d7bd03884f5e38e5dd131288f742268c6850b8c768c7fc26527ad4a682c48ec061735da615ff778b422f24efb37d0bd99eb8335d42ec060275cbedceb8f11b99d22a270f73a7c63a0c6e441a2b6f3c9f70b5c167950f4cf282dd9a882089289a361f554481408f06c314961e561f3f0b6c9ad81365c93ac78db3eccc7be5aa18c018c9e649bb4494743b0e052286e0ebceeb9cac64911a65a90fcb91a35640c63fbaaba220643a66b6c1f8335444790f0b92b8e97eee943f273b32708aaeb75002a70743758e24f8152e2128423a01e8ad089db2d874725872ae019f87a5e1f4408b3d281efb60f5a206ac417fae416587e674fbcd1967d8e05095b5f594fa8e793e30b37b356f973a5e1c576b81d05b8a721a569844801c2b8fedb1b05aca031d6d745b36f6550b0c6f0e2f5ba00876750ade019c1281cc152c62404f34084edcdbab0f55f64245180c993bb1a6c5d434b1e445438a2e598f22f3e42f4bba6050eb3cf83c17a364eac91160187fe5b72f6ba02d8d75e65c03ed8e45cd0bd673db993f1b29376fa181456a4c3c3c7ef47cd635ffca2af646b0c9a99c9783323bd9cd7ec2bf1e8f26f95a98e97f13e690d5d973a2ed3a67a2c24e2a671426d8cd4e93d3e33fe962c6ddb7d4f8a5465b0fa681f3c80e088eb717179f54e37aebce039f5ebf13c34c573ee585720b0ec1b70dc94680599296ae44c30d9157aecc777725db223e71df2184a8a668473518fb100fef0ea9995fd0bba7d435f89de7a10486ee287f76ea3b17ab5e605f7a2fb13f0c6bc3fca302a0caf8993afaf0a9556f9a0def9a514ee46a067b41062da9fccc8b33472bf9a31a26f86459fcc8dc9d91383a23937c600b7c91bbfb2655d822c119b2a5b0283df5dfbf6f9434a740573a7d01b61d0501387b38cd41b2c8d5653c1ef671f72f39d57d6f04233d47d6511e93d5a9a7806502b504d3c4fbc422a2f1ab2503d20c11020493e2b97297ae1cb03b1df4f37c413ac7586c80764322456826b739bc6aa0f08aba7440ee5f6f1b1860684d73529d02f2252cc1ebd466baa9904bc3502e28f556fa8738d84bd50161a97b66e493f95d603cf661e5c0adc81a201f5a10c2a0f66cb71931170e852b921743549cce81750eecc0266ffa7684b99249b69ce1df5cd9293ad606317e603c7c348abf6da8b4b7774a18d94c66313be485db08f23a2f34ffbc60e5f0ac233b0d3eae8c8b80ed78334fdfebcd24570fbb8ed27813989b8b6a537c45f058f5903574e9ac05334a64edeecb443d1db552088eadc8aec11664ed791c75cb17b240d72e4c78397441d216aac5c9f31c0b02f2d91933c5e9f425a8e90300b634838e2e93611b75610bcb25f3fb39585edd885058ab6ae9c85518459e299c5cc70dee9731d0611c1c3235e506a08d5d43dbf14e60327879a95ddc9bb1c4551e10407828630ad1df55224fefe3f65cbeecaadad55c68a15c46bbab9a941a88be9dfc6bee135f3383998eae31bfce87620e2bad95df516d2b85a89c9e31b3a15bc87a2408415d79e9390e426eab45e4d7e88c3982fc8e1d560bed77b50891b795b3dd570716c44cd823bec7eb67f3960efbbc231a1be837dc5c4c855c69486dc37e28ddede3fe59524eb046d9caa2f665a197f1fc09619caeb60e42fe18d9bbfd828d5f6ff8190f17833b1cd02e7f3a1fc7e43d741e4a361b539b4a4660a79e9680bd434d266c9593c16695e1a41f58d8d8f59d40c44399597b40cb3aba28a279af895a9a0675a06c12438de59750f271b1f31cd519290faae189a14a0833e853be526fd6f807c2dd7c5e52a050bd9877b101ebad3c3506f2d159b62299569e0adb9cd5f8da5fd4f2870e14082b1a5dbaf3f6131327cfb9e474144922829e1df68d168c15d352a40a2e87ddb9502d880806621a6fcb918b92de8008c9a77391b9d95a35a4f9e11206b37c1a7e16fe52656dde0d76612796fdce8075e12c8ef21b2a9dc3666ea8a6c9515b295572d942e44837cb27a470e028bf27d981bfd0e464d5ee043676b8df35636d758d06f216222ebe61e54af11b3936c83ad931047fd632f2e17c12aad5c6f8cbde9a164c64b2fd9068c22f9e703e3f5cc0e95dfa1fa1ce793b022a6058cca3d03ea9f60e55b03f0191d937df2471727720f6f20d2c1a2402ca4b11816273ecc3905c0fd237046eb14548f02bddacd1a2074bb36173ccfb4f308f0e57ba77fe9c7faa2dc2befcd853ed3e943539ad47af53b231c76714c8d29d44e398ebc626ba095fc30ffb61d27e64fc485bdc5d57fb238f7da53ba8588e9a7d7aad60d0b52e7fecbff4228e54a42f820d9b3d58c25f16be88afacf051c9cc20c594ab208c7cb235bfa3e10046c823a2c7cbc43c61edf96b0914351b6e7c401c751e6a1936f19674c794a8cce10f7100b4941eeb12db228e1ece97da0f85c588a997c93ef80eb3a2dcd7037b82561cfd545a8722038e1847e2841fe2ebdb8e4cc078f0ceee86369b9c446fb149c0653463b71f0ecae6de5783b1fbd83d8e7199f236e6b7ac9f475f762c2cf3fe6176e88557acb60f371a00f39e78b7b1a20e7ba585cfaf137783ab5b0c3a4cc2989004d297b135c8c9d739c2c04c5e7632edf3b434a14be0c584eb1334492917e5b7b67de333dd5fc7f41183bb63a9b442555cf40b2948abbaab744d062cfcaa442bd6b281a0423a7b4109434dff0e1b3aad09d1e29db466e66741c8e66aa0e674ece3f08f892f44d5af44c3ddaa7e16c2ee06f57bc5f2c43f975988912c4b8d88ec1badf0b138a94fbb3de8594e722716b46ae1d6aac2572d59498c7123f5b80d0c26a0308597cf7dffd021cef23e0955cc7ba5fb13d88d3cd39b212578681aa6f322cdb0a1bff6b807e67c70b935af4df6ebfd42ec726c4063d54999d42a96af63bc8b1d602d8fd7688853f6025fe6dfdd99935b2ea581edc1305d685176581a742e1a25c3fefbe460e1a56abe08b5fd9aba752b645505f763cd3818807b60180c15c2d8a623c311cc86f83f4e7d3be220c937e06720a0e02403e3cacfc25b098b4578c1b80afaa2f65ed5b0d3284bdac33a2e7cf9aeeeba157edbf23ad7520879313f1b8fd553ba98a909300b338383b9c08cdc45afd94e257244bf3f7cfc7bbf3652d1c92dede7cf150ec43974ca17f656b91ed17657293c7b221ad7a32656a8c1f61f3f6d117debe1f9296185cf743dd1cb5b61121481a3af8412cf38f63cf894477a3785b67697ecaf5640e6d45ab3783127d9e8a18d3ccf8b154d9a45105ebb700c2e0f5d9ede8293d173d3a06c281d44544c682c338a356f676184b5f3cd21e41a8d2223aa25a3b46d4b3d41d66744a70ae4a275227ffd26052bf7c92b320e71843a3f3be44ef78f33f0bdf9d1b20e5cb99052c31a6142a315233cdea2daa620e4a67657baf117a26c728174697520db3860cb828e5e515b100da5b0dbdfa5c1dfa2c268b5e3d84f1850b10a400c2d75e05770aae8a5abdd426913193b3a37b3b0b99577dd5fb92da858e3bf41d8b3418c2a64d8996c1c2b3bc0e3b8e5eea8d869610be1a8327fc92118f2edc3508ab483d3a64388bfa4c853da57faac682e51547aa5e7b3c6677d2e80e5fbe443fe001d6cfbc54dd0207dcb91ce6fb0666168f25083386cbb2528d99764b1097b30822ace853cb6d85b03c7c72be0ac92d84dd9ec1bd61c13ac0451956aea827f732d07e30a6f073546d93cd565e444f924f548cadb6a8d18ec7def4adb45c0172f415e06a67fafb98891535e876d6d8e3d1bccd7103a2b92c538b5751a1cbc4c6e014f8a285418fb5e7ff3d2daabe8878f469f376cafe37ff3cc1918c3935b9644c12634b8b9dc832bf0cf83b0d91665df062c141a92776f9deb2bcf95053a0472282ae15a859bd14373fd7ab3ed3a874174f9971517cee841dd0e541cce8c101d15d2184fb5f7170e7203f87b0b57049f9634693750ec21c8e4c3975ddbb47ce50aa70453e41d260b26acab8d61bb1a96cfc93b5ae39462def4b7305bd656072f804a68a7ac64d7dd30007ccdcb69db715fc187eff31898c184654d96a01e8e6e33aeebf09d79cba7ced38a9b97d316c6ed649d9980f6e3d4ad1a13a9c0a7bd2a4ccf317c58974c9401bb799feb947b872b6f6d64354e325d6a05370ee3957ac29168250343b460f23c9a4a2b1de9de30789e71bdd279ccbfc", 0x1000}, {&(0x7f00000016c0)="4a1033d2e9a3b41bc9f2fd0a608e800e1fec55a07d8fb65609d08c4026fe18d8d928b14b288967ed72503ba12a31e689e37dfe02556ce91491586b383aff67eef1d626b6289e5c519a376104351eaa414e8ae21e1fcc89470f5a9df6626c2c502cb07848a7ffdb5041006980f1b4de6a08915ec30a5b44c8c2143c653b38f805acf3a7e5c22ea3e03e44fa08e0ac59af941c50eef98e1465a4fded4a10e58f36a911be480052367db68b2bd51255ecd3833084cdfb2ae44d3b453e138c65fc9867fdbd126d44a5052e7512751a04ed8835a2719262c9d4269d903cc756da9203a9966d50da1e9e49a1b0da93625313127bb867dc8ac7d73fb2f67607543c1f524bd8d5d0b386b98d0b517c095ec912125799a2822775506ac39a81c4e8543c356a205f4ab65ef91d51056915565ce78fafb20c8207f6fa6b902c7c8e2c81828754a843df174d0f6e55200e5238782c12ad7a4f1a1f1c15274fd1379dc5c7aae47607ee2f31821715e5d88d5c025ba83ae2920d69ab69418477b7f94732adad2ebea9d88045b871ed22802873a412e437d95568bf355ca0f55d2cc817d9c6ed2697551d224b1a1210c5166dd56a506d40eb1a5ab8ac46e6ac8b78a7b9224bcbca8ecaffd4786c70238e0da6f17d571dd2b419a7290f00f9543e75a202c18e0aabee9615699608544eeceb0e0fc75ea66eb9474d834df39c9e7a2b3cf2dab62c7d13639e4a167887e0174eb0f2f48de6d9d07d4443a6fd60519d798ec7da0003ae1cd36c474f1a8d16f43864c2e0a0ed3befb2d8d100ac353c72342a3fb6aaccd6c8065f35988a462fa6d63ca057d0243366f28b4b68ff68ec96f1ec0a0eeb8b7622e04c39bed437de1a4ddb972c46d6c9d1cca86cbee7d920e57218b35b1b34826293dd35f21356b4d4b2592378183791abbcac2eed2ecc03458db863720c01d60e000b915d91ad3b2cbe30fe3583073bb07a743deed562226b620cd04296a099f0646202b8889727acf4f8996e00b5d45bed8d092fbc343237cb72e129765dcac65bfe6a58b2e13798397e83ae1b3d9ec73e850ef7ab6ef94bda351ef55794507f788f4ed683715229a6004e48c68aafae97319a75fbc6c32555613d57f0254ed78d8fb2884c028ec7b0efa9cbc88839518d65ce1123412aa73000bb9c72a397d15c02b3ef9ff5d7ed4cc78d93c9bc488e30e2e9fd6fc9f9261cdd91dc7723700c3bc23fd1218d743d12fb4ad421fde210c56274af0f3efb799b12c3eb697b40e930165ecbb8052a254f876f0f42aae3346f16e52ced7ee6e0514185a5faa08b39ef9cc37cfc9c222454dff0dc9f1fae505d1b2bae72b9fd0d635cf6c6e0677e439fa9a5bf05eb47faf8bf0f2bead0822bfdcd0e6bf90c0fdfa53c2b461b2e737d346ed2c2a1a956b2603e17f40dae371f2f1a33c6f9a73e64615057499b41d5f4e561d1290abc3310b9afa06f6297806ada313c94bc30fccbd16023991390187aad6ca906e51e54d0cb46df9475c3d9677eb69eb281a041036ab2b037d57377d066f6fcd765722e16b640c71a43e15dde1fe04fa78c3e6f02293fa243bf47d0ac2d7bf9618550e147d60ed21ec351f3ed517f683c31732aedccdad54bd8cf1ab57c0cb18f3c253334de5df363d9a46bf3c201170a01f5775f508f3e19dc1873ea93a5af70731d24bd1df19956ca2e077dc43b04c3e5e93214105feedc6715418f9d96d9ffe551d34be8fa893c9caa384beb0b688c9926d1ba13ab1b2b5f6c33160933c021c1ade1c238c9b4447dacda3029625b008ea4efe46bc3b124f5e4bc372bc178c57435d3fc945f86da51d7f14f682350a68b2c27961d89f2370ffb87e4cddce9c42be3dcf1c36ace234fe7ec0608b79c663b18562043ad7056f23f8a3465e90f5193b9387a82ed60cb75733bb55575eea8465fbe094cd5351faf9360d66e6eb6d318df671503788768cd6ff668ddc7f0f428487637a81466c3431128807c0407b53ec03bdbdc76a59ed41220a71b4b1dd5d066cd64349afa66077076c8f576f1b7ffd8e3c427dd2208d624a7a4cd7ca21e3a6c43409aaece11793a3b4340030c26505927450f5b330fd94a2507f11145e83ee1ca6e5eace6f2b8dd9368614ad72091c44b204183bb5dd542a0a32cef60ae9fa88e3303be6fafe509e5c9ccedde589db1c844c45ca05043a4341952566feb7e714237598b256742d01b90f80ee35692d32720562db5dc08922785b2db47e3d13bc2822defb0e952c3642174da793d1092cbb65f5aa17e04295eb94f99af09f8d21d9acad937fc0d4b682117279ff864796f78b9ec4498b72ffd3a08aa02720315aa397526129af9e6e9a4d487ced6137d18427e88a9db861d78a7371bb689557fc4a58d8dad7a114be2879e18238347ff7d83a5fcb43d47654e96a8451e7df56fdb0c03c921e150a7d0d41fc6de276f1bb31a4f6dcc92626d278dc2a93f3e9a7b46f41fe5a60bdff400a213a3a1810e7215a9cc5110bf9624d0566a7954d81609239caf809c9776492c3348dc5fd3cbc365ab259c1539deec87aa04d0b0c441d0c5d9a3b23808668433d2af2b55543c51bd2b31e2c8c2117a1b079c609b7c7c638d3bcb715814493ca930b972fc0991b3fdfb4ce1332e962cf38e83cfdb08e100763679107e9762c0608a7ac75e233eccceb2f951b489d4fe9bd04467ce2a258c108c01ab2454943f14ca17f26f2e55e0066ea3444a6182e6ecf25b70ee09ee699d5befeede9b1b1052de91466c4a428efa4693ee5923ee4d0138fd8dc169e20608c959db1b63d1a73cbd045e19365c5d84de848b32ef51460fae9b0fbb0670e5525c2eb63010a38beda491ca5e7effd556236ac5837b1dff9b1cee317972e8dbd74a43c6b718300cecc6cc5b3053b1f9ce4a79d18873bb1dedf9b0eafb993f0f040059f3ad8e741a2fc7ae11f7001d6915d534d6c212528c8c25e4f513943607c01bd718d480a0a5e37d5173812d40c884cfbe86cf2e57eadfd62019209bb220e600b9bc9118377cf6c07b622779b9aa443a931a61c13c97dab2e0e9b2dc958003283d1fb9f659ef8f94df27bd60fe4dac66b9b6872ce7bbc4c6a65fd641691863345d542d9c24e70760cdd5aefe9cb91ffcb6916de2c47acaa1784050651c6028c520cbeb666e566e185f9c8625e3517ec1b69d74d393cee2446806d01d4b0696fa0596262bd53bebe43669e6cf838927d0e4d792b72d1c3324c04854b4fec47ae3b0184095c600873a3511b4c171655f7c46f704fe7d7ea3940cead826c28c06d2149ab3d81a8cf10dc08e126ab5f22a546e268510fb9ca7f170ed50917b635e35bbdbe1a106532e9fc9857621064cb08c6ce8d76ba470fb4df6a54c98366464334f5b1e4577841e27b280ecec5f17cb0b9dcef66f04be26fb902b2669497f83e7edcb22c7466f698add363eee2e52ab340a05e2ca7175f62bf57aa43ac38c8978d811cbd16890ec7e38a26867f46713af159182c4c918758b30a8dd8ffe12f0990d3429cfa324044468d6648e31eb122216d454bf640927b3802dc7acb2f3dd806cdaf20812a799fa36d73526fd5275393e4ff8a811c22d47552473d43820e417bfc373adc780fbc46b2c939743f80b0dd2093b2ee2c73884c8f67b97c7792eb858625bd5a6b93ba7f225213583476a8b5d4689041e2a3b8c1c7c94834f074f590a9e37299be94039bccf6c5066d187c8fa3e56ffa1a26f1cd142f75ffddd96f353240007789137c8a927f9fd9205aede05d8ced962657ece12ad192bfc641825ff4b5d6a893386d40d872c44d35f54b7bdb0de7454d2954d7ff1ca74f6ee6e834ddf86827055f2489f76a7e402475c47ffa74022bb47670d97593e1b87db68cd6ca7a9b940c0d8f0ed5822973a434d83b36ef665677dd7e52e1bb3fa0e34144f42d0cbaeaff39e06db3d8dc5fa5e5a9737f406d9c4d76e3f590c199f3e6086d28e6ceb1d8f1823fa1c03220f8e581c9ba92ca6372792217305bb91b0f76cbd2bd8bd6faa8551e098204e1b5ee8453ae455cc35eea489fda4aec3426d3c1a426f2283715f400a0e71f6034b180c77d834319d556445cf0d008210846b14e0b538e13ad31cff29dda42e860468c45c5adceb57237e861b2543b3814ebc8998d7c379b9b0e96653723e5d2517ce1e26b8864c855b59063125f7c25d18a7a831940f929f51e4c782725fd3f613d0c1a67adb6b244a2bf36ba3e9edeb0fde49677baca31decb7a6da6f198d84459d3353e6069b6216ae7867bb691c14c26b16bd2a3b4ed5363cd5d007b41b6d0ae14db9691e55259a3c23a51f93818078515283d632a902c56f69b055a6e2c2740d0652109c631030b53504a354a3fa9321227ef229cfd2fc495b2cd78a496a49c39c098ed4002d7dd4b4ad0560c6e8face52c6c6a7bf48d447963e84347be3e940c0b15480bf1a2c83226d51639669d88438f18e97f7a44a1de54094792d16a7c7641fee87421d69b6e438ada59aa91dcbe2f314b23e462dc937c2c21869d5b7d204f424350902bdcf13a1e08fbbf1a867d66e80c32583aef742476be2c62fae7e792ffa8f4ee99ff387379f44a2ca5510ae5799cdff6b2cc3bc2a344c11e7e8a2e3f845808471f64f1d25a881c6a6af42014b78e651f9cca0e2fe3cc9f0485895ca6b75e8eb2c4a8a0f6b1e87a6e5e100cfbb3db6fedca70a9216eebe0a28657a99afcad5dae92581b6d0bded0020ddfbe86f1f7c430dca71750df591acc591cd646f01a598c63863c6331105a5fd6558f7b059d1a4cbdb2cc852b4e09e54aef42cad5dfd9bc521981f047edd41958328a14684e2ecab37bb9c45676e67b97966dc558c38c49ddb72af06b49934bfc69e33224ac645b2c8ef07c4d1cef3b60805111dd86a7e7435d153356670dbac42f3ec466446b87b62fed92113d792060ab4dfafa2b1607ae8f4c75048edf34a9ac25f2f67dbca22069f1c64dccdcaa6331a6c0833852522e9b2dee26ee8ce5fa3723ababbbe3a345a5da3906306a6de75ce69bad2c56bad52d3d108f5ff2609f001c65f7b08883d11120d82caf17db9b6a2a64a97a8db49079a763500dbaa1907aee1145b6df2c6a1cc5b25ea4a7146be104fcf75bbdf5abb42d9307611a66e30a78a8fab507bce030d33cee82c72b0deb21261cfaff63f08ffd2e7e5356016a5007803df07ff60348b4974ab60a0b5a28a7bb2e3e7f21d606dc03f9a0b68fada9be4ce7f5c0ac0e7379f8691fd047e8263a8c2f74af4c2867c9c0c2497b6ee845accd7c497b252bccb10d76ae254c5ed02a440c62361e5fe856b2b85a9406b8a42a66e469a56ab98cd355bc975039a12ffe14db7aaf934d8ead7ca0a7777e772160d81ba72cc52ec2175a0fad7bd8532a7665ff0c4c1f8046dff83201ef84f464c3ce97ef7481aa5941b3ceabc2fd5886a30c1eec9f12730994aacc66cbcd3ca64fa40189714070cc4c4aa8111c393bbeaa62795dfdfe916bef104a7b1f12188c05cc8b6c7b4acfa9d4115fa675aff03fb12ff77967dc659127952558e1254b0ae6e4f17cd8b9d4a9a16c0a6ef5dc5903faf43d9b9f025e2eb5c0661ab817eb18bf99b2f27f4bd8ed57ab5d146d0f9c73f0be67417224223ad6ab08c37fa69d67a1302949c16d0ee4fcf50edc3ec64e3b1072ad55f5dd3ebdbd08eb5ab77d8ee8e492822b3ce99a09acbd399ec63b9d1679832a60b38311e48d3e9f5fe35ca3945212c14fc5cc123e0afa998fe2e7fec8433e5eb38e601244057db11d683ff781eeecaa6a83f24f6dd8f125b", 0x1000}, {&(0x7f00000026c0)="0425fbdf9bde72300f6ce5632add07ca97e899989db9ebf7c64dfd267a9013f0ed366d2dc53db9febaeaa632934f716605f6a561e5cf143a47b94f550a4e8f67eff17a2f8d2274067fcca5371520714a00ca5b8d07ffd48fd866954344d348c9f757f805f7f3179338c0cf169c5009647472530bb1cc8091f13e114651d2f23f8e005b6f560e82b0ff6806f1c777b401a051ceb637f0e62550577c52ddffe7d91be8dbe3b18adb1ecfc136b5854ed992655bb5e731d5c0915f34507bee55611a626a412d1015d02e0660da65de01e63e54b636188eb0cb1f69bdcf65e7f97cb72de207187708bfe23ebfedd4414fecb2dab95cf77d9e8ba3cd3418c1be669c71021d5fb4ee078d3ea9610814bc9b1eb045aa93427af18a0bfd44c8afd92e7819c97936504296edc4e19e17089df2778506fbb727a09290a61f2f8ba10a50d5a30e6b569526a6c719a8463d6f74029ed5b32cdbf927d53c1a9b9a0990f344f5fab4318c4a57f827042822135baf01a6122ef197109c0bfa2357fd6b51275fe3c54f1a99e9eb90b69650e343b9f743f47bffebc811360bba7d4e417d00582177b8fdb351464db5b64038c9a9d1e1f05397878a37f3b13d2825b8e581dda4e3146ad1159e8ea122faa27dbb3bb22770d312a55c05705405d25f048116ababaffaad7d5f9dab2fb1f3eecdd46d5b9ce263523240e49bb48dd9ae310d10db972db4d064e2e33157da72767e9ec2cd6d353e8bff4c468268bca12ed87434a2001f55ef17dddd394db222a853d12ebead0ef8b15eeaa54a4c9f5810a49047af06cb7264093ae1a3608693b4e7760a9d778e504dc2fc36fc3e65cbbdf7375998229905a2faaf0c76d89a054b8781fd346efa0e8de24dca290342f0ee5126498eecc2f194489b1f5d4e5609b40efe30fea199c6e8bbf47b7fb900cbfd50a0384d0787aae36c7a1a5533aa113a49f4789321c96c77835841594621448fa6ce0deda529b94bee80902ee6c8d061e688fc1d2dae4888dc25204f5b22b3ebe18f018d8519af621301cb5c7ed6b5d2c70a72de2360b19bff4c16d49c16d7444549274b5a83bb7f3a0d23962690aba86f68c2962970bf1a2c19ca1406176cd1abcf19b123ce50a1f54079569839eba78fb2d913a3e75daaa54ef56cea18d18c65223615b829c6259466031c530c8296d0916488fff37e4c1d65325e42eb2961e8ff37c90313ff526b21b12404cca3741f004c1534404a4a4c8df1866762a503904f30d762e613d706189e0dc0f007d18c682ee6806448f88f00c3bfefdefd29e49a9f3a4e763cd554118aa126801973448d0fac50a55c5e104873412b70c5add453846bd717c321a80fa298526d256cb2ba29bdef4b3be73d86912d3ae1ec285e51d9247c117398a2760e0be011b804cf2448f8d07994af4edc12016739530414450bcbff9a18ae4e519363895256100eef1b083bae1b43097201d4d34fb6648ef045677a3eda912fcba86b3600bae98ce7814121f7e1f6fdfbb1ce5c6a98ef29a65e84c29d94db0a43fa251ddd079e60d37ed2f71b7cf8667802b8aa2cbab4a4e16dfcb6b4c3e32f01968938b562a8ffabcda4fe429eff9eb1a41ae1a5fa7ce853a24d35892f62272ac73e388a0af8d4be0ddde55a9872c2ac63ebac1901ac62d41834b2f2c8513370a423468392e5a0ef3816c89fc4ffd28b0ec807f13e10ab9d2531465548570d1dbe4bdc30bb4c2ed287f266e6a4a66f7339a6db425b7793fb481580e1df84835ce4df834496fb278e507abd43fa2f8c1ef6c80bab0f09a4077150807b5d012a683246ac79739df88cd82c946b119c068faad984cee2fdde1bddc032f4fa0ac39aa1e89da4b09cec8a0e7315c2c7b7b64f1a038eeaec9b788e74065bd15af5f7c85730a5123d60fa9b8481e5733994282017963cf4224ce8881fd956b29ab7068a0e294855d52a1c6677966c75cef0fdf9159da1a4860e77195df1734fe3944018083c53cc4d8a2fc16745349333d5b01d96b1570a16701b0ad3c607ab802cd9c6c8b6f72eafd13dc75d1828313fe6b765cee70f6fe57be5d7b83c2ac8f12f2083b01295ab655d10f7b35972909f95e5fea325ae81334c9c5ea9e9d97abeabbe0d80fa96e214e8e0c1e2c879c8da6f85461bd4bd816e7a96c6c89ff1fa184e4117c01c48241f5396b4b4c2f6dcd96d499eaa5db6712647f07df8b044588cbaaca927fd47aa3a95b707d8cc0c6edc379054c7dcc989cd0eeec6ae8b84895a6a2ec55afb1546efbbbfc187457ff080a8d109cabe69f91652a60566831bfe2287e5bb83a1e89304303b04905a8871f5a429075fe278feba631b62cef2d54706fdbba5654c9d5b8d13f5f85a7fe85445e08ff1e665a7ebbc76308d4629e3c96f3e19aa43b38e5ea8774499ddcbe183a4e6a5db7e73e3b2e254b3abc313cceb146ee74eee079c7218e427b37cb77ec9c790e1c49d91b790284eb1b244e8e3a2f2c7bfac3ddcafb97a080aa93c8f4371ec805722f82c13988e77bcf9f695bb421a0de02a69615850660e69cedd913eb5f9eada4fe0c70d8735caf0bce6fa183e33e68b08ea868e71be551a77705e96e9fffb2de54f033fa322ce90001d58adecf35f9375334a206085f49c3f416cce7eb9e788248d65a7244f94c3311107c0dcf2ab1103507637dc960ede7e32fbef2d9a29179094086fcb91e24b18c4c34f827cb93ecaeffc87289ba7ee29d5e4b49cffbd4cd6a9f3378af706a26affb65043493ca9e6218b77e44cb711b40f2b9d1c5d975f304080a8b1ab91ff6373347d7c3aaa71b404c7c8b9dcfeba2a4130889adc1167fdeb90ab23808ffd85a4f006625e07a8ea01f15e041a570f18f8787c1777a3e5555d95e6c6299512de70433bc49ec64720d9f05ac36acc3f19121ec6fa29d272af1278d13dcc4ce6220b085930e41a6e8a62757373e445c1a316588bb8d318e52e2d9808c1bd5ab4c46149d95494be09addfe6e5548b038f73c89720875c79a5af49f1cc8eda1bba65de3266e7cdfaff4940d68ac677e64877f407e4994a3b49bc6106e85d24878bd72f77547ce846d23f8ddcb2aa6049ea23e5d1312bb90d0d05a6b9865437896d9db55a6d0f062d82a7d1be3a2646b6c829af7ea6d1eb1b4673a58a848d37f2bc78382a29bfa44352e3d22913ade1e79590bdfba5732163b1d1967cc6831df761891c17788f9797b7cc4a89eb3937768858048d444b43edf98e4fa8dc1a7b4be55642db41eb55904e2809ecf38f3e6e2ff0a951c6dfab43a1c693bca23c171d77032cde0adb68112061b6aeeae921f4ff62d98ad121c1c6df0c1b19059bc195f8058bf9fa7d7f93c5230bdd5182c9c804f053a5bbc6d5ece001d9f37e74cb48fc860883da3b943ca40e11a142339c44ea98f71de760d1a74adf104e5dbf9067a22f710c461780d5433343ef78a6b33efffb36c6605378152c2242cd7fd579f149087c92bd258b4d824150c7190b48d4c8af0984d926f78f51100d79e28abb09e8d9306f5b987cfc1e96eadc661a9c1571ef732858c4e8bbd4e7eb42f5a4902cff5a540d7d212c5f2ea1cd1da5612a0b21376dd1b4774ce46d60bf8114e240d9e0870e55d08e88ecd41a1ac68d29d18c00f482e0f89f82b4c18ea9b19d9f203dd1a32426cd01891cf7a68d5c757f3bd248b933b579e6eccf0f0cf161d26b791f79a353dfec2f2869b0e0fd791e1ff2d1aef17e0711722165e922b8f1a37b18dca674348f69598c1c0cb9f134b6e8410a620ea5cf7e030d07ebb687e3de0f7f8266f5a0514dcc7a4031ac5483c24105520bb987fcc41a30660471cb4bb03600670360450f1af51181c30b0828210bd80865129f9d19199e30fdcc321d56f4270339a7e1706ba621f6d892e6973f5a700380dce11409a6d4c5b9809cd33a8ba227eca067c7a4400abbfa61c49eed56ed7a50e52b8538372e3a65d55a5471dceb97a9d791dbe1bba4cf8b3e1ef9a85a9908029006b526bca9ce6079a59e54c41b8e04381eac9f9ce3d59794b8bc5e7e86b6ce8f9eca9aef643bed8e2354df93779d5b64d1ac45117ea39c5996dd9b09e101787e30972b2f1d21f8ff89da949a6ad728f0cdbff367036f8ef20eac80e1e948cd4fc5fb6e149c2ee39f759471ce06b80d8eedb0aae6142d69a26572cd00037ee5407f71720f925a4d4dc6591e83d7fd5896b2827a44adf5890f4e1dce7afe0458570500d5f0e1f1839dff879ced53d48f6d9579d8ae56423f0e6e7550f238119b31c4c9d03d4e6cd6e9e14356d0c11332f2e8282c8a7c18f8fc6f1479edc9a1232266c71b1d5636dd3c2f437366473782cc77e9aac384b17bb69c7360bab0b447b25b6a01d94af6e098b70184636481e233ff614da3b9c8654a560cb9f0d98d7e786177708857b7bd83d7ae61efab8610229c1cecc74e93dcbbacc9b5099e98d4c836852392f5eb045cdbabbfdbe2c28887d30126b31bf13c12c6160366276bcbaad0c55f751cc5fe37a3ab4ca11fbbecf27693fcf83194d570fceb13aca04e724144669797b6233a5b0337de46207d2238206ba19a78423b4ac7e579115585eed69ec4f49ca996184201f298e757a4788ce66f59620dedaa75d2b570ddf8b5e3353d147ce5b642f9c7f14d84d0759f063b8212954b7d80192a6da3855b23ccccbaefad425df08189c448204a7a55cd02683281bd2c9e1942e565504e4b6fac492269910349f4817daed3f36787bdea5b2923c61123d02389c630f75bf467e45dc448090822687248011e90975b17c62de53f05b77a4452198121c4044f69fb6b3ca8d5531b01b46836101da5a1a1486f66a31840c862812a2256840659e3e4528e3cf9bdd0827c6be2b11ada1ff42ba3ea567061424bb459b7f40229d257ee4b8abc118261331e22f8c4dc7f8a4afbb343ed8977153b537dd1389f41bf4898fb53d04b9bbfbc7142c4255b7fe4e97d76bb96922bf80b388926ef81d4823025f43e875483f690f08d2009438376960644d1e5e7fa911320e45e39bf4d884e5bdf86adf42128a6cbcde0848c265d597b637f3c69f1f0537a90d8e1169b497fad24076907719e1e22b7416c013ea220fe1adf9c4240598c3390eb2323e6a099581b20f2f3035f90a60d6a0a86c81d079ad646ec7593843a616fb816987e61fc3be994ad5a230db1218f48c5952a4b86ecc8e2255399d8cc7d6a05a970d85655e9fbcad0a5f18bbf421ae224dae86adac51852f08a9c7699e7c6c1ee6a0ab4ac73a40561c7f9b9fa0837306555f1d5586810e8a7a8d8d1f40fdacec17ae61e231ec4e9c8111c6d003faf587cf87a2382d01fcf54f7ffb7b1f98408da29c2a64fb5274781f50747bd096f2cd23b23f43d1c176ad2834cb58a65618a0c1cf024c4084888377c7fb1b44e7be89617056e05719400f24f8f9a6ae11595c5fe9e7ce24851024331059b876bbd91cb7afef2eef8390a77c2697f8cc99789f7dcdf3657043357f31827f69c85fa8238a8f35b3fa0939d32883f81e0a9d17b0e90e2ebead455c5f32fd38405c426b7d86112d32efea41b156a87c227f407f49913e19af8cf0f3274299c8d5a4a2c3df811f89540b0121e91e2c9c1af48094ad97fcf504e378a605cf8ac05e8e2e9e55285c5227bda59e40a19423d0b138959f569a55bd0c3a4b9befac4da855d46eaec671b88669384670209d97eee2b6206dd82515d08d55f5cc912c881331cdb3523b549b6d2f3a07eb8e33852fc17c1632ffb0e7ae289a6d37b54e480d4ad5e25668ba73a1f774c3512af92ba0432", 0x1000}, {&(0x7f00000036c0)="d7d74e0601c4654b8d0e4c0cada53bf145e287f95803e7946f2911d31092ad13a0fc2e18e236c05efbb9fa6f1aeaa0cd7b53753c9cd5193fedaa3b1680e43441863042b71f26419254b0e54cae89550734ed3c664d53912fe41f26ff969d07ce73aa928052060d238709a6e4df3674f5d7b6029812aeab74b48328c1ea365061dfb191ed5cd004", 0x87}], 0x6, &(0x7f0000003dc0)=[@cred={0x18, 0x1, 0x2, r5, r6, r7}, @cred={0x18, 0x1, 0x2, r8, r9, r10}, @cred={0x18, 0x1, 0x2, r11, r12, r13}], 0x48, 0x40000}, {&(0x7f0000003e40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004140)=[{&(0x7f0000003ec0)="1e26d1195c4a45bf4590b58064b3ec323c21a085dd9cb7e71b433d64e936943a4a2f4c0944abb04360d0a4f6bdbda0177e84250d96be9e5f8992687b4c47f436b34b1f199021ef1bc662434f53a5b0d084b75097c33580a792", 0x59}, {&(0x7f0000003f40)="82cc66988aba5c7ed08d07956f7b692d51d40d0e07cc6aa2c49cab1faebc6d6ef8553bf13281fa038c501621033837c1a5b48d86ab40eb71a5a97483ab8d0f72618fa315c101808471c6f04ee7668ff462d0baadfb57cb1bf2a9e52ddb842e5c015359fe21837fef37", 0x69}, {&(0x7f0000003fc0)="e1ca52e706af153b64ae818348926b714351df304f654fe5d0835b031b88efa845e48d3d8f5e7ca12a87ac2f49402fac36d5996887bbd4105edd4c641d21ad0abd5cb9", 0x43}, {&(0x7f0000004040)="5f032e7e829a2b24cc78dc21c6d935ad6abf25dca0586816efb3ffdca66d60f7b177c3f103c85e292b84f0bef60a8265f7bf8fcaba38bc2879a291a946f0522395fb3878b06ba79e6efbc86c9d3495362caa29889fe506ed4753b825693b097efb7e7bc17bbb79898776af591c36a9a44a49aadce6a98f6ed8c29f92f1aef52998f21159c28c583d3663d08d8e3ff692f0f3d4ffd21b56c5cf731a4994dde50b212468c80fa30c7a6dd42e1eda84cb18d253c0aa0240cf75d2a61811d48f3bb3e5475af188918479301d0095de2489a3870061e2245774c679d2c9de515c003727ad493f8a9a31427b4e43a1337c5d448ac43bd150b9861cd1879c99c5f42c", 0xff}], 0x4, &(0x7f0000004600)=[@cred={0x18, 0x1, 0x2, r14, r15, r16}, @cred={0x18, 0x1, 0x2, r17, r18, r19}, @cred={0x18, 0x1, 0x2, r20, r22, r23}, @rights={0x2c, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}, @rights={0x1c, 0x1, 0x1, [r0, r0, r0, r0]}], 0x90, 0x8000}, {&(0x7f00000046c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000004a00)=[{&(0x7f0000004740)="7c682ecd6155080d3df6ea5f4c3e317252ae4758fcc513dce2e4a76274ab25969551d66c623042b217aa4ba4acdfc546df30130fdc50974c2c59d927d9202a4cc6dd7b9480638580cde576a517c954f514e19b9b3356385683d8162932414c54ca00e84a255fd850b2eca44de8afcac3fb61219163b5d296954c18f1851c06ec43626c4aac0ccaf6c74886424dc9f0ac6a300df59c3766b2ea4a43478f31a6da17fb6c26c98652ea3acb568474179221f96ef9ad8e2e758592be0bd3891c186488c04c303891ccd465522c3c8e2ef055fc2313e378d0108464f25151ac33a4a4bc3282653ad5535722", 0xe9}, {&(0x7f0000004840)="8e466b2175947072d33f3d63ea4a24157c37b09028e893aebda63e5ed23feb094c928808a6a4e2d15f0b9bf960608ce598c4ef9d19f11c4320686348721811518b", 0x41}, {&(0x7f00000048c0)="9d82982a2587997dbc95", 0xa}, {&(0x7f0000004900)="6d5a80bf68b88abf366ccdf5d0a422d2b606d4dc35b53e3412543475f67e68", 0x1f}, {&(0x7f0000004940)="e04d5117fe6bc1e4774c16c809fe311368aa8fd05c646ef4b636be0dc9b5b1be6dcf75cef6bf818f5761ae1f6bb1301e47bcb9341362bee05a317a2ece9c3e518131e4612af631168a3b8dd144a87256fd4ede753fefa8d8aeeb72f203ceb3a12c533cea47f13062f1e3d649d00e5a6cd1eba592d4cdd257c000aa7e72ad4b614aadaede81f744b4aab270", 0x8b}], 0x5, &(0x7f0000004b00)=[@cred={0x18, 0x1, 0x2, r24, r25, r26}], 0x18, 0x40400c0}, {&(0x7f0000004b40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000005dc0)=[{&(0x7f0000004bc0)="b5ff6f3cad3e718a6e7e5f56287c508febaede4007a255fc53064fd0d09e556530f4817b1d550bc98c5c57fbc11b11edef5a4fea77e7371ae8e935a0d1128646c13f8d6cf0a2a0823d0b0317933d20912a5f56caa6e8e3de8f94aa14c37f9dc75cf4793db423c8a9b981fc338ca6210b608262baa87af79d9ee285aa4656cdbbb03ad6f98bdc7de525374eb576e73eae3fa71f4697f1336663cc7f95812e889a6251b60485f5c620fe37289a9fc8f98a9a90bfdbb298769d8d75cd4dfcc3c6f83efbc8cfec1546b03457ef3fe097c91e0987eccb3b", 0xd5}, {&(0x7f0000004cc0)="7abba47ab95df69ef5f6b7ae071cdd19081097823e2adffa84b346c8fe0bce1ec023286beacea1d45cfdef32d59916fff1fadd24e0acfeea27e23bfd6a9e946ead8262d8273800b5823d008b74ab46122ed66b8aa523f5771682360fc18976805dfcce2b3aff7efc371470cc2127785f037b97f34610715985ad49d9ff79aa46271fdc62222f3680f2b645ef8e9686fdcfacd8ca7d26c710df6e45053a002d652c51ac21ba2624dda1064c822703fbb706566c44e1b224c38c545da8b091b0591ada7683c7cb1bb4a4bd10d7", 0xcc}, {&(0x7f0000004dc0)="81b87bcaeb5666a6d5b02b5ab535995d70afce938c09937f2f48a859748d700646125c6b8dcf8c1a28a75e667aff0a5c026a696b51fdc1f1fa993755890a8d2029b0dbe59baccfe8312bc63b60205d1a2cf77d50872a16d9cb6d77b7157ca037215aaa6b199b4cc085aba5cdfd8c426a02a483cfaaf7376dff94a554e949cce8421d8b04591cdbe3b325a012768e75b8ea84e68e447f65dc53396b69afbbe6daa1fb39b828477c9d7017e0cdf17e9858260ceeca781dcbe52758f5e9f717700319c5867604de73bf212fd1f74c91e492da041f7ca869d28cf70460ea635a45c9b9c2834d6d3ccc131438f0f1c46a5e1de4a13cf63e5767f9e50319c14e4a5014ee641df209c0e85d4614fb88b7bf9a02611562908e6af42d02c929680fd8fe4217f2ac0220332b9fe0b2ab6201ef840ea4299707b1e49d48cb637d58f2567cef813ab81ee1393c6f31a2b97eed7a3ef384f5307167c934694b83e2cac055e67d18641f18ef5023a1745b2c5369aef33dc59628f867dd6144fe807474ba12d2f29f5a93c2af41c056778681718f88419863fdc106bdb7127ad8aadc4e19936c8ec0fb1b68cc6e5f606007803367ba8a049bc524a5a2f6e851f96d0713a28a95974921e912aa251cb50c0994f25495abdeb19b275f9d3cdf28415f2f5c6bf7d7f7c0b070a922cb5e4aa37a3b70abecd0c626b690af876dbbc84b28a8bd13ebe2be205f392f3d4ec8c17e934cf2c0c7f4973b0d407f1438f76850fc59ea164d4698d20ded2c0db431040c710f2ea31006646e699ecdbc46570841e6ff2d8a04eb3c14fa96dce8640861d420c025088407d60a5cb03be6ad55f014efb39035114cbfabffbf1bc7cd6f091a76de970059b3572de7f8ac2283cf52ea1db4a1e0dab439502102b5c8f4f789eb5de7ee74c56fd55c09c5e5c07133bbefaedc0a7b1ca86a493fe35cb28d9f44a59fe53c6f77ad99853e4ba292e3472acdd8be96b007f2ab5f45303d41eeb76efc9f3b049fe4f5973cccf09409e2931b4ab25d7e3c207dedfb3c9f817b7820934de271a6ebe1afc27ba73fb42888a8b2840ee3eb2c92c771c2606eb8f7040a2be02cf59a3bab4409cb0f29b14d0933f01a737c430a31cb0d5cc283455e88f7199721f4a67bfbe0209cf18a9695e04129096d5b7288e8d9c026f2b60c0a895a6b4132d7c398e922cfde50f1d5334f5dee64eee20f705998f53a274eb9fcce0a9b050f776b50d013aed50d8f4d85bbfa72d343dfee70fe9ccb49d9e918df4d23b0059580b69165e85963e829b399653cc3ec69b5da45f0b4f10f1528a71efde0655da82dca85ba102d5f79b04a26e7f7eac7886aa69256f4c6fda5563bf3b585bb85fa2b2844a345b842883d981aa232b5ee7014f51772d694f1d08fa0d6ca380aa2cb23ed077db9e0eabd435d388ef3f83d2a318b39587070bd97100c2287e809ba05424aa5b6976236e60511afe0560499e73f9724d0438d2ab422d4d769bf40f9af66d0d9b6107ca9842121823db03978c77e5f9e52f2a1d10c9aad62f42be5a345dd075e59afff77b6a13e79c652a593e9efeaaf7aa7432f17802f23fc11dc81b1e1a2d765f0d4037ba763f2f3375a985ff98eb99668e6bcc33a9d02b7c006e3e27282fe76620a34e8a7a65f3656649604c30abb7ca1fc54f9c41118a2c711e4ad8ebd5e4dc6bf4ebf500e5474eef455113962dbd279bb2c1f94771796f01161a6206a0046ad21adf55178bec2086fd83a9b0b02f9dd95da443e058c122c1e13d65f88ba8747339db6b55011098527b97ed69f09b0e7021fce1af5ebd7d398972366a002e7f1f6ae0939a2ef6ab2b6e1789bf2529861f7a7672446ff664e52a3d5ecde7b19677f5a1b482bb66a8509f2572da3f157a30bb949059c99a2d1fe1cea6d69414d146e4810c0c3350aa7aff38730099926ca725fe66e984284f232d188832a96f384725259c9ce3857ec2b50fef5ebd3a2724d9687c005ebea0ccf7c8c05748999b605d74759d07e44e0c9743f55fb6bd73789fceaf4b22fb9a197976ec75bf3de4c7f4d45cff86175902cffc6bdff16f64301e69c794cdd5e0ff304cc7c8933ef814fc9bc6c1a331109c455409490699c11f7fb960d31c5e1720e0559f12c70eb53407d03f8d86bc9d61987c8b1a5796f785648c55ed44df16fe2d0e6495c591add467cd01841dce2c29b2101c9f9f6f7adee9b04442d58752638b00ca1e0969750a47fe5ff3fe9321c3dc3b7cb045051ae5950e9bb1ef5ee7527d515443520aa388ec9fca63e2b8d9a0f284d75a7c1b1bed205581ce34b1e1361b436d2d6bf3088015965f71e7898888b1a111fa8fada80ae27742da037f797e6dab7cecfa1e41f1cd2b7a842439c248596faeca3c77c3a871272f4bcc5a929840e5246b4541bd7ae3f9d286e78815f3581865976d69b217c97cd75f3f4725212dee069946407ca477c8d006b4015b9a852fd5b351f9cd53d12045a6fd1f318eca7c7c39207cca646e0a23d6d671c460912c863ada912e8a73a4114107a33dabac716850ff23f2ec71699d4b2483be6c4f40948242ed3d5096510472fd7cdf42441416cca3fa4185ae4ed7d03ef61e4ff734c17a4da732c2be8bdeb8c5216512f13233f858b97854c10053acc287b162ea6abb54ee507ad585ce4f29116fe2632328fee788eb3a76cdc3ffb0c4efdd5f5da5028246e21272f687dacf684c7eb2c6106ef9ac16259daca70a0e40bbc018a3e085ac02645efd865d85442e5149b406f03642df1dceb8297d3352ac66c591d0b3f5bdfda1f8d3794ae366bf26ab431bd04b1f06a5a0e73d5609bad4be19da210d3cc3d37d75461ce3d93eb564de435355772e5ced5a1ad856cd4d8b4b2bd8c2cfcc32f6a3e55a330d5556c2709b3dd78da24578bf59235ec093975860b60da8184159c06354115638fe6b211582feb9170927c14b0239fc6d22b7b40e1914965d5d2d666519c14f1f21e43e5626fe9586478878f2db3aa2ee19557552930d8f7c4c8b8f504eecd126eda88be975ee714ef070f68c24e29287425cf74d8994734fc89e56f3ba24271216c5381743586017b30bfbcbfc6a71568bd9529a004afe32c0b40ec70bca9c4858f96d280e4d6a0833d7a6a5ed3b9d50c167fcf7f23c38de5ab26dfafaff0dbb4b68048dacd0d53dd151b106221e69c8bccaf047bf6ce42ddadaccaea0936e80300d3a5e2c87859dfa26d2156f326197780d6887ad27b3022fb3a62095db31f79289982dd36ccde72b0174a41ed95405943ceee873e3463d251faf2ac71290361fc2ee8d91d3ebbea197aa4d07dbda263fb26c7cb0081e8eca6b218eaed35a32142fc6e59cd38112868d9a20d977cb72e5f865f2b6c82b2bc11219a77d4eeeb43f2108a30e3f8ef7dd4baf824cb0467e72123c3a45c52f05d1436e33eccb43a70a4fd9d68fddb88a1c6c9898896862fee245cb56574a8d219200a32e9eaaf6400f410ac7acf18d323b296d772bcccafff51b811e9ae8a8155d1228218b7309ec89e2c7ef5b256537c5d39d9861c8b2fd6c0057e1ecfa85e7c02843d3892896449825176f0a758d532786f0e24c5d3a689e70c90a76d0681b49fc9b3112f59fe6dba65eb23ba427f9550ec164d8cf58755a3ef06dbfb420b3a528b37d878814477c53638a3b8fc3914c2bb55002047899f0f4710867b2e1287275051f9324bfb354f5173ac0036d95bd17588ba9772a277f9f6ae2ce5fa35d458d218f8b0c8510c9b878f1208e45cd6139c172cadc1f725b8781bea0b647c051adaf039392f934d99327bf38fedc383d928e606dd938665ebe4de2fb262b05a772d1a269c87784e320abe244fcd0d4ba0af38e5931990fa574a39dc53c7dd9bdca79bc640cf3a89870f506fd0c37989653ae5d041dfa5c4971205183de652dc61cc757cc98dad9c2a417ab3a4d1248e3bbf4304dfa7f221dfabf17aa08b84e17265dfcace8a58361fb98c747d0d89be2e0a2886ca056615ed89e50fe748272abb2f9cc53d67a93dd6ecc9d3e94e20205663ed58be150d1127cab22f72fbdae6c08da65e37084a8a73b52ad8fed50db4f548a645204bc37b0cd8cc46273158d495337ee56eb7ecca117cd4e5f8c46ce6eca314058ef12295da8a0ece476cb6add105498955b023f454a0523928c64f967fbeab6df7db938e7361fd7c7478d96936f213d43c80b4c9625a3dac67c38b19341a3ab2a253b6d8d491352aa701891e6c3a270dd37f5c820ae27b1cd54244b156d5cb66caa7b65cad4bb4acc2c1218dbf4879b1847c4f49c1347b02f3c58819a5eb540c02f97cd2f8e0a7ee5c76ea44996da82eb344a8e6328b26c19373ae36774ad79c977d89aaef31a33bffff635be1b122dfb769cd04416b7f97653ac4846495b5b8516d3e6942540a997c47cb23a5949b80e2235f90629eba5987482e5255cfb16b31de913196035c98df7f89ad7ea859d59e1fb87de1f7fb8788a7c6a8c1ab800adbf50d90b91757cf2803ffbf71237b8d87d269e8cc132dc7cb80817968260669d1de50333c6426cd683a4e76e6d1b7ddb9f211e3e0e70efeb24dd4abdebeacab47def8aebf118623a69d98e3eb4c13ea7bf460515f64a43e0f03d89cbb8467d5cecba514fb26cd868151475f8b460e04955df44f8e283e44998545fbb6a54e56450be13b2da0642d64a420ff46c011f0947b47aedcb705f7bb69c18bf4d1533c47433e00316b687988700e8bdd1210186bd20711b93fa174ff7888c896c78164be5c2d65174784bc7eb8162650d9117e45fe0a69abbd08af6aa0d606e2e8987a28d4453e3c54195be40c29a1b8359a7ff68a14b1eb2278d9a5693eb8b7a62f24db0434a607c607e3d0b0d181d75d71be728433e47d83eb401d492455225f7b3aa295e490b27e43a0c2a56742060e843d721b69c3e8673d25a375ef44bf8d16d7287c6e1dbbac2d36300a2269de5da41b6333a90a2a93f77ee813838486ff52a1dc9e8a3bdb6d32ebaac6b1a9a1040ebc86f2c0f9b54d60f64dd0e8c71d36b406e029ec68b18ca5b2bd73ee7cedca798bd7f9d443956b4dcbf1efbd55198172b3444a531b4011e2acf944882ec61bde27bba3c649e3ac883dbbcd216460a979dabf212eb45c6eec6335200647100f7806e00ea5ee9a9349778206d1bc11a5e61477c2d0024953ab652654e46f748b174bbfd0bb77c96216acce9342a1eb90d131fd7f3403e28e5e77d908c52069d986e68da8097612865e6c1d943435178c15c22cb0ee7638881c6788e96cc9e9bedf5d5d0125462e6dd8cae8f1f8bd11b87ab61b044dffc744ff1da52d226eed1863b5f6e1fa4f15b734b6ddf6b2e3155f677f1070c4622282631f82e7d3f4a8018cda744586574e0934fe6c2b401acfa86ddf9bd625fd5edc1bc8319c47ce98d5146df9f20ccd4fbf8b5800911ecd3a9a75c069d0a894551b8ff4698ad2a8a12d6ceea8a59bb27fe54ff1afd1e143b32df0adf361b8c270b033098f032cadab6fae0f38b471bcdd9ab286e87b1bbded5f66be12c249d38ffec0ae1ba206187c22957a8fbf71acba4e4a67cee8dfd841c8c75e8ffed1ece232db9f1cdd1e20b4fca83d030590ee4383035df061d05be7eb3d4543ba0d21bd9642dc2534bb850f280b5bc136199933413787085eef4eb282380732a23f629b47c8bdd71192b1f2ac37704030b538213f1ea586e3e6d9141c3d3eba2b8801151c9a0466ae788a41871ed904435441e60dc38068a73df553243b2f6f58d538d592a9f7a4d46d472854e5dffa04", 0x1000}], 0x3}], 0x6, 0x1)
r27 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r27, 0xae78, &(0x7f0000000040))

[ 1252.834109] Code: 0f b6 c0 d3 e0 09 d0 88 06 e9 a7 01 00 00 8b 44 24 10 8b 54 24 14 0b 44 24 18 0b 54 24 1c 09 c2 75 10 8b 44 24 28 8b 74 24 20 <66> 89 30 e9 83 01 00 00 8a 4c 24 18 31 c0 8b 7c 24 28 f6 c1 20 0f
[ 1252.853001] RSP: 002b:000000000845fbd0 EFLAGS: 00010246
[ 1252.858350] RAX: 0000000020e68000 RBX: 0000000000000000 RCX: 000000003dd6315d
[ 1252.865625] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 1252.872892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1252.880147] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1252.887404] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:03 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:03 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x1})

[ 1252.902903] vhci_hcd: default hub control req: a200 v8000 i0000 l0
[ 1252.911168] vhci_hcd: default hub control req: a200 v8000 i0000 l0
[ 1252.935465] Task in /syz4 killed as a result of limit of /syz4
[ 1252.948624] memory: usage 204800kB, limit 204800kB, failcnt 1191
[ 1252.966777] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1252.977969] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1252.984406] usb usb5: usbfs: process 25081 (syz-executor2) did not claim interface 0 before use
[ 1253.002179] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1253.025409] Memory cgroup out of memory: Kill process 25045 (syz-executor4) score 161 or sacrifice child
15:26:04 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0xdc, r1, 0x0, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan0\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x85af}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x25c}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x58}, @IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_DAEMON={0x40, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x400}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ifb0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7fffffff}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:26:04 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x2b, 0x40000)
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000140)=0x5, 0x4)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

15:26:04 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0x8])

15:26:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000080))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000100)={0x7d, 0x0, [0x6, 0xe440, 0x6327, 0x3ee]})

[ 1253.043502] Killed process 25045 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1253.063643] oom_reaper: reaped process 25045 (syz-executor4), now anon-rss:0kB, file-rss:32776kB, shmem-rss:0kB
15:26:04 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x4000000}, 0x6)

15:26:04 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:04 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0xfffffffffffffffd)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8938f57e5fb30aaa, 0x13, r1, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1253.175776] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1253.233288] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1253.239894] CPU: 1 PID: 25099 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1253.247281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1253.256634] Call Trace:
[ 1253.259229]  dump_stack+0x1c4/0x2b4
[ 1253.262866]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1253.268068]  ? debug_smp_processor_id+0x1c/0x20
[ 1253.272746]  dump_header+0x27b/0xf72
[ 1253.276477]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.282022]  ? pagefault_out_of_memory+0x197/0x197
[ 1253.286964]  ? debug_smp_processor_id+0x1c/0x20
[ 1253.291636]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1253.296565]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1253.301502]  ? perf_trace_lock+0x7a0/0x7a0
[ 1253.305740]  ? perf_trace_lock+0x7a0/0x7a0
[ 1253.309982]  ? debug_smp_processor_id+0x1c/0x20
[ 1253.314655]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1253.319590]  ? mark_held_locks+0x130/0x130
[ 1253.322238] vhci_hcd: invalid port number 9
[ 1253.323828]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1253.323846]  ? perf_trace_lock+0x7a0/0x7a0
[ 1253.323864]  ? task_will_free_mem+0x239/0xb30
[ 1253.342415]  ? ___ratelimit+0x36f/0x655
[ 1253.346386]  ? lock_downgrade+0x900/0x900
[ 1253.350542]  ? trace_hardirqs_on+0xbd/0x310
[ 1253.354852]  ? kasan_check_read+0x11/0x20
[ 1253.358991]  ? ___ratelimit+0x36f/0x655
[ 1253.363042]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1253.368481]  ? trace_hardirqs_on+0x310/0x310
[ 1253.372877]  ? lock_downgrade+0x900/0x900
[ 1253.377016]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1253.382117]  ? ___ratelimit+0xaa/0x655
[ 1253.386010]  ? idr_get_free+0xec0/0xec0
[ 1253.389985]  ? kasan_check_write+0x14/0x20
[ 1253.394208]  ? do_raw_spin_lock+0xc1/0x200
[ 1253.398435]  oom_kill_process.cold.27+0x10/0x903
[ 1253.403184]  ? kasan_check_write+0x14/0x20
[ 1253.407408]  ? do_raw_spin_lock+0xc1/0x200
[ 1253.411644]  ? oom_evaluate_task+0x540/0x540
[ 1253.416041]  ? cgroup_procs_next+0x70/0x70
[ 1253.420266]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1253.424745]  ? oom_badness+0xaa0/0xaa0
[ 1253.428635]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1253.433378]  ? mem_cgroup_iter_break+0x30/0x30
[ 1253.437951]  ? cgroup_file_notify+0x226/0x2f0
[ 1253.442434]  out_of_memory+0xa84/0x1430
[ 1253.446408]  ? kasan_check_read+0x11/0x20
[ 1253.450545]  ? oom_killer_disable+0x3a0/0x3a0
[ 1253.455027]  ? kasan_check_write+0x14/0x20
[ 1253.459250]  ? do_raw_spin_lock+0xc1/0x200
[ 1253.463476]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1253.468305]  ? memcg_memory_event+0x40/0x40
[ 1253.472615]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1253.477364]  ? page_counter_try_charge+0x1c1/0x220
[ 1253.482282]  try_charge+0xc43/0x1690
[ 1253.485985]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1253.491078]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1253.497122]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1253.501952]  ? lock_downgrade+0x900/0x900
[ 1253.506088]  ? lock_release+0x970/0x970
[ 1253.510050]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1253.515844]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1253.520693]  ? mem_cgroup_can_attach+0x580/0x580
[ 1253.525448]  ? memcg_kmem_charge+0x1c2/0x300
[ 1253.529849]  ? __might_sleep+0x95/0x190
[ 1253.533815]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1253.538387]  ? mem_cgroup_protected+0xa60/0xa60
[ 1253.543050]  ? __pte_alloc+0x1c7/0x350
[ 1253.546935]  ? kasan_check_read+0x11/0x20
[ 1253.551069]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1253.555465]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1253.560049]  ? kasan_check_write+0x14/0x20
[ 1253.564272]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1253.569799]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1253.574720]  __handle_mm_fault+0x273a/0x53e0
[ 1253.579120]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1253.583976]  ? lock_acquire+0x1ed/0x520
[ 1253.587941]  ? handle_mm_fault+0x42a/0xc70
[ 1253.592165]  ? lock_downgrade+0x900/0x900
[ 1253.596304]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1253.602092]  ? __do_page_fault+0x67d/0xed0
[ 1253.606313]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1253.611776]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1253.617305]  ? check_preemption_disabled+0x48/0x200
[ 1253.622311]  handle_mm_fault+0x54f/0xc70
[ 1253.626377]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1253.630946]  ? find_vma+0x34/0x190
[ 1253.634496]  __do_page_fault+0x67d/0xed0
[ 1253.638548]  ? mm_fault_error+0x380/0x380
[ 1253.642685]  ? trace_hardirqs_on+0x310/0x310
[ 1253.647086]  ? entry_INT80_compat+0x74/0x7e
[ 1253.651398]  do_page_fault+0xf2/0x7e0
[ 1253.655188]  ? vmalloc_sync_all+0x30/0x30
[ 1253.659325]  ? error_entry+0x70/0xd0
[ 1253.663032]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1253.668034]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1253.672950]  ? do_syscall_64+0x820/0x820
[ 1253.677000]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1253.681830]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1253.686831]  ? trace_hardirqs_off+0x310/0x310
[ 1253.691317]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1253.696319]  ? page_fault+0x8/0x30
[ 1253.699849]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1253.704681]  ? page_fault+0x8/0x30
[ 1253.708209]  page_fault+0x1e/0x30
[ 1253.711649] RIP: 0023:0x804848a
[ 1253.714923] Code: 0f b6 c0 d3 e0 09 d0 88 06 e9 a7 01 00 00 8b 44 24 10 8b 54 24 14 0b 44 24 18 0b 54 24 1c 09 c2 75 10 8b 44 24 28 8b 74 24 20 <66> 89 30 e9 83 01 00 00 8a 4c 24 18 31 c0 8b 7c 24 28 f6 c1 20 0f
15:26:04 executing program 2:
setxattr$security_selinux(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='security.selinux\x00', &(0x7f0000000380)='system_u:object_r:default_context_t:s0\x00', 0x27, 0x1)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
mknodat(r0, &(0x7f0000000000)='./file0\x00', 0xe004, 0x6de4)
socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
setxattr$trusted_overlay_origin(&(0x7f0000000280)='./file0\x00', &(0x7f0000000140)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='security.selinux\x00', &(0x7f0000000240)='system_u:object_r:mtrr_device_t:s0\x00', 0x23, 0x3)
mknod(&(0x7f00000003c0)='./file0\x00', 0x1, 0x3f)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000500)=""/29, &(0x7f0000000540)=0x1d)
mount(&(0x7f0000000480)=ANY=[@ANYBLOB="2f81ec5500000000000000000000000000000000"], &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='affs\x00', 0x4000, 0x0)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f00000004c0))
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x9, 0x0, 0x2})
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000002c0)={'U-', 0x1}, 0x28, 0x1)

15:26:04 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x700000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:04 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x29, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1253.734283] RSP: 002b:000000000845fbd0 EFLAGS: 00010246
[ 1253.739638] RAX: 0000000020e68000 RBX: 0000000000000000 RCX: 000000003dd6315d
[ 1253.746909] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 1253.754165] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1253.761417] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1253.768674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1253.781207] Task in /syz4 killed as a result of limit of /syz4
[ 1253.800904] memory: usage 204796kB, limit 204800kB, failcnt 1213
[ 1253.814778] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1253.821953] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1253.828279] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1253.850031] Memory cgroup out of memory: Kill process 25099 (syz-executor4) score 161 or sacrifice child
[ 1253.860337] Killed process 25099 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1253.870982] vhci_hcd: invalid port number 9
[ 1253.875443] oom_reaper: reaped process 25099 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:26:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0xc4400, 0x0)
ioctl$BLKSECTGET(r1, 0x1267, &(0x7f00000000c0))
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000140)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x2)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/current\x00', 0x2, 0x0)

15:26:05 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2b00000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:05 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
fcntl$setsig(r0, 0xa, 0x14)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001140)={r0, &(0x7f0000000140)="0f3e7855b2e5845947f0343dad98d549428d031b27b4e281fa50f6997bafe473c405529480ba6198a820199fb2827669174a27a20ac067874aa1b5682c6a00d9d21fee547b5819253eff7ef047ddc1c3b7e91bce99cefde092308672fad05918419453060a0cc246b51e110848b4f99b4485f11edbd35415445a4c5de7de6a6a414664106c7e8919eb2c3068b7d18e2c773c22f3171e1f44da76cf0e12706aee1aafce0d009415ad3df8564b14c2a90be1f26f940f7f1efa5f504e043441863a7842579c1c869ca1d0a4b237b7abf64deb0bd0237ec33c76b33fa0af1fd9a7f4e0a2b8fc38c6d62a0f665b6d6526687db931a6ac947bce756bf94651c16c422e60d9e8401a4d83f1f246a7ec9ff7dde32daf837de5b801a23126359b431df6ff1b352d047170ae719138fcb0c103fd87cd6ef0a12fcdd0b79337e2b7dd9fec81e63663aca6184e2cc6210a5036d1ae15dc89ae6e5b6e3a0aa0dbe74fb106a22a003c69f6cadb7740276176eca70acaa07376274e3e026558b4ff1152ae73dbaf506f1b3a68abd788d75dc1001fdd19613ff019341c61a0a2bc6cb82ae0a427ea3d5fa340a181bc8479f9bc3b506deb09bdfe9f3d8733d7300e5f90bc8f75b8e9b12543c7b0999c1cab177e48294f9be42cfaea23f55116465c4979d9606df47359017965e684f7a5e13e5be9f4bbda3410591d468afc3cda96cc9e73746588bba08aeb5acae49f1680539726f6be6a7d409a3c4da97fe8883e3e5a19a23c2a68f46bc13520969d90ad1f6ed47a3d9652104da83c73bb3d8414da479a72e73356b261d18fdf2ad5644b159682b2db49434c9337b5e7d464ff6e62042640754abd5354df6153dfc882fbd41894e78750e4b8045891abad5c71911efbf29c8c7d8fa5c60ba7089f9b0e79cd9ec4d524ddf3fa771125facf32212a8dc5ed6a1fb7eb802d45958d3686dea23b5cff08a167ded4582e3d0f9f614eb5006bb60caa862d9e1104a94a4a798c4e2067d9718910fd6fa3431f9a04aee077f774662694badd2b900b56a17e6b01738cb131abee996cb07cf5908305c8d11cb04c6d5a5faaf4e4df661edaa0a979d2ec18b2351e716aae101efadae8defe67cf57cc677df8e3bf983658d44521b82cf07612c498891674c58e40f95d0d50d04ece8dae213277f4c949e10349e54ceb7048adc1da65ed87580d650aae9f405d926757eef40aa91d34d351026ac65646164ea41d1e58776cd7d1c4195482faa8316f5cb2dd866b19e508ca01591eeeaa8dcebcf699144bfd96673a75d9572e465c857c63c1a6c4295d24b73d48fcf94234ddfbbf183493742f9ba003c74127ba898a0e06aacc681b3d4ef91986e089b02bec13c0d64bf9a3c55f43acb0a22e8c5f72164c4d39606c8addaccb728c863d38f793443ff5f9cd45c528b74221286d2bb792d5d2d9d6cb54bc9711408942cbd8ec9ddb456968f3831dee51b1d0b7d863a9a728ee07228ff2d7cf9376058915e517811c036224ddaabb2caaea8c7d01a6cad67fb90ce217ee2a75c4f002ef8f2b38c349895543d0120fd4dd3f247b1989e3bc124996057772b3d74aa9c51f93f5b95e1559714a4359827cd1eaf20595a030f1e048874de22e0df15bb7e530191606e99a493097b8c2227c853fdd33c8f12740a329efc6adcf2547644a3da244dcde3758ac05f35760120c8ca1486b5c465a1e7109d688e75391ef7fcc493cfbd31d7295568f846c74cef9a675f871a7ab1d88a03e66f1bfaf6c68e347bf1cfc2b24473b2a4033d87eafd77cfd93b713032662b3fb2a762613da525e3e21c363ca2bc0333db1ad2ffa91cc36738f3e42378ef84862720779f82d6738cb3e1ed8403c1a3138eb77c6d31172d342577d81894c3e15d6e18db5e9005dab15ebff0ab3d776c41926bc5f0d7eae7a8dc21fa0dc999222f47d39223730ea7486b8f768313c19db83b44416966d8ec029a72cefebc221db0e3c31e27ab256c2f3a31ff60bb2f489695efb12716e064e6807b67ee8a4b40bcdc0256002a325c66b8cc8a3119ee81a0916771fba3530f6038b9b35ac34cd2b625522282ab2157752f88e81aaeb783cc981425fb918aa4401c6f26d6b30d0501cc2a96a753ed052c564a2fe76681322b48a638727e9e1413a76057881a88709e2ee6990fd36ed2078f7d6ebf0fee67be78e9fa6c2b3de199f65dc4ceed8326a00a5cdeb7ef3aa5316fc3f6a2f4a4fce945b16cdd93bd917dbf9cb7e4a5789676a995801a37fdce460c894b5781d907d0bcfafd27a11b89fcd3e592bc246ad489eeff1101ba490ee04cf8df78c7a75d78b5c70bd3f26829c453e915a11d96408e2a64336ed650105c5b3bd12076cde243d331adb9ea75c404e70a5c5c0e132ae964c76e93ce633f7515897e2b7acee3e601091386fd68164ebe7a55287ceb132b00e8eead2927fd9bb231e91ee0a4a279dad997caba784006a588d2fb19bcbc0c31664706caa73622931e0087355ca1980b37a6b8cf2c40f30f82d9426b60c3d127a3732ad6f4e2c7fddbae257b800340ed545caa309c28f69e3531d460e70f0517076f337b232aa62dc61af6a606e89fa841241ba7799204b88a4eb88b8ea8d34851bc53a411e21d7f7f6f6a29193b3a79d72d6b17bfcda7817db97dcdbd08ba882f6c2accc70f7c090a12357827aeaf94c1feba1e8db037d4212c48684c3d74a93d569eba75f4eda6316d2972c0a9df3596d17476039435c4234475e4582b406cbe803dbfb52722c4e7b599d36a64bd552ab8368ea61c0b970f8737b49cee2bb9a33c968594b071de24fd78ea1a935e6f52425576053a881e8130a540fe65964ce8f142e026977a3894e98e2a625351ebf28d6df73f9dc6adfb0c9ad286097daa6137d0fb1b82f9bf99c3e330ed115548a99f267dd6651b71b12661624e4638931fe6f7cb8811587f765fe08bf4b397294cf2f0be2f63471544acddf3ab08a4ba3ef877f8bca5e84ee861a539cda9f18980c43af1c835997dc70779e2a9b75a1112d6f0c9f9c74d24e03cc96c256b81a4728b9758be5105d9cdd90fc89ed7a8fc7389ddf4c3bf100bdad420fd55357336061afa4c5bf3a48a5e2612a209374374c5b109724449a0bf0f8ad64eec28d83b59d6215949b20b085793da04a7f443bc663c727f8d96590476784edf0215a3e2c5873efebf59046af3d61b0f3a98cdc292b128a5966195c3efa1a763234248c7ea92ebb8a43b8e8494f0f7a1455bb8194a865bd126a4a3401c168759c67c1a86bde82539015a317414b240ce4418224e2746c84e7b72275d5ad0171614c811023ada91601b8eb6d1527169ad3800e50d6053cda7e441f66515dbe22aa54313dc60e7b79439bfb57b182acd160d9ed194fcbbab3fd48033651bfc7309f5ea94be6dbd178cf2e0558256b4adb06b2a828903a5f6ba83548ecbe4c48f06a12e7ffa208f215786c867aa4a835fafa6388dc4e269bf1c3e696323e9c85f3bdd33b12a9220c8c93ffbcb2e788d488357a6a0f7a774a2f858b5cb152a9d0bf1a3579915ab205af02fc57a8a30ced09b0c86bee1496431a4f39d0f45c81d48dba919ce649417372c49cc25b9085585ff8e73aef7582852a0efd6f0663a3ed45205f2a0e2d1811501ed324ba2c743db1447e235bdb3447dc9f9733866618dac5b61a27774807cccdd890390a88df011157bab050a038dbab80795c75bbae09bdbf089fcd79ade4b0d35baeff171a0be783412ed751431d2c327337f4f3efb5bba3752d77b3413397194fff1f49b8d6eb1402e8da4a565889fae4b6fdbd23740a263f243cf8c0464261dda69c368c2c83a1f55e8aee29887edfd7f17400befcd1d4997b20e992d5b7741d7d73a2b53bb08e32754c3f182fac2908d10bb6b31e96deed95b23733edd61495e8f98ee2a55aac94c440c9f79151ebf4fc1455e51bc35c07fbcb4fc33a09da8a8176d6beacf5212fc8e9415ad897b75fa8b3543eea4722856af08dd79719c52eaef580a14338c5659af172f53f0a2984646c22b1622ed29fbd50b44f2432d22fdde2c3c8c8cd6e42f651a35b922533f1ec7805a35634457b462efacef366ee3861a6c5ca281d127b8a3476de6af71b1e8fb0c17f8fa74e44ea99b6d497ae42d58a783f18fc9afc259910eb20c61a4f3bc4d5cd4a29373796130c88f46c5941e552cb24d4bd478a3590fb41359ac5868143f8faf4afd6d7d23224996aa3cb19db2ea2f7ad905cabc2b3caeca345d2ff7854cf326ae5db0e387e5b271091feda2f60f777018f2449871626ec979e960c5d81a746d7d2106d94946748bb0c0abe716ea1bc8adf1626e5e44af1ebb4feef70bcbf125cb169c85d41710b4ee76b9674118f3b29c61fc28c95e468d8071da522df009f51605d6d3ef6f4a377a54206802c077810bb13f63e8dd1e6f869736ca2233a649856835f0b28409216ce57c2f64d7dfd5e024e1b806abbb17ff802635e3fc549b210487d3c8ab84c882f89ca3fd8bc25fe30d32571a0c6cefdb03646755bf19119ddb2b4239de217b8ed9eaa88464db5cf5c80f1e8e7b344639fedd29e5b0e792d917d50290309a826e56d2035805a1205db321805a98467b796d63f50cf2292ac6833d1d839660c1f3b5e21fe979d880855fadef613c8b2809a8be3912c1e1beb0bb5646ec30fe632d9ff73b3fab834725a7305cb1e8391d039ece1afe66f60b85cb4afa106cddcc7a2291b6de35f754e0c3f9c3daa81893bfa1073687fc84359bfa50d573fcd1855ae1bb28e1b6ee244ab0df2327ebfec35c99036039581ec94d3171bf209dd95200144fded19faf8108d78b227f46a9a6aad85b66aa9a1bbe8a524d48671f7934999be311254bf668cebd5ad172dfcad8b92590e2eabfb6d872d0372e3c15415f330836523571fb95ae74cf5ab75403eaadd218f97004bf00b03a2fb3817e18138ca8e25344420d9a24aa3f9da5d7ae8131d008bafe542d9a2ad2976039f5f58fe65d9abcac90f3a8f4765586be92586d33a8a9ae6d465e8b13f8d91f1029bbc1fd9dc71355c50f2d93396eaf569054480f86080b6abf4ace349324638efb7ed349c53c71052de1cf0150776626cf2702299a2a16f3c16ca5b291b781a99d2921b3ad53fd45ff7c9d27e092c247d2b65b6ebba7834366245b55518a18799c77af8408702a5a4510cccaaf9fdff3cfbc94a1ff0b4baad2c57aa7955d5f49800b981d544f9c8fae4ca810868b1696bd9d09a663ee01112f311c6ea5914a30cd17453ce98d93a36230b289b244100b5a74d7f679c25895ebbb710dd46571eec07560c01a017dc14fea9f2591f2266f4c8607a3a2ded64f98dd3e9eac7e08492a902179de840646b0a400a75d39b17c96e5d0834ab4e07bb5a291842fc89f64d01dd7472e513e03389344432317678a447fe5c0cac7acc43d67e845683bfeefe122c29ed18960111bdfa88156237f0bc576e830bdca39732e58a8523e6e0afc87812ab80bba1390dc51e1f5607128be34b522ca61d666cf27ae3d488e377f033635e3fb55f6d73ec6ad5a0295be4c00a2a98b4e52137e914040a6880599b03cc19c36b733b5d981a237a63ea16937f75223bb49249ad79903d3e8a2716c0f037832f7eb619ccfc7ff538bcd4dd8b9262f9073de3059c6ebc22b8df40b6164bde4ac84ec3648a3f8357cc4488906e4c8886720491b70ac07ed0e74f172ea5945e8812fa386b3f41245f1abfbf97df0e8040359470ab17eb5fd9926e0de8b65c6cde618d8b9acfa62675b4116437a7fe368babbb", &(0x7f0000000040)=""/124}, 0x18)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
write(r0, &(0x7f0000000000)="8a113d12b2a2b1e48f0bed479fdefa795c1032730e6f49cdd6a2490f9ec1262f582a93639e3efa079394825ea0fafda956cb", 0x32)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000002a80)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000029c0)=[{{&(0x7f00000012c0)=@l2, 0x80, &(0x7f00000023c0)=[{&(0x7f0000001340)=""/21, 0x15}, {&(0x7f0000001380)=""/4096, 0x1000}, {&(0x7f0000002380)=""/23, 0x17}], 0x3, &(0x7f0000002400)=""/229, 0xe5, 0x1f}, 0xc13}, {{&(0x7f0000002500)=@in, 0x80, &(0x7f00000028c0)=[{&(0x7f0000002580)=""/119, 0x77}, {&(0x7f0000002600)=""/52, 0x34}, {&(0x7f0000002640)=""/49, 0x31}, {&(0x7f0000002680)=""/49, 0x31}, {&(0x7f00000026c0)=""/112, 0x70}, {&(0x7f0000002740)=""/7, 0x7}, {&(0x7f0000002780)=""/59, 0x3b}, {&(0x7f00000027c0)=""/21, 0x15}, {&(0x7f0000002800)=""/174, 0xae}], 0x9, &(0x7f0000002940)=""/127, 0x7f, 0x10000}, 0x7}], 0x2, 0x40000001, &(0x7f0000002a00))
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x8)
sysfs$2(0x2, 0xb36, &(0x7f0000002bc0)=""/215)

15:26:05 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xe0}, 0x6)

15:26:05 executing program 5:
r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xffffffff, 0x3)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000000c0)={'mangle\x00'}, &(0x7f0000000140)=0x54)
socketpair(0x3, 0x801, 0xd46, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000040))
iopl(0x2)
exit_group(0x401)

15:26:05 executing program 1:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x1, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0xae78, &(0x7f0000000040))

15:26:05 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x600000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:05 executing program 2:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000040)={0x4e}, 0x4)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:05 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x80001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x400100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1254.010611] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1254.083028] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1254.088303] CPU: 0 PID: 25139 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1254.095666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1254.105024] Call Trace:
[ 1254.107628]  dump_stack+0x1c4/0x2b4
[ 1254.111273]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1254.116476]  ? debug_smp_processor_id+0x1c/0x20
[ 1254.121144]  dump_header+0x27b/0xf72
[ 1254.124862]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1254.130391]  ? pagefault_out_of_memory+0x197/0x197
[ 1254.135398]  ? debug_smp_processor_id+0x1c/0x20
[ 1254.140060]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1254.144977]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1254.149897]  ? perf_trace_lock+0x7a0/0x7a0
[ 1254.154123]  ? perf_trace_lock+0x7a0/0x7a0
[ 1254.158350]  ? debug_smp_processor_id+0x1c/0x20
[ 1254.163007]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1254.167925]  ? mark_held_locks+0x130/0x130
[ 1254.172151]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1254.177680]  ? perf_trace_lock+0x7a0/0x7a0
[ 1254.181902]  ? task_will_free_mem+0x239/0xb30
[ 1254.186392]  ? ___ratelimit+0x36f/0x655
[ 1254.190353]  ? lock_downgrade+0x900/0x900
[ 1254.194493]  ? trace_hardirqs_on+0xbd/0x310
[ 1254.198799]  ? kasan_check_read+0x11/0x20
[ 1254.202938]  ? ___ratelimit+0x36f/0x655
[ 1254.206901]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1254.212338]  ? trace_hardirqs_on+0x310/0x310
[ 1254.216763]  ? lock_downgrade+0x900/0x900
[ 1254.220901]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1254.225994]  ? ___ratelimit+0xaa/0x655
[ 1254.229875]  ? idr_get_free+0xec0/0xec0
[ 1254.233836]  ? kasan_check_write+0x14/0x20
[ 1254.238068]  ? do_raw_spin_lock+0xc1/0x200
[ 1254.242294]  oom_kill_process.cold.27+0x10/0x903
[ 1254.247041]  ? kasan_check_write+0x14/0x20
[ 1254.251264]  ? do_raw_spin_lock+0xc1/0x200
[ 1254.255491]  ? oom_evaluate_task+0x540/0x540
[ 1254.259891]  ? cgroup_procs_next+0x70/0x70
[ 1254.264120]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1254.268603]  ? oom_badness+0xaa0/0xaa0
[ 1254.272491]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1254.277239]  ? mem_cgroup_iter_break+0x30/0x30
[ 1254.281816]  ? cgroup_file_notify+0x226/0x2f0
[ 1254.286309]  out_of_memory+0xa84/0x1430
[ 1254.290271]  ? kasan_check_read+0x11/0x20
[ 1254.294407]  ? oom_killer_disable+0x3a0/0x3a0
[ 1254.298889]  ? kasan_check_write+0x14/0x20
[ 1254.303117]  ? do_raw_spin_lock+0xc1/0x200
[ 1254.307344]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1254.312176]  ? memcg_memory_event+0x40/0x40
[ 1254.316485]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1254.321410]  ? page_counter_try_charge+0x1c1/0x220
[ 1254.326328]  try_charge+0xc43/0x1690
[ 1254.330032]  ? ___might_sleep+0x1ed/0x300
[ 1254.334172]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1254.340216]  ? kasan_kmalloc+0xc7/0xe0
[ 1254.344096]  ? kmem_cache_alloc_node_trace+0x305/0x740
[ 1254.349375]  ? kasan_unpoison_shadow+0x35/0x50
[ 1254.353943]  ? kasan_kmalloc+0xc7/0xe0
[ 1254.357825]  ? __kmalloc_node_track_caller+0x47/0x70
[ 1254.362926]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1254.368456]  ? sk_forced_mem_schedule+0x13b/0x170
[ 1254.373287]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1254.378728]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1254.384269]  ? check_preemption_disabled+0x48/0x200
[ 1254.389276]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1254.394019]  ? mem_cgroup_sk_free+0x90/0x90
[ 1254.398330]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1254.403859]  ? tcp_chrono_stop+0x25f/0x520
[ 1254.408086]  sk_forced_mem_schedule+0x13b/0x170
[ 1254.412871]  sk_stream_alloc_skb+0x1ab/0x970
[ 1254.417275]  ? tcp_init_transfer+0x470/0x470
[ 1254.421672]  ? inet_twsk_free+0x135/0x190
[ 1254.425810]  ? tcp_close+0x1300/0x1300
[ 1254.429701]  tcp_connect+0x1283/0x4690
[ 1254.433586]  ? tcp_push_one+0x110/0x110
[ 1254.437549]  ? __sanitizer_cov_trace_cmp2+0x7/0x20
[ 1254.442468]  ? check_preemption_disabled+0x48/0x200
[ 1254.447470]  ? __inet_hash_connect+0x33d/0xfb0
[ 1254.452045]  ? do_ip_setsockopt.isra.14+0x2980/0x3e40
[ 1254.457225]  ? __local_bh_enable_ip+0x160/0x260
[ 1254.461879]  ? __inet_hash_connect+0x385/0xfb0
[ 1254.466449]  ? trace_hardirqs_on+0xbd/0x310
[ 1254.470759]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1254.476285]  ? inet_sk_state_store+0x126/0x570
[ 1254.480856]  ? inet_hash+0xb0/0xb0
[ 1254.484388]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1254.490184]  ? tcp_set_state+0x270/0x9d0
[ 1254.494234]  ? ip_route_output_key_hash+0x297/0x3b0
[ 1254.499239]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1254.504767]  ? tcp_fastopen_cookie_check+0x330/0x330
[ 1254.509860]  ? secure_tcp_ts_off+0xe6/0x1a0
[ 1254.514171]  ? secure_ipv6_port_ephemeral+0x2f0/0x2f0
[ 1254.519349]  ? check_preemption_disabled+0x48/0x200
[ 1254.524357]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1254.529884]  ? sk_setup_caps+0x209/0x690
[ 1254.533951]  tcp_v4_connect+0x1996/0x1dd0
[ 1254.538103]  ? tcp_v4_parse_md5_keys+0x340/0x340
[ 1254.542864]  __inet_stream_connect+0x992/0x1150
[ 1254.547522]  ? ___might_sleep+0x1ed/0x300
[ 1254.551756]  ? inet_dgram_connect+0x2e0/0x2e0
[ 1254.556243]  ? tcp_sendmsg_locked+0x32f9/0x3f00
[ 1254.560900]  ? kasan_unpoison_shadow+0x35/0x50
[ 1254.565469]  ? kasan_kmalloc+0xc7/0xe0
[ 1254.569348]  ? kmem_cache_alloc_trace+0x31f/0x750
[ 1254.574184]  tcp_sendmsg_locked+0x2bf2/0x3f00
[ 1254.578668]  ? debug_smp_processor_id+0x1c/0x20
[ 1254.583326]  ? __fget+0x4aa/0x740
[ 1254.586771]  ? perf_trace_lock+0x7a0/0x7a0
[ 1254.590997]  ? tcp_sendpage+0x60/0x60
[ 1254.594787]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1254.600402]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1254.604713]  ? aa_profile_af_perm+0x410/0x410
[ 1254.609198]  ? ksys_dup3+0x680/0x680
[ 1254.612914]  ? lock_acquire+0x1ed/0x520
[ 1254.616965]  ? tcp_sendmsg+0x21/0x50
[ 1254.620684]  ? trace_hardirqs_on+0xbd/0x310
[ 1254.624994]  ? lock_release+0x970/0x970
[ 1254.628956]  ? lock_sock_nested+0xe2/0x120
[ 1254.633178]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1254.638616]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1254.644145]  ? check_preemption_disabled+0x48/0x200
[ 1254.649148]  ? lock_sock_nested+0x9a/0x120
[ 1254.653373]  ? lock_sock_nested+0x9a/0x120
[ 1254.657601]  ? __local_bh_enable_ip+0x160/0x260
[ 1254.662264]  tcp_sendmsg+0x2f/0x50
[ 1254.665795]  inet_sendmsg+0x1a1/0x690
[ 1254.669592]  ? ipip_gro_receive+0x100/0x100
[ 1254.673904]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1254.678649]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1254.684179]  ? security_socket_sendmsg+0x94/0xc0
[ 1254.688923]  ? ipip_gro_receive+0x100/0x100
[ 1254.693249]  sock_sendmsg+0xd5/0x120
[ 1254.696955]  __sys_sendto+0x3d7/0x670
[ 1254.700748]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1254.705407]  ? arch_local_save_flags+0x40/0x40
[ 1254.709977]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1254.715427]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1254.720950]  ? compat_put_timespec64+0x110/0x280
[ 1254.725940]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1254.730684]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1254.735606]  ? trace_hardirqs_on+0xbd/0x310
[ 1254.739916]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1254.745443]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1254.750015]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1254.755457]  __ia32_sys_sendto+0xdf/0x1a0
[ 1254.759612]  do_fast_syscall_32+0x34d/0xfb2
[ 1254.763925]  ? do_int80_syscall_32+0x890/0x890
[ 1254.768496]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1254.773076]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1254.778088]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1254.782918]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1254.787926]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1254.792929]  ? recalc_sigpending_tsk+0x180/0x180
[ 1254.797680]  ? kasan_check_write+0x14/0x20
[ 1254.801904]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1254.806739]  entry_SYSENTER_compat+0x70/0x7f
[ 1254.811137] RIP: 0023:0xf7f56ca9
[ 1254.814493] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
15:26:05 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0xffffffffffff2d81)
fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000001440)='security.SMACK64\x00', &(0x7f0000001480)='vboxnet0\x00', 0x9, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff)
stat(&(0x7f0000001380)='./file0\x00', &(0x7f00000013c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x1f000000]}}}, 0x5c)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000001e40), &(0x7f0000001f00)=0x8)
accept4(0xffffffffffffffff, &(0x7f0000000000)=@ipx, &(0x7f00000000c0)=0x80, 0x0)
mq_unlink(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00')
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550c, &(0x7f0000000100))
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f0000000140)={0x540c, 0x2, 0x9, 0x0, 0x0, [], [], [], 0x7, 0x3})

15:26:05 executing program 3:
r0 = socket(0x1, 0xa, 0xffffffff)
getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:26:05 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1000000000010001)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000040)={@ipv4={[], [], @rand_addr}, <r1=>0x0}, &(0x7f0000000080)=0x14)
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000240)={{0x0, 0x3000, 0xd, 0x5, 0x3, 0x5, 0x8, 0x3f4e5a72, 0x7, 0x4d5b, 0x3, 0x81}, {0x3000, 0x6000, 0xc, 0x0, 0xfffffffffffffffb, 0xffffffff00000001, 0x9, 0x3, 0x8, 0x2f9f, 0xff, 0xfff}, {0x10f000, 0x6000, 0x8, 0x4, 0x5, 0x7, 0x0, 0x8, 0x20, 0xffffffff, 0x3}, {0x4000, 0xf000, 0x0, 0xe1ca, 0x8, 0x7, 0x7fff, 0x2, 0x1, 0x3, 0x7, 0x7}, {0x104000, 0x0, 0xa, 0x3, 0x1, 0x2064, 0x1, 0x80000000, 0x6, 0x7, 0x9, 0x2bb4}, {0xf000, 0x100000, 0x0, 0x0, 0x7, 0xf64, 0x0, 0x7, 0x80000001, 0x35, 0x7f, 0xff}, {0xf000, 0x14000, 0x13, 0x71, 0x1, 0x10000, 0x6, 0x0, 0x3, 0x0, 0x1, 0xea3}, {0x1, 0xf000, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x37, 0xa5b1, 0x101}, {0xf000, 0x1000}, {0x1}, 0x80040010, 0x0, 0x1, 0x400001, 0xe, 0x100, 0x10000, [0x847d, 0x401, 0x7fffffff, 0x7fff]})
ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000000200)={0x4, 0xfffffffffffffff8, 0x10000})
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@mpls_newroute={0x24, 0x18, 0x320, 0x70bd27, 0x25dfdbff, {0x1c, 0x0, 0x80, 0x3, 0x0, 0x2, 0xff, 0x1, 0x400}, [@RTA_OIF={0x8, 0x4, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x48811}, 0x11)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000380)={0xffffffffffffc769, 0x6, 0x0, 'queue0\x00', 0xe397})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f0000000440)={0xd49eb7572f2c02ff})

[ 1254.833380] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1254.841079] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 1254.848335] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000020e68000
[ 1254.855594] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[ 1254.862854] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1254.870110] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:06 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xb, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:06 executing program 2:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x4000, 0x0)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000040)={0xa, 0x6, 0x0, 0x1}, 0xa)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1254.946660] Task in /syz4 killed as a result of limit of /syz4
15:26:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)=<r2=>0x0)
sched_setaffinity(r2, 0x8, &(0x7f00000000c0)=0x5)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1255.009715] memory: usage 204800kB, limit 204800kB, failcnt 1246
[ 1255.034688] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1255.042561] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1255.050251] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1255.095005] Memory cgroup out of memory: Kill process 25138 (syz-executor4) score 161 or sacrifice child
15:26:06 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x9}, 0x6)

15:26:06 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2202000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:06 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000000)={0x79, 0x0, [0x6, 0x8, 0x7fff, 0x401]})

15:26:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [{}, {0x20, "766d6e65743123292d95"}, {0x20, '/dev/kvm\x00'}, {0x20, '\''}, {}], 0xa, "03615364b9a7ec618fce1fbe65a41ee4b6257fae34d2b11507105c925fc648b875fd548b6b1d5edbe1b75a34ce438d12892f8055b13d26f87b4a2bb5a1854dc5b1b94b2b99d71e"}, 0x6b)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000080)=0x200000000000)

[ 1255.114281] Killed process 25138 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1255.126989] oom_reaper: reaped process 25138 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:26:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in=@local, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000000400)=0xe8)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="1104000000000000", @ANYRES32=r3, @ANYBLOB="0000e1fff2ff040009000a00"], 0x24}, 0x1, 0x0, 0x0, 0x20008005}, 0x40000)
stat(&(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
fchown(r2, r4, r5)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000240)={0x2, 0xbfd, &(0x7f0000000080)="2ec7acabd54b14cfe60799c5afe14662041e93d5fb05c38152721a1e1d2f083a738de6884b567c9a3a40dc3b913393f8a51b1d477e866e3b5bd5e4f06ed9ae8e596ab2764b46aaef1078471712561393535413e766edbdd85230459ef8095af0525d284966adb9f49051aeaca5d18fcd5c5d0dd77314a4f81bd9fe3dcc23028af7ac5b050fba910cec3a044b988c248bc776f723895e3ab20165861cf1fb5ca2dd4f", &(0x7f0000000140)="8d08210106f4bf8da114d183fa2803372cf87703dfc910125521b24655382c10194e9d7aa850d491b7ca97182291c613406efe5e348190d189f8281cd7cb5b7eee819583fcda0daeeef579b7279512823a6f67482387eb7d2a4fa816a28951df32ee9c3f2409b3d7e59c2bd3c32abab050ce8b77d215193d432131a7898a5c5e01948562312773ca57e2627f3e96ff171d9f726c1600549db3a4805484823f61dfea4a00965ec7e14ddefc2c28edd4091031b59b04e8db18a7a031c2c043856b6432", 0xa2, 0xc2})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f00000007c0)={0x0, 0xffff, 0x35})
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000006c0)={0x401, 0x0, &(0x7f0000000500)="037a4025d76901a64b408967094084062a59e1f3cafa1b868ccfe6ddb99884ca7a560fedaf79ff9ef041d22780c2d15e2206ac7d9aaae08f5464c17741c76b044b3dc4833a0f0e7d98845c737183faafef37fb945f76c5eb7b79187580cf789c6df00cc3d8d4c3201de018bd34c998bc5f09a44f56953f8a2fe68541c037d995c9a629f56917229ac7763e914f600396c3471e9c5aa709d2df01", &(0x7f00000005c0)="3cd87b86ce37c66b11f9a7d2e2a09c7cb2432f542b9ddd0f0cb100802dde159bdcbb2876d64f82bcdbee4d25453c56ffa3b01504dd485761c3d344ea6a711c2c69edcfde2e3b293347dcc6e403afe68baba35c52af1a5cf0ab7d23314f8bb6bb8083cacb599002d8b2ea24c346afc35a22e6bfaed5fd3a4ddaa12d9fc34368311952da27dd9f362bf60a34d52a4a8f2e8e293c95126f317f758d3f0deea006a810935b564a228448f629ce11e9e7bd514e7559f9c5f5eb194c9149ec00cc7ffa5d0124fe", 0x9a, 0xc4})

15:26:06 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000000)={<r1=>0x0, 0x97, "c11a67ed8252d7e4a9874641c074d0eb4ba1f7de17bf51d0baf5adf5792df054b284a1a7cfe372f3079fd0bce4594e3b01d443df7d3c09f675f7082df3512b2dee6f537ad28b9c184bef02e3e46c3101ae2125f0c8ed872e71fca26c223da05ec85f3f6f283dbb1bdafbcaf410817105b2261c0c332e4cea8d667652f20bcab7cba324cd982b2f88d7c3f15d9f40886887ae245b9bf14a"}, &(0x7f0000000140)=0x9f)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000180)={r1, 0x77}, &(0x7f00000001c0)=0x8)

[ 1255.216968] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1255.277610] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1255.283666] CPU: 0 PID: 25194 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1255.291041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1255.300388] Call Trace:
[ 1255.302974]  dump_stack+0x1c4/0x2b4
[ 1255.306596]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1255.311783]  ? debug_smp_processor_id+0x1c/0x20
[ 1255.316442]  dump_header+0x27b/0xf72
[ 1255.320149]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1255.325676]  ? pagefault_out_of_memory+0x197/0x197
[ 1255.330597]  ? debug_smp_processor_id+0x1c/0x20
[ 1255.335256]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1255.340175]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1255.345094]  ? perf_trace_lock+0x7a0/0x7a0
[ 1255.349323]  ? perf_trace_lock+0x7a0/0x7a0
[ 1255.353551]  ? debug_smp_processor_id+0x1c/0x20
[ 1255.358220]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1255.363140]  ? mark_held_locks+0x130/0x130
[ 1255.367363]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1255.372888]  ? perf_trace_lock+0x7a0/0x7a0
[ 1255.377114]  ? task_will_free_mem+0x239/0xb30
[ 1255.381609]  ? ___ratelimit+0x36f/0x655
[ 1255.385574]  ? lock_downgrade+0x900/0x900
[ 1255.389719]  ? trace_hardirqs_on+0xbd/0x310
[ 1255.394036]  ? kasan_check_read+0x11/0x20
[ 1255.398260]  ? ___ratelimit+0x36f/0x655
[ 1255.402223]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1255.407661]  ? trace_hardirqs_on+0x310/0x310
[ 1255.412056]  ? lock_downgrade+0x900/0x900
[ 1255.416197]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1255.421287]  ? ___ratelimit+0xaa/0x655
[ 1255.425164]  ? idr_get_free+0xec0/0xec0
[ 1255.429234]  ? kasan_check_write+0x14/0x20
[ 1255.433471]  ? do_raw_spin_lock+0xc1/0x200
[ 1255.437695]  oom_kill_process.cold.27+0x10/0x903
[ 1255.442439]  ? kasan_check_write+0x14/0x20
[ 1255.446664]  ? do_raw_spin_lock+0xc1/0x200
[ 1255.450890]  ? oom_evaluate_task+0x540/0x540
[ 1255.455289]  ? cgroup_procs_next+0x70/0x70
[ 1255.459512]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1255.464255]  ? oom_badness+0xaa0/0xaa0
[ 1255.468148]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1255.472896]  ? mem_cgroup_iter_break+0x30/0x30
[ 1255.477470]  ? cgroup_file_notify+0x226/0x2f0
[ 1255.481954]  out_of_memory+0xa84/0x1430
[ 1255.485917]  ? kasan_check_read+0x11/0x20
[ 1255.490052]  ? oom_killer_disable+0x3a0/0x3a0
[ 1255.494533]  ? kasan_check_write+0x14/0x20
[ 1255.498765]  ? do_raw_spin_lock+0xc1/0x200
[ 1255.502993]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1255.507828]  ? memcg_memory_event+0x40/0x40
[ 1255.512138]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1255.516887]  ? page_counter_try_charge+0x1c1/0x220
[ 1255.521806]  try_charge+0xc43/0x1690
[ 1255.525595]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1255.530690]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1255.536752]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1255.541582]  ? lock_downgrade+0x900/0x900
[ 1255.545729]  ? lock_release+0x970/0x970
[ 1255.549702]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1255.555494]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1255.560324]  ? mem_cgroup_can_attach+0x580/0x580
[ 1255.565070]  ? memcg_kmem_charge+0x1c2/0x300
[ 1255.569469]  ? __might_sleep+0x95/0x190
[ 1255.573437]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1255.578025]  ? mem_cgroup_protected+0xa60/0xa60
[ 1255.582687]  ? __pte_alloc+0x1c7/0x350
[ 1255.586565]  ? kasan_check_read+0x11/0x20
[ 1255.590702]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1255.595097]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1255.599667]  ? kasan_check_write+0x14/0x20
[ 1255.603888]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1255.609416]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1255.614337]  __handle_mm_fault+0x273a/0x53e0
[ 1255.618742]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1255.623574]  ? debug_smp_processor_id+0x1c/0x20
[ 1255.628238]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1255.633161]  ? lock_acquire+0x1ed/0x520
[ 1255.637128]  ? handle_mm_fault+0x42a/0xc70
[ 1255.641348]  ? lock_downgrade+0x900/0x900
[ 1255.645489]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1255.651275]  ? __do_page_fault+0x67d/0xed0
[ 1255.655499]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1255.660938]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1255.666467]  ? check_preemption_disabled+0x48/0x200
[ 1255.671476]  handle_mm_fault+0x54f/0xc70
[ 1255.675529]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1255.680097]  ? find_vma+0x34/0x190
[ 1255.683625]  __do_page_fault+0x67d/0xed0
[ 1255.687677]  ? mm_fault_error+0x380/0x380
[ 1255.691811]  ? trace_hardirqs_on+0x310/0x310
[ 1255.696213]  do_page_fault+0xf2/0x7e0
[ 1255.700008]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1255.705531]  ? vmalloc_sync_all+0x30/0x30
[ 1255.709669]  ? error_entry+0x70/0xd0
[ 1255.713374]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1255.718377]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1255.723293]  ? do_syscall_64+0x820/0x820
[ 1255.727806]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1255.732638]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1255.737642]  ? trace_hardirqs_off+0x310/0x310
[ 1255.742128]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1255.747132]  ? page_fault+0x8/0x30
[ 1255.750660]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1255.755488]  ? page_fault+0x8/0x30
[ 1255.759019]  page_fault+0x1e/0x30
[ 1255.762456] RIP: 0023:0x804848a
[ 1255.765723] Code: 0f b6 c0 d3 e0 09 d0 88 06 e9 a7 01 00 00 8b 44 24 10 8b 54 24 14 0b 44 24 18 0b 54 24 1c 09 c2 75 10 8b 44 24 28 8b 74 24 20 <66> 89 30 e9 83 01 00 00 8a 4c 24 18 31 c0 8b 7c 24 28 f6 c1 20 0f
[ 1255.784618] RSP: 002b:000000000845fbd0 EFLAGS: 00010246
[ 1255.789966] RAX: 0000000020deb000 RBX: 0000000000000000 RCX: 000000003dd6315d
[ 1255.797229] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 1255.804482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1255.811747] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1255.819014] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:06 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0xfffffffffffffffd, 0x0, 0x0, 0x800000000000000, 0x7e6})

15:26:06 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xe02, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:06 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)

[ 1255.843359] Task in /syz4 killed as a result of limit of /syz4
[ 1255.856120] memory: usage 204756kB, limit 204800kB, failcnt 1282
[ 1255.892213] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1255.910856] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1255.917678] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:140KB inactive_file:0KB active_file:0KB unevictable:0KB
15:26:07 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:07 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1255.938630] Memory cgroup out of memory: Kill process 25194 (syz-executor4) score 161 or sacrifice child
[ 1255.948868] Killed process 25194 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1255.998107] oom_reaper: reaped process 25194 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:26:07 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x8055000000000000}, 0x6)

15:26:07 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000000)={0x70, 0x400, 0x7, 0xfffffffffffffffc, 0x2})

15:26:07 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000080)=0xff, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:07 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2900, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, &(0x7f0000000180)=0xfffffffffffffffb)
fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000100)=0x2)
ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f00000001c0)={0xf, 0x3, 0x2})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r3, 0xae44, 0x3ff)
syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0x101, 0x280)
fsetxattr$trusted_overlay_nlink(r3, &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'L-', 0x100000001}, 0x28, 0x2)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0xae78, &(0x7f0000000040)=0xfffffffffffffffe)

15:26:07 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1256.130533] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0
[ 1256.192242] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1256.203239] CPU: 1 PID: 25240 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1256.210638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1256.210645] Call Trace:
[ 1256.210668]  dump_stack+0x1c4/0x2b4
[ 1256.210698]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1256.231517]  ? mark_held_locks+0x130/0x130
[ 1256.235761]  ? mark_held_locks+0x130/0x130
[ 1256.240025]  dump_header+0x27b/0xf72
[ 1256.243752]  ? debug_smp_processor_id+0x1c/0x20
[ 1256.248436]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1256.253986]  ? pagefault_out_of_memory+0x197/0x197
[ 1256.258923]  ? debug_smp_processor_id+0x1c/0x20
[ 1256.258942]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1256.268603]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1256.268627]  ? perf_trace_lock+0x7a0/0x7a0
[ 1256.277770]  ? perf_trace_lock+0x7a0/0x7a0
[ 1256.282020]  ? debug_smp_processor_id+0x1c/0x20
[ 1256.286707]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1256.291628]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1256.297153]  ? perf_trace_lock+0x7a0/0x7a0
[ 1256.301374]  ? task_will_free_mem+0x239/0xb30
[ 1256.305865]  ? ___ratelimit+0x36f/0x655
[ 1256.309837]  ? lock_downgrade+0x900/0x900
[ 1256.313983]  ? trace_hardirqs_on+0xbd/0x310
[ 1256.318292]  ? kasan_check_read+0x11/0x20
[ 1256.322426]  ? ___ratelimit+0x36f/0x655
[ 1256.326403]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1256.331838]  ? trace_hardirqs_on+0x310/0x310
[ 1256.336232]  ? lock_downgrade+0x900/0x900
[ 1256.340377]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1256.345475]  ? ___ratelimit+0xaa/0x655
[ 1256.349466]  ? idr_get_free+0xec0/0xec0
[ 1256.353428]  ? kasan_check_write+0x14/0x20
[ 1256.357665]  ? do_raw_spin_lock+0xc1/0x200
[ 1256.361897]  oom_kill_process.cold.27+0x10/0x903
[ 1256.366649]  ? kasan_check_write+0x14/0x20
[ 1256.370888]  ? do_raw_spin_lock+0xc1/0x200
[ 1256.375114]  ? oom_evaluate_task+0x540/0x540
[ 1256.379510]  ? cgroup_procs_next+0x70/0x70
[ 1256.383734]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1256.388213]  ? oom_badness+0xaa0/0xaa0
[ 1256.392088]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1256.396828]  ? mem_cgroup_iter_break+0x30/0x30
[ 1256.401515]  ? cgroup_file_notify+0x226/0x2f0
[ 1256.406016]  out_of_memory+0xa84/0x1430
[ 1256.410073]  ? kasan_check_read+0x11/0x20
[ 1256.414209]  ? oom_killer_disable+0x3a0/0x3a0
[ 1256.418700]  ? kasan_check_write+0x14/0x20
[ 1256.422920]  ? do_raw_spin_lock+0xc1/0x200
[ 1256.427263]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1256.432097]  ? memcg_memory_event+0x40/0x40
[ 1256.436409]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1256.441327]  ? page_counter_try_charge+0x1c1/0x220
[ 1256.446342]  try_charge+0xc43/0x1690
[ 1256.450143]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1256.456192]  ? tcp_sendmsg+0x2f/0x50
[ 1256.459904]  ? sock_sendmsg+0xd5/0x120
[ 1256.463870]  ? __sys_sendto+0x3d7/0x670
[ 1256.467838]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1256.472144]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1256.476627]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1256.481195]  ? fs_reclaim_acquire+0x20/0x20
[ 1256.485501]  ? lock_downgrade+0x900/0x900
[ 1256.489639]  ? ___might_sleep+0x1ed/0x300
[ 1256.493773]  ? trace_hardirqs_on+0xbd/0x310
[ 1256.498084]  ? lock_downgrade+0x900/0x900
[ 1256.502227]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1256.507317]  ? kasan_unpoison_shadow+0x35/0x50
[ 1256.511903]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1256.517019]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1256.522478]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1256.528008]  ? check_preemption_disabled+0x48/0x200
[ 1256.533012]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1256.537793]  ? mem_cgroup_sk_free+0x90/0x90
[ 1256.542108]  __sk_mem_raise_allocated+0x642/0x1800
[ 1256.547023]  ? __tcp_transmit_skb+0x3fc0/0x3fc0
[ 1256.551685]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1256.556002]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1256.561007]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1256.565752]  ? sock_kzfree_s+0x60/0x60
[ 1256.569625]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1256.574628]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1256.579205]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1256.584217]  ? skb_entail+0x618/0x8c0
[ 1256.588016]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1256.593191]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1256.597852]  __sk_mem_schedule+0x6d/0xe0
[ 1256.601900]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1256.607441]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1256.611936]  ? tcp_sendpage+0x60/0x60
[ 1256.615728]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1256.621250]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1256.625561]  ? aa_profile_af_perm+0x410/0x410
[ 1256.630045]  ? ksys_dup3+0x680/0x680
[ 1256.633754]  ? lock_acquire+0x1ed/0x520
[ 1256.637722]  ? tcp_sendmsg+0x21/0x50
[ 1256.641439]  ? trace_hardirqs_on+0xbd/0x310
[ 1256.645743]  ? lock_release+0x970/0x970
[ 1256.649704]  ? lock_sock_nested+0xe2/0x120
[ 1256.653937]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1256.659376]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1256.664901]  ? check_preemption_disabled+0x48/0x200
[ 1256.669911]  ? lock_sock_nested+0x9a/0x120
[ 1256.674131]  ? lock_sock_nested+0x9a/0x120
[ 1256.678352]  ? __local_bh_enable_ip+0x160/0x260
[ 1256.683010]  tcp_sendmsg+0x2f/0x50
[ 1256.686539]  inet_sendmsg+0x1a1/0x690
[ 1256.690346]  ? ipip_gro_receive+0x100/0x100
[ 1256.694666]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1256.699409]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1256.704938]  ? security_socket_sendmsg+0x94/0xc0
[ 1256.709682]  ? ipip_gro_receive+0x100/0x100
[ 1256.714011]  sock_sendmsg+0xd5/0x120
[ 1256.717733]  __sys_sendto+0x3d7/0x670
[ 1256.721542]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1256.726221]  ? arch_local_save_flags+0x40/0x40
[ 1256.730811]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1256.736287]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1256.741834]  ? compat_put_timespec64+0x110/0x280
[ 1256.746603]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1256.751358]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1256.756293]  ? trace_hardirqs_on+0xbd/0x310
[ 1256.756307]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1256.756325]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1256.770771]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1256.776344]  __ia32_sys_sendto+0xdf/0x1a0
[ 1256.780595]  do_fast_syscall_32+0x34d/0xfb2
[ 1256.784933]  ? do_int80_syscall_32+0x890/0x890
[ 1256.789528]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1256.794123]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1256.799153]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1256.804008]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1256.809035]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1256.814083]  ? recalc_sigpending_tsk+0x180/0x180
[ 1256.818842]  ? kasan_check_write+0x14/0x20
[ 1256.818864]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1256.818884]  entry_SYSENTER_compat+0x70/0x7f
[ 1256.827953] RIP: 0023:0xf7f56ca9
[ 1256.827971] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1256.827983] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1256.862345] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1256.869621] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1256.876908] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1256.884186] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
15:26:07 executing program 5:
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x4004550c, &(0x7f0000000100))

15:26:07 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000000)=""/81)

15:26:07 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x3620)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:26:07 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000080)={<r2=>0x0, 0xbb, 0x30, 0x40, 0x4}, &(0x7f00000000c0)=0x18)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000100)={r2, 0xb0, "60779ae6c7c495ad54d88c53edee36d8fc1ae5858462d49f8267e2278b166646d335786038eaf145b16e1c152af374d544f35f1ea6fcb891932eaa9767cd08d2c3f67b9aed418f0608c1ccf89547ad22754eed7f149aec2c0ef95f49c7fce50151e9d03b42b2f7a4b5fe5a93416744b8ba4b5903ef008e2b40a5340313401873a9fd78c543810c1f95497fb49bd3f2008cac6ec20a7df5ff1ed877add32559cee92ae1fc2f05a7673c553e5a0ffca9d7"}, &(0x7f00000001c0)=0xb8)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0xae78, &(0x7f0000000040))

15:26:07 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:07 executing program 2:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0xa0100, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
sendfile64(r0, r1, &(0x7f00000002c0), 0x2b14)
r2 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_GETFLAGS(r2, 0x80046601, &(0x7f0000000040))
ioctl$FS_IOC_FSGETXATTR(r2, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000200)={0x7, 0x7, 0xffffffffffffffff, 0x81, 0x401, 0x8000, 0x7f, 0x3, 0x7fffffff, 0x7, 0x1, 0x7})
ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f0000000140)=""/138)
memfd_create(&(0x7f0000000000)="f747504c262d00", 0x2)

[ 1256.891913] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1256.904126] Task in /syz4 killed as a result of limit of /syz4
[ 1256.918149] memory: usage 204796kB, limit 204800kB, failcnt 1328
[ 1256.945112] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1256.993209] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1257.006853] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1257.043018] Memory cgroup out of memory: Kill process 25239 (syz-executor4) score 161 or sacrifice child
[ 1257.060202] Killed process 25239 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1257.073922] oom_reaper: reaped process 25239 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
15:26:08 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x8004020000000000}, 0x6)

15:26:08 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
r1 = getpgrp(0xffffffffffffffff)
fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1, 0x1, 0x2, 0x100000000, r1})

15:26:08 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x3c00000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
sync()

15:26:08 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0xffffffff, 0x4000)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f00000000c0))
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:08 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x7000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1257.190740] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1257.207409] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1257.243152] CPU: 1 PID: 25272 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1257.250556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1257.259911] Call Trace:
[ 1257.262514]  dump_stack+0x1c4/0x2b4
[ 1257.266154]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1257.271356]  ? debug_smp_processor_id+0x1c/0x20
[ 1257.276040]  dump_header+0x27b/0xf72
[ 1257.279770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1257.285316]  ? pagefault_out_of_memory+0x197/0x197
[ 1257.290254]  ? debug_smp_processor_id+0x1c/0x20
[ 1257.294930]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1257.299862]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1257.304798]  ? perf_trace_lock+0x7a0/0x7a0
[ 1257.309037]  ? perf_trace_lock+0x7a0/0x7a0
[ 1257.313365]  ? debug_smp_processor_id+0x1c/0x20
[ 1257.318044]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1257.322972]  ? mark_held_locks+0x130/0x130
[ 1257.327211]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1257.332753]  ? perf_trace_lock+0x7a0/0x7a0
[ 1257.337118]  ? task_will_free_mem+0x239/0xb30
[ 1257.341632]  ? ___ratelimit+0x36f/0x655
[ 1257.345621]  ? lock_downgrade+0x900/0x900
[ 1257.349774]  ? trace_hardirqs_on+0xbd/0x310
[ 1257.354097]  ? kasan_check_read+0x11/0x20
[ 1257.358254]  ? ___ratelimit+0x36f/0x655
[ 1257.362230]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1257.367682]  ? trace_hardirqs_on+0x310/0x310
[ 1257.372094]  ? lock_downgrade+0x900/0x900
[ 1257.376248]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1257.381351]  ? ___ratelimit+0xaa/0x655
[ 1257.385244]  ? idr_get_free+0xec0/0xec0
[ 1257.389226]  ? kasan_check_write+0x14/0x20
[ 1257.393464]  ? do_raw_spin_lock+0xc1/0x200
[ 1257.397709]  oom_kill_process.cold.27+0x10/0x903
[ 1257.402467]  ? kasan_check_write+0x14/0x20
[ 1257.406705]  ? do_raw_spin_lock+0xc1/0x200
[ 1257.411033]  ? oom_evaluate_task+0x540/0x540
[ 1257.415448]  ? cgroup_procs_next+0x70/0x70
[ 1257.419686]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1257.424186]  ? oom_badness+0xaa0/0xaa0
[ 1257.428093]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1257.432863]  ? mem_cgroup_iter_break+0x30/0x30
[ 1257.437461]  ? cgroup_file_notify+0x226/0x2f0
[ 1257.441960]  out_of_memory+0xa84/0x1430
[ 1257.445935]  ? kasan_check_read+0x11/0x20
[ 1257.450087]  ? oom_killer_disable+0x3a0/0x3a0
[ 1257.454579]  ? kasan_check_write+0x14/0x20
[ 1257.458822]  ? do_raw_spin_lock+0xc1/0x200
[ 1257.463069]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1257.467914]  ? memcg_memory_event+0x40/0x40
[ 1257.472236]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1257.477000]  ? page_counter_try_charge+0x1c1/0x220
[ 1257.481946]  try_charge+0xc43/0x1690
[ 1257.485669]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1257.490892]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1257.497057]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1257.501908]  ? lock_downgrade+0x900/0x900
[ 1257.506052]  ? lock_release+0x970/0x970
[ 1257.506070]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1257.506094]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1257.515831]  ? mem_cgroup_can_attach+0x580/0x580
[ 1257.515846]  ? memcg_kmem_charge+0x1c2/0x300
[ 1257.515866]  ? __might_sleep+0x95/0x190
[ 1257.533894]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1257.538493]  ? mem_cgroup_protected+0xa60/0xa60
[ 1257.543175]  ? __pte_alloc+0x1c7/0x350
[ 1257.547079]  ? kasan_check_read+0x11/0x20
[ 1257.551246]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1257.555660]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1257.560245]  ? kasan_check_write+0x14/0x20
[ 1257.564476]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1257.564496]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1257.564511]  __handle_mm_fault+0x273a/0x53e0
[ 1257.564530]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1257.584341]  ? lock_acquire+0x1ed/0x520
[ 1257.588335]  ? handle_mm_fault+0x42a/0xc70
[ 1257.592574]  ? lock_downgrade+0x900/0x900
[ 1257.596719]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1257.602509]  ? __do_page_fault+0x67d/0xed0
[ 1257.606725]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1257.612158]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1257.617694]  ? check_preemption_disabled+0x48/0x200
[ 1257.622716]  handle_mm_fault+0x54f/0xc70
[ 1257.626763]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1257.631327]  ? find_vma+0x34/0x190
[ 1257.634855]  __do_page_fault+0x67d/0xed0
[ 1257.638903]  ? mm_fault_error+0x380/0x380
[ 1257.643032]  ? trace_hardirqs_on+0x310/0x310
[ 1257.647422]  ? entry_INT80_compat+0x74/0x7e
[ 1257.651729]  do_page_fault+0xf2/0x7e0
[ 1257.655516]  ? vmalloc_sync_all+0x30/0x30
[ 1257.659644]  ? error_entry+0x70/0xd0
[ 1257.663341]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1257.668342]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1257.673258]  ? do_syscall_64+0x820/0x820
[ 1257.677301]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1257.682125]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1257.687121]  ? trace_hardirqs_off+0x310/0x310
[ 1257.691603]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1257.697125]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1257.702124]  ? page_fault+0x8/0x30
[ 1257.705649]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1257.710561]  ? page_fault+0x8/0x30
[ 1257.714089]  page_fault+0x1e/0x30
[ 1257.717522] RIP: 0023:0x806a9d6
[ 1257.720788] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[ 1257.740269] RSP: 002b:000000000845fc28 EFLAGS: 00010246
[ 1257.745616] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 1257.752873] RDX: 0000000000000000 RSI: 0000000008150618 RDI: 0000000020000000
[ 1257.760122] RBP: 000000000814af6c R08: 0000000000000000 R09: 0000000000000000
[ 1257.767374] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1257.774626] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1257.785108] Task in /syz4 killed as a result of limit of /syz4
[ 1257.791137] memory: usage 204800kB, limit 204800kB, failcnt 1342
[ 1257.797309] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1257.797316] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1257.797324] Memory cgroup stats for 
[ 1257.810218] /syz4: cache:152KB rss:180KB
[ 1257.818530]  rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:148KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1257.834334] Memory cgroup out of memory: Kill process 25272 (syz-executor4) score 161 or sacrifice child
[ 1257.845495] Killed process 25272 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1257.856764] oom_reaper: reaped process 25272 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
15:26:08 executing program 2:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x500, 0x0)
connect$netlink(r0, &(0x7f0000000140)=@unspec, 0xc)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x4000000000006, 0x5)
ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f0000000180))
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$KVM_NMI(r1, 0xae9a)
r2 = dup(r1)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4)

15:26:08 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$IP_VS_SO_GET_DESTS(r2, 0x0, 0x484, &(0x7f0000000080)=""/143, &(0x7f0000000140)=0x8f)

15:26:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000500)={0x0, <r2=>0x0})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000006c0))
r3 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x7003, 0x7500000000000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000240)="5500000018007f0c00fe01b2a4a280930a600800ffa84302910000002d00090023000c000b0000000d000500fe8000740000c78b80082314e9030b9d566885b167320b00dc1338d54400009b84136ef75afb83de44", 0x55}], 0x1, &(0x7f0000000080)}, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:08 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x3c, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:08 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xfdffffff}, 0x6)

15:26:09 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x30, 0xfffffffffffffffd)
fchmodat(r0, &(0x7f0000000000)='./file0\x00', 0x4)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000140)={{{@in6, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f0000000240)=0xe8)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, <r2=>0x0}, &(0x7f00000002c0)=0xc)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x5, {{0x3, 0x0, 0x9, 0x8, 0x4, 0x5, {0x2, 0x8, 0x7, 0x8801, 0x40, 0x0, 0xbb, 0x10000, 0x4, 0xffffffff, 0xff, r1, r2, 0xa6dd, 0x5}}, {0x0, 0x4}}}, 0xa0)
socket$kcm(0x29, 0x5, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
mknod(&(0x7f0000000080)='./file0\x00', 0x8120, 0xfffffffe)

[ 1257.958490] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1258.008080] netlink: 9 bytes leftover after parsing attributes in process `syz-executor3'.
[ 1258.016564] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1258.023313] CPU: 1 PID: 25299 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1258.030700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1258.040044] Call Trace:
[ 1258.042633]  dump_stack+0x1c4/0x2b4
[ 1258.046268]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1258.051468]  dump_header+0x27b/0xf72
[ 1258.051488]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1258.060980]  ? pagefault_out_of_memory+0x197/0x197
[ 1258.065924]  ? rcu_read_unlock+0x33/0x60
[ 1258.069990]  ? mem_cgroup_iter+0x514/0x1160
[ 1258.074328]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1258.079088]  ? css_task_iter_end+0x222/0x490
[ 1258.079102]  ? lock_downgrade+0x900/0x900
[ 1258.079120]  ? trace_hardirqs_on+0xbd/0x310
[ 1258.091963]  ? kasan_check_read+0x11/0x20
[ 1258.096124]  ? css_task_iter_end+0x222/0x490
[ 1258.100551]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1258.106012]  ? kasan_check_write+0x14/0x20
[ 1258.110260]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.114503]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1258.119007]  ? css_task_iter_end+0x2ce/0x490
[ 1258.123429]  ? cgroup_procs_next+0x70/0x70
[ 1258.127671]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1258.132169]  ? oom_badness+0xaa0/0xaa0
[ 1258.136063]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1258.140828]  ? mem_cgroup_iter_break+0x30/0x30
[ 1258.145430]  ? cgroup_file_notify+0x226/0x2f0
[ 1258.149933]  out_of_memory.cold.30+0xf/0x184
[ 1258.154343]  ? kasan_check_read+0x11/0x20
[ 1258.158494]  ? oom_killer_disable+0x3a0/0x3a0
[ 1258.162997]  ? kasan_check_write+0x14/0x20
[ 1258.167245]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.167268]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1258.167283]  ? memcg_memory_event+0x40/0x40
[ 1258.176337]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1258.176358]  ? page_counter_try_charge+0x1c1/0x220
[ 1258.176372]  try_charge+0xc43/0x1690
[ 1258.176391]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1258.199167]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1258.205236]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1258.210091]  ? lock_downgrade+0x900/0x900
[ 1258.214252]  ? lock_release+0x970/0x970
[ 1258.218238]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1258.224041]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.228295]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1258.233242]  ? mem_cgroup_can_attach+0x580/0x580
[ 1258.238008]  ? filemap_map_pages+0xdc3/0x1980
[ 1258.242516]  ? __might_sleep+0x95/0x190
[ 1258.246507]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1258.251104]  ? mem_cgroup_protected+0xa60/0xa60
[ 1258.255773]  ? swp_swapcount+0x530/0x530
[ 1258.259848]  ? find_get_pages_range_tag+0x1320/0x1320
[ 1258.265045]  ? check_preemption_disabled+0x48/0x200
[ 1258.270067]  ? mark_held_locks+0x130/0x130
[ 1258.274314]  ? debug_smp_processor_id+0x1c/0x20
[ 1258.274334]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1258.274357]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1258.289465]  wp_page_copy+0x46c/0x14f0
[ 1258.289482]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.289500]  ? follow_pfn+0x2e0/0x2e0
[ 1258.299870] IPVS: ftp: loaded support on port[0] = 21
[ 1258.302686]  ? perf_trace_lock+0x7a0/0x7a0
[ 1258.302703]  ? do_wp_page+0x76c/0x1390
[ 1258.302719]  ? lock_downgrade+0x900/0x900
[ 1258.320134]  ? kasan_check_write+0x14/0x20
[ 1258.324387]  ? kasan_check_read+0x11/0x20
[ 1258.328559]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1258.332973]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1258.337571]  ? __pte_alloc_kernel+0x220/0x220
[ 1258.342084]  do_wp_page+0x774/0x1390
[ 1258.345809]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1258.350504]  ? lock_downgrade+0x900/0x900
[ 1258.350521]  ? lock_release+0x970/0x970
[ 1258.350545]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.364174]  ? check_preemption_disabled+0x48/0x200
[ 1258.369198]  ? kasan_check_read+0x11/0x20
[ 1258.373350]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1258.378895]  ? kasan_check_write+0x14/0x20
[ 1258.383136]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.383159]  __handle_mm_fault+0x2c60/0x53e0
[ 1258.391779]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1258.396626]  ? debug_smp_processor_id+0x1c/0x20
[ 1258.396641]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1258.396664]  ? lock_acquire+0x1ed/0x520
[ 1258.406232]  ? handle_mm_fault+0x42a/0xc70
[ 1258.406245]  ? lock_downgrade+0x900/0x900
[ 1258.406265]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1258.424362]  ? __do_page_fault+0x67d/0xed0
[ 1258.424380]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1258.424395]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1258.424413]  ? check_preemption_disabled+0x48/0x200
[ 1258.434077]  handle_mm_fault+0x54f/0xc70
[ 1258.434095]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1258.434109]  ? find_vma+0x34/0x190
15:26:09 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x40)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:09 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x1000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:09 executing program 2:
setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000040)={0x1000}, 0x4)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x801)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x808000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="280428bd700027050700000300004008000600070000"], 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x851)
getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x40})
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000000))

15:26:09 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x3c000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:09 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x1, 0xfffffffffffffffc})

15:26:09 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:09 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x1)
r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x9, 0x0)
ppoll(&(0x7f0000000080)=[{r0, 0x8000}, {r1, 0x4000}], 0x2, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)={0x1}, 0x8)
r2 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r2, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1258.434127]  __do_page_fault+0x67d/0xed0
[ 1258.444656]  ? mm_fault_error+0x380/0x380
[ 1258.444670]  ? trace_hardirqs_on+0x310/0x310
[ 1258.444694]  do_page_fault+0xf2/0x7e0
[ 1258.453400]  ? vmalloc_sync_all+0x30/0x30
[ 1258.453416]  ? error_entry+0x70/0xd0
[ 1258.453432]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1258.453447]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1258.461015]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1258.461031]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1258.461041]  ? trace_hardirqs_off+0x310/0x310
15:26:09 executing program 1:
r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x5, 0x8000)
accept4$vsock_stream(r0, &(0x7f00000000c0)={0x28, 0x0, 0x2710, @my=0x0}, 0x10, 0x80800)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

[ 1258.461059]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1258.469573]  ? page_fault+0x8/0x30
[ 1258.469590]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1258.469604]  ? page_fault+0x8/0x30
[ 1258.469619]  page_fault+0x1e/0x30
[ 1258.477533] RIP: 0023:0x807ee87
[ 1258.477550] Code: 05 08 89 15 bc 36 46 08 85 c0 74 0c 83 ec 0c 51 e8 ee 71 fd ff 83 c4 10 8b 45 e4 85 c0 0f 85 48 01 00 00 8b 75 e0 31 db 31 c9 <66> 89 1d 0e 47 12 08 c7 05 f8 46 12 08 00 00 00 00 c7 05 fc 46 12
[ 1258.477558] RSP: 002b:000000000845fd80 EFLAGS: 00010246
[ 1258.477573] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 1258.486262] RDX: 00000000000002a4 RSI: 000000000845fd80 RDI: 0000000000000000
[ 1258.486270] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1258.486279] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1258.486291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1258.505125] Memory limit reached of cgroup 
[ 1258.550045] /syz4
[ 1258.598863] memory: usage 204680kB, limit 204800kB, failcnt 1358
[ 1258.608939] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1258.615908] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1258.626479] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:76KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1258.671446] netlink: 9 bytes leftover after parsing attributes in process `syz-executor3'.
[ 1258.673418] Out of memory and no killable processes...
[ 1258.696833] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1258.707835] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1258.713920] CPU: 0 PID: 25336 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
15:26:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x100, 0x800)
ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000100)=<r4=>0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r4})
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))
io_setup(0x7, &(0x7f0000000180)=<r5=>0x0)
io_submit(r5, 0x3, &(0x7f0000000580)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7, 0xfffffffffffffe01, r2, &(0x7f00000001c0)="c72fdb0f93f3705e2c26bad42724e498acbf8333d9e450411057d63c3f9c8496991785a249f746b69204db14ca2f9c290ec94563c755a2d94fc26f363fd386fd42425be2f099f7cca9244316b83a6de7f71c7e4221ee9ae43ae107ac2bc7b286ec18a55a0d0b30a57e9ab153373ef27fa0427901eba8e87ffd127717b31e1d8ebb21850b3b90c0962b47d1d53e2bd15f4a06f3d9407aba0fb5c809cb76913c6977e40a7730bf001bed59a5658fbebceb22be4ccf0f3e1ca0495401f69d88f960f1678c0e0c4f7bba37f44f052082d9b5ecc06e006cfc307ce3a1e56d492f67d62715052f3311556d31e554a421938ee622b52ff6a8a94d802399", 0xfa, 0x5, 0x0, 0x0, r1}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r3, &(0x7f0000000300)="13ed7f6ad479bd24ffad7169b1e06a2695db3910df1eeb79c0a39b0990cb7b2ef23cc5050fe10b4623f439d79d9995396e686ceed067b4a8daaa28ebc35dee48441184a6bf432eb4f0b1c6f04363e9d1b9f6a19957d5ace535e0a23f0f5d1976badc634adcf4f1d93484e045a36233d8010278a6df5ec2c3be35c523af3abe0ef18b52e15dc11bdffea2c7cc4007677d77d287c176af14e124b72fd0fea92afdea89ab0cf6fb12297dce4878e739bf44b0f27b4ab2687e7d34b22fac1802a5503d6ae331b22d48b11b58bed2e034d8722b34853b28c956e981a00f4d4ac764119ff261b771b790e5624a631a22ae365850d995d6d92a02cdbb", 0xf9, 0x9a, 0x0, 0x3, r1}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x2, r0, &(0x7f0000000440)="5233ae3da88ddb03f6785522fed5faba20c77540c53337ba421d07e327e1803f16afde794e907dd9abc3b15eca2ee483e93d1c5b218a14031839a98b57efee37238aaa41857340a8f5353d1dee6fc46ad8299a86c5f01d51cea793e60502ba1f984c36e77cb2f64837414c2cdca1051ea1255f1a7ce4e25207448d4e45b9375d40c3b5662441488524fd4e73fc9c2d867fc53b01a427c5ae3dc0e9ff759c54a37eb9f0616637d1bbc7a599684023a0023feec06dae2eed2112a80f0312774ea5f598388cf0eaa07bf7aa177891413af3f8d0ce4e66", 0xd5, 0x1, 0x0, 0x2, r1}])

15:26:09 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x222, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1258.721296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1258.730841] Call Trace:
[ 1258.730869]  dump_stack+0x1c4/0x2b4
[ 1258.737058]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1258.742260]  ? debug_smp_processor_id+0x1c/0x20
[ 1258.746937]  dump_header+0x27b/0xf72
[ 1258.750864]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.756402]  ? pagefault_out_of_memory+0x197/0x197
[ 1258.756419]  ? debug_smp_processor_id+0x1c/0x20
[ 1258.756434]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1258.756445]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1258.756460]  ? perf_trace_lock+0x7a0/0x7a0
[ 1258.756474]  ? perf_trace_lock+0x7a0/0x7a0
[ 1258.766062]  ? debug_smp_processor_id+0x1c/0x20
[ 1258.775890]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1258.775902]  ? mark_held_locks+0x130/0x130
[ 1258.775918]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.775933]  ? perf_trace_lock+0x7a0/0x7a0
[ 1258.775949]  ? task_will_free_mem+0x239/0xb30
[ 1258.775974]  ? ___ratelimit+0x36f/0x655
[ 1258.775988]  ? lock_downgrade+0x900/0x900
[ 1258.776005]  ? trace_hardirqs_on+0xbd/0x310
[ 1258.776015]  ? kasan_check_read+0x11/0x20
[ 1258.776026]  ? ___ratelimit+0x36f/0x655
[ 1258.776040]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1258.776052]  ? trace_hardirqs_on+0x310/0x310
[ 1258.776063]  ? lock_downgrade+0x900/0x900
[ 1258.776081]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1258.776095]  ? ___ratelimit+0xaa/0x655
[ 1258.776110]  ? idr_get_free+0xec0/0xec0
[ 1258.776121]  ? kasan_check_write+0x14/0x20
[ 1258.776135]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.776152]  oom_kill_process.cold.27+0x10/0x903
[ 1258.776167]  ? kasan_check_write+0x14/0x20
[ 1258.784609]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.784629]  ? oom_evaluate_task+0x540/0x540
[ 1258.784645]  ? cgroup_procs_next+0x70/0x70
[ 1258.784662]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1258.794246]  ? oom_badness+0xaa0/0xaa0
[ 1258.794263]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1258.794279]  ? mem_cgroup_iter_break+0x30/0x30
[ 1258.794305]  ? cgroup_file_notify+0x226/0x2f0
[ 1258.804173]  out_of_memory+0xa84/0x1430
[ 1258.804189]  ? kasan_check_read+0x11/0x20
[ 1258.804203]  ? oom_killer_disable+0x3a0/0x3a0
[ 1258.804217]  ? kasan_check_write+0x14/0x20
[ 1258.812915]  ? do_raw_spin_lock+0xc1/0x200
[ 1258.812939]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1258.812952]  ? memcg_memory_event+0x40/0x40
[ 1258.812969]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1258.821067]  ? page_counter_try_charge+0x1c1/0x220
[ 1258.821084]  try_charge+0xc43/0x1690
[ 1258.829525]  ? ___might_sleep+0x1ed/0x300
[ 1258.829549]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1258.839020]  ? kasan_kmalloc+0xc7/0xe0
[ 1258.839043]  ? kmem_cache_alloc_node_trace+0x305/0x740
[ 1258.847559]  ? kasan_unpoison_shadow+0x35/0x50
[ 1258.847575]  ? kasan_kmalloc+0xc7/0xe0
[ 1258.856533]  ? __kmalloc_node_track_caller+0x47/0x70
[ 1258.856551]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1258.856572]  ? sk_forced_mem_schedule+0x13b/0x170
[ 1258.856590]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1258.864769]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1258.864787]  ? check_preemption_disabled+0x48/0x200
[ 1258.864808]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1258.873770]  ? mem_cgroup_sk_free+0x90/0x90
[ 1258.873787]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.873799]  ? tcp_chrono_stop+0x25f/0x520
[ 1258.873818]  sk_forced_mem_schedule+0x13b/0x170
[ 1258.882276]  sk_stream_alloc_skb+0x1ab/0x970
[ 1258.882294]  ? tcp_init_transfer+0x470/0x470
[ 1258.895838]  ? inet_twsk_free+0x135/0x190
[ 1258.895856]  ? tcp_close+0x1300/0x1300
[ 1258.895875]  tcp_connect+0x1283/0x4690
[ 1258.895894]  ? tcp_push_one+0x110/0x110
[ 1258.895908]  ? __sanitizer_cov_trace_cmp2+0x7/0x20
[ 1258.895923]  ? check_preemption_disabled+0x48/0x200
[ 1258.895935]  ? __inet_hash_connect+0x33d/0xfb0
[ 1258.895950]  ? do_ip_setsockopt.isra.14+0x2980/0x3e40
[ 1258.895968]  ? __local_bh_enable_ip+0x160/0x260
[ 1258.895984]  ? __inet_hash_connect+0x385/0xfb0
[ 1258.895999]  ? trace_hardirqs_on+0xbd/0x310
[ 1258.896012]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1258.896028]  ? inet_sk_state_store+0x126/0x570
[ 1258.896044]  ? inet_hash+0xb0/0xb0
[ 1258.896063]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1258.896086]  ? tcp_set_state+0x270/0x9d0
[ 1258.896102]  ? ip_route_output_key_hash+0x297/0x3b0
[ 1258.896115]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1258.896133]  ? tcp_fastopen_cookie_check+0x330/0x330
[ 1258.896147]  ? secure_tcp_ts_off+0xe6/0x1a0
[ 1258.896160]  ? secure_ipv6_port_ephemeral+0x2f0/0x2f0
[ 1258.896174]  ? check_preemption_disabled+0x48/0x200
[ 1258.896188]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1258.896204]  ? sk_setup_caps+0x209/0x690
[ 1258.896220]  tcp_v4_connect+0x1996/0x1dd0
[ 1258.896244]  ? tcp_v4_parse_md5_keys+0x340/0x340
[ 1258.896265]  __inet_stream_connect+0x992/0x1150
[ 1258.896281]  ? ___might_sleep+0x1ed/0x300
[ 1258.896297]  ? inet_dgram_connect+0x2e0/0x2e0
[ 1258.896310]  ? tcp_sendmsg_locked+0x32f9/0x3f00
[ 1258.896325]  ? kasan_unpoison_shadow+0x35/0x50
[ 1258.896338]  ? kasan_kmalloc+0xc7/0xe0
[ 1258.896357]  ? kmem_cache_alloc_trace+0x31f/0x750
[ 1258.896369]  ? kasan_check_read+0x11/0x20
[ 1258.896388]  tcp_sendmsg_locked+0x2bf2/0x3f00
[ 1258.896406]  ? debug_smp_processor_id+0x1c/0x20
[ 1258.896419]  ? __fget+0x4aa/0x740
[ 1258.896438]  ? perf_trace_lock+0x7a0/0x7a0
[ 1258.896455]  ? tcp_sendpage+0x60/0x60
[ 1258.896470]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1258.896493]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1258.896509]  ? aa_profile_af_perm+0x410/0x410
[ 1258.896525]  ? ksys_dup3+0x680/0x680
[ 1258.896542]  ? lock_acquire+0x1ed/0x520
[ 1258.896555]  ? tcp_sendmsg+0x21/0x50
[ 1258.896571]  ? trace_hardirqs_on+0xbd/0x310
[ 1258.896584]  ? lock_release+0x970/0x970
[ 1258.896597]  ? lock_sock_nested+0xe2/0x120
[ 1258.896611]  ? __bpf_trace_preemptirq_template+0x30/0x30
15:26:10 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa00}, 0x6)

[ 1258.896626]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.896640]  ? check_preemption_disabled+0x48/0x200
[ 1258.896655]  ? lock_sock_nested+0x9a/0x120
[ 1258.896670]  ? lock_sock_nested+0x9a/0x120
[ 1258.896685]  ? __local_bh_enable_ip+0x160/0x260
[ 1258.896704]  tcp_sendmsg+0x2f/0x50
[ 1258.896719]  inet_sendmsg+0x1a1/0x690
[ 1258.896735]  ? ipip_gro_receive+0x100/0x100
[ 1258.896756]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1258.896770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.896787]  ? security_socket_sendmsg+0x94/0xc0
[ 1258.896800]  ? ipip_gro_receive+0x100/0x100
[ 1258.896815]  sock_sendmsg+0xd5/0x120
[ 1258.896830]  __sys_sendto+0x3d7/0x670
[ 1258.896846]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1258.896861]  ? arch_local_save_flags+0x40/0x40
[ 1258.896875]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1258.896906]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1258.896921]  ? compat_put_timespec64+0x110/0x280
[ 1258.896935]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1258.896949]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1258.896967]  ? trace_hardirqs_on+0xbd/0x310
[ 1258.896981]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1258.896995]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1258.897009]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1258.897026]  __ia32_sys_sendto+0xdf/0x1a0
[ 1258.897044]  do_fast_syscall_32+0x34d/0xfb2
[ 1258.897061]  ? do_int80_syscall_32+0x890/0x890
[ 1258.897075]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1258.897090]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1258.897104]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1258.897117]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1258.897133]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1258.897147]  ? recalc_sigpending_tsk+0x180/0x180
[ 1258.897159]  ? kasan_check_write+0x14/0x20
[ 1258.897178]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1258.897196]  entry_SYSENTER_compat+0x70/0x7f
[ 1258.897207] RIP: 0023:0xf7f56ca9
[ 1258.897221] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1258.897228] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1258.897243] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 1258.897253] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000020e68000
[ 1258.897261] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[ 1258.897268] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1258.897276] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1258.942322] Task in 
[ 1258.956201] /syz4
[ 1258.974068]  killed as a result of limit of 
[ 1259.008748] /syz4
[ 1259.028162] memory: usage 204800kB, limit 204800kB, failcnt 1399
[ 1259.043551] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1259.051357] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1259.068267] Memory cgroup stats for 
[ 1259.081111] /syz4
[ 1259.087537] :
[ 1259.096819]  cache:152KB
[ 1259.106616]  rss:180KB
[ 1259.114873]  rss_huge:0KB
[ 1259.125751]  shmem:0KB
[ 1259.135443]  mapped_file:0KB
[ 1259.155245]  dirty:132KB
[ 1259.164771]  writeback:132KB
[ 1259.173788]  swap:0KB
[ 1259.182277]  inactive_anon:0KB
[ 1259.192181]  active_anon:148KB
[ 1259.200417]  inactive_file:0KB
[ 1259.209395]  active_file:0KB
[ 1259.218498]  unevictable:0KB
[ 1259.235514] Memory cgroup out of memory: Kill process 25299 (syz-executor4) score 161 or sacrifice child
[ 1259.244356] Killed process 25299 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1259.255959] oom_reaper: reaped process 25299 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
[ 1259.290252] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1259.297429] syz-executor4 cpuset=
[ 1259.305186] syz4
[ 1259.315326]  mems_allowed=0
[ 1259.324609] CPU: 1 PID: 25345 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1259.340570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1259.350568] Call Trace:
[ 1259.360834]  dump_stack+0x1c4/0x2b4
[ 1259.370487]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1259.380305]  ? debug_smp_processor_id+0x1c/0x20
[ 1259.390294]  dump_header+0x27b/0xf72
[ 1259.398737]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1259.407856]  ? pagefault_out_of_memory+0x197/0x197
[ 1259.417687]  ? debug_smp_processor_id+0x1c/0x20
[ 1259.427692]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1259.436642]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1259.436658]  ? perf_trace_lock+0x7a0/0x7a0
[ 1259.436673]  ? perf_trace_lock+0x7a0/0x7a0
[ 1259.445890]  ? debug_smp_processor_id+0x1c/0x20
[ 1259.445905]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1259.468223]  ? mark_held_locks+0x130/0x130
[ 1259.468237]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1259.468253]  ? perf_trace_lock+0x7a0/0x7a0
[ 1259.483196]  ? task_will_free_mem+0x239/0xb30
[ 1259.483226]  ? ___ratelimit+0x36f/0x655
[ 1259.497746]  ? lock_downgrade+0x900/0x900
[ 1259.497766]  ? trace_hardirqs_on+0xbd/0x310
[ 1259.512289]  ? kasan_check_read+0x11/0x20
[ 1259.516641]  ? ___ratelimit+0x36f/0x655
[ 1259.523074]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1259.523093]  ? trace_hardirqs_on+0x310/0x310
[ 1259.535954]  ? lock_downgrade+0x900/0x900
[ 1259.535976]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1259.545797]  ? ___ratelimit+0xaa/0x655
[ 1259.545814]  ? idr_get_free+0xec0/0xec0
[ 1259.781881]  ? kasan_check_write+0x14/0x20
[ 1259.786129]  ? do_raw_spin_lock+0xc1/0x200
[ 1259.790379]  oom_kill_process.cold.27+0x10/0x903
[ 1259.795153]  ? kasan_check_write+0x14/0x20
[ 1259.795168]  ? do_raw_spin_lock+0xc1/0x200
[ 1259.795191]  ? oom_evaluate_task+0x540/0x540
[ 1259.803645]  ? cgroup_procs_next+0x70/0x70
[ 1259.803665]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1259.812267]  ? oom_badness+0xaa0/0xaa0
[ 1259.812281]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1259.812297]  ? mem_cgroup_iter_break+0x30/0x30
[ 1259.820672]  ? cgroup_file_notify+0x226/0x2f0
[ 1259.829973]  out_of_memory+0xa84/0x1430
[ 1259.829990]  ? kasan_check_read+0x11/0x20
[ 1259.838426]  ? oom_killer_disable+0x3a0/0x3a0
[ 1259.847033]  ? kasan_check_write+0x14/0x20
[ 1259.847048]  ? do_raw_spin_lock+0xc1/0x200
[ 1259.847070]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1259.855496]  ? memcg_memory_event+0x40/0x40
[ 1259.855507]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1259.855526]  ? page_counter_try_charge+0x1c1/0x220
[ 1259.864650]  try_charge+0xc43/0x1690
[ 1259.864665]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1259.864688]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1259.874336]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1259.874349]  ? lock_downgrade+0x900/0x900
[ 1259.874365]  ? lock_release+0x970/0x970
[ 1259.883145]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1259.883179]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1259.894612]  ? mem_cgroup_can_attach+0x580/0x580
[ 1259.894629]  ? memcg_kmem_charge+0x1c2/0x300
[ 1259.922487]  ? __might_sleep+0x95/0x190
[ 1259.926474]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1259.931064]  ? mem_cgroup_protected+0xa60/0xa60
[ 1259.931085]  ? __pte_alloc+0x1c7/0x350
[ 1259.939614]  ? kasan_check_read+0x11/0x20
[ 1259.943758]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1259.943771]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1259.943786]  ? kasan_check_write+0x14/0x20
[ 1259.952748]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1259.962481]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1259.962499]  __handle_mm_fault+0x273a/0x53e0
[ 1259.971808]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1259.976667]  ? lock_acquire+0x1ed/0x520
[ 1259.976684]  ? handle_mm_fault+0x42a/0xc70
[ 1259.984854]  ? lock_downgrade+0x900/0x900
[ 1259.984875]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1259.994774]  ? __do_page_fault+0x67d/0xed0
[ 1259.994789]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1259.994806]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1260.004454]  ? check_preemption_disabled+0x48/0x200
[ 1260.004474]  handle_mm_fault+0x54f/0xc70
[ 1260.014989]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1260.015005]  ? find_vma+0x34/0x190
[ 1260.023616]  __do_page_fault+0x67d/0xed0
[ 1260.023635]  ? mm_fault_error+0x380/0x380
[ 1260.035350]  ? trace_hardirqs_off+0xb8/0x310
[ 1260.039767]  ? entry_INT80_compat+0x74/0x7e
[ 1260.044098]  do_page_fault+0xf2/0x7e0
[ 1260.047907]  ? vmalloc_sync_all+0x30/0x30
[ 1260.052065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1260.057604]  ? error_entry+0x70/0xd0
[ 1260.061317]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1260.066327]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1260.066341]  ? do_syscall_64+0x820/0x820
[ 1260.066353]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1260.066369]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1260.075332]  ? trace_hardirqs_off+0x310/0x310
[ 1260.075346]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1260.075363]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1260.085182]  ? page_fault+0x8/0x30
[ 1260.085198]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1260.085214]  ? page_fault+0x8/0x30
[ 1260.094706]  page_fault+0x1e/0x30
[ 1260.094716] RIP: 0023:0x804848a
[ 1260.094732] Code: 0f b6 c0 d3 e0 09 d0 88 06 e9 a7 01 00 00 8b 44 24 10 8b 54 24 14 0b 44 24 18 0b 54 24 1c 09 c2 75 10 8b 44 24 28 8b 74 24 20 <66> 89 30 e9 83 01 00 00 8a 4c 24 18 31 c0 8b 7c 24 28 f6 c1 20 0f
[ 1260.103247] RSP: 002b:000000000845fbd0 EFLAGS: 00010246
[ 1260.103261] RAX: 0000000020e68000 RBX: 0000000000000000 RCX: 000000003dd6315d
[ 1260.103271] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 1260.111690] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1260.111699] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 1260.111705] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1260.116075] Task in 
[ 1260.138004] /syz4
[ 1260.150639]  killed as a result of limit of 
[ 1260.165218] /syz4
[ 1260.190692] memory: usage 204764kB, limit 204800kB, failcnt 1416
[ 1260.197039] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1260.204088] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1260.210233] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:120KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1260.230729] Memory cgroup out of memory: Kill process 25345 (syz-executor4) score 161 or sacrifice child
[ 1260.240531] Killed process 25345 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1260.252033] oom_reaper: reaped process 25345 (syz-executor4), now anon-rss:0kB, file-rss:32092kB, shmem-rss:0kB
[ 1260.388460] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1260.394986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1260.401794] device bridge_slave_0 entered promiscuous mode
[ 1260.426349] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1260.432754] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1260.439754] device bridge_slave_1 entered promiscuous mode
[ 1260.464939] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 1260.489307] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 1260.558101] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1260.585103] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1260.690181] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 1260.697306] team0: Port device team_slave_0 added
[ 1260.720392] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 1260.727557] team0: Port device team_slave_1 added
[ 1260.751755] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1260.776899] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1260.802200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1260.827964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1261.049805] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1261.056221] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1261.062775] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1261.069142] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1261.870093] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1261.948671] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 1262.027032] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 1262.033359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1262.040276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1262.120223] 8021q: adding VLAN 0 to HW filter on device team0
15:26:13 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x400)
setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000080)={0x3b, @multicast2, 0x4e20, 0x3, 'lblcr\x00', 0x9, 0x81, 0x6}, 0x2c)
flock(r0, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2a})
ioctl$FS_IOC_SETFLAGS(r0, 0x40046602, &(0x7f0000000140)=0xf36)
fsetxattr$security_evm(r0, &(0x7f00000001c0)='security.evm\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="020955203dd6bfa4230ef2215292dac6e1ffadfcf4fadc6a17c0c59f0ea58b7be38ca5daf3119f02246bd8b529a0bee4f0dd2914b4628468b8a400df1039ab9f644654e3229683d1790ede36ded7585ef0c666e3bae93e26619bd9bcaf5fd6c3330fc28afa59928d7a22da911c4aa8bbaeb8e96f6386e66cd9d0970d9b71abf153a636a6524310246970eb1affde7b41cf0797701c06d48315fb1afb7fc0dcd19865a9f97850fae778b1ad"], 0x1, 0x2)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x403c5404, &(0x7f0000000000)={{0x1, 0x0, 0xd54, 0x2, 0x2}, 0x8ee7, 0x98})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000200)=0xc)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000380)={0x8001, 0x3, 0x3, 0x9bc, 0xffffffffffff8000, 0x5, 0x100000000000000, 0x101, 0xd6d9, 0xb3, 0x3, 0xa27})
getgroups(0x2, &(0x7f0000000240)=[0xee00, <r2=>0xee00])
r3 = getgid()
getgroups(0x3, &(0x7f0000000280)=[r1, r2, r3])
ioctl$TIOCLINUX7(r0, 0x541c, &(0x7f0000000040)={0x7, 0x4})

15:26:13 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x1)
setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000000)=0x101, 0x4)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x136, 0x0, 0x80000})
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000040), &(0x7f0000000080)=0x4)

15:26:13 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x805, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:13 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000004}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x4000, 0x0)
ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0xae78, &(0x7f0000000040))

15:26:13 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x800000000000000}, 0x6)

15:26:13 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000002}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1262.667411] vhci_hcd: invalid port number 54
[ 1262.680343] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1262.694179] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1262.708332] vhci_hcd: invalid port number 54
[ 1262.727542] CPU: 1 PID: 25614 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1262.734941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1262.744290] Call Trace:
[ 1262.746875]  dump_stack+0x1c4/0x2b4
[ 1262.750496]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1262.755679]  ? mark_held_locks+0x130/0x130
[ 1262.760163]  ? mark_held_locks+0x130/0x130
[ 1262.765014]  dump_header+0x27b/0xf72
[ 1262.768726]  ? debug_smp_processor_id+0x1c/0x20
[ 1262.773386]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1262.778917]  ? pagefault_out_of_memory+0x197/0x197
[ 1262.784099]  ? debug_smp_processor_id+0x1c/0x20
[ 1262.789973]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1262.794987]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1262.799909]  ? perf_trace_lock+0x7a0/0x7a0
[ 1262.804132]  ? perf_trace_lock+0x7a0/0x7a0
[ 1262.808355]  ? debug_smp_processor_id+0x1c/0x20
[ 1262.813280]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1262.818206]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1262.823823]  ? perf_trace_lock+0x7a0/0x7a0
[ 1262.828310]  ? task_will_free_mem+0x239/0xb30
[ 1262.832801]  ? ___ratelimit+0x36f/0x655
[ 1262.836769]  ? lock_downgrade+0x900/0x900
[ 1262.840910]  ? trace_hardirqs_on+0xbd/0x310
[ 1262.845217]  ? kasan_check_read+0x11/0x20
[ 1262.849360]  ? ___ratelimit+0x36f/0x655
[ 1262.853323]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1262.858761]  ? trace_hardirqs_on+0x310/0x310
[ 1262.863157]  ? lock_downgrade+0x900/0x900
[ 1262.867306]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1262.872398]  ? ___ratelimit+0xaa/0x655
[ 1262.876294]  ? idr_get_free+0xec0/0xec0
[ 1262.880254]  ? kasan_check_write+0x14/0x20
[ 1262.884478]  ? do_raw_spin_lock+0xc1/0x200
[ 1262.888706]  oom_kill_process.cold.27+0x10/0x903
[ 1262.894203]  ? kasan_check_write+0x14/0x20
[ 1262.898429]  ? do_raw_spin_lock+0xc1/0x200
[ 1262.902660]  ? oom_evaluate_task+0x540/0x540
[ 1262.907060]  ? cgroup_procs_next+0x70/0x70
[ 1262.911287]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1262.915769]  ? oom_badness+0xaa0/0xaa0
[ 1262.919645]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1262.924390]  ? mem_cgroup_iter_break+0x30/0x30
[ 1262.929155]  ? cgroup_file_notify+0x226/0x2f0
[ 1262.933646]  out_of_memory+0xa84/0x1430
[ 1262.937609]  ? kasan_check_read+0x11/0x20
[ 1262.941744]  ? oom_killer_disable+0x3a0/0x3a0
[ 1262.946230]  ? kasan_check_write+0x14/0x20
[ 1262.950463]  ? do_raw_spin_lock+0xc1/0x200
[ 1262.954691]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1262.959521]  ? memcg_memory_event+0x40/0x40
[ 1262.963835]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1262.968764]  ? page_counter_try_charge+0x1c1/0x220
[ 1262.973694]  try_charge+0xc43/0x1690
[ 1262.977404]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1262.983451]  ? tcp_sendmsg+0x2f/0x50
[ 1262.987153]  ? sock_sendmsg+0xd5/0x120
[ 1262.991038]  ? __sys_sendto+0x3d7/0x670
[ 1262.994998]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1262.999307]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1263.003793]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1263.008364]  ? fs_reclaim_acquire+0x20/0x20
[ 1263.012951]  ? lock_downgrade+0x900/0x900
[ 1263.017090]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1263.022630]  ? check_preemption_disabled+0x48/0x200
[ 1263.027649]  ? ___might_sleep+0x1ed/0x300
[ 1263.031799]  ? debug_smp_processor_id+0x1c/0x20
[ 1263.036455]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1263.041379]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1263.046469]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1263.051907]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1263.057695]  ? check_preemption_disabled+0x48/0x200
[ 1263.064516]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1263.070477]  ? mem_cgroup_sk_free+0x90/0x90
[ 1263.074797]  __sk_mem_raise_allocated+0x642/0x1800
[ 1263.079717]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1263.084032]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1263.089562]  ? alloc_pages_current+0x114/0x210
[ 1263.094136]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1263.098800]  ? sock_kzfree_s+0x60/0x60
[ 1263.102696]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1263.107982]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1263.113000]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1263.118184]  ? iov_iter_advance+0x1460/0x1460
[ 1263.122678]  __sk_mem_schedule+0x6d/0xe0
[ 1263.126726]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1263.132255]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1263.137967]  ? tcp_sendpage+0x60/0x60
[ 1263.142114]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1263.147748]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1263.152061]  ? aa_profile_af_perm+0x410/0x410
[ 1263.156547]  ? ksys_dup3+0x680/0x680
[ 1263.160250]  ? lock_acquire+0x1ed/0x520
[ 1263.164212]  ? tcp_sendmsg+0x21/0x50
[ 1263.167920]  ? trace_hardirqs_on+0xbd/0x310
[ 1263.172242]  ? lock_release+0x970/0x970
[ 1263.176205]  ? lock_sock_nested+0xe2/0x120
[ 1263.180429]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1263.185866]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1263.191392]  ? check_preemption_disabled+0x48/0x200
[ 1263.196400]  ? lock_sock_nested+0x9a/0x120
[ 1263.200626]  ? lock_sock_nested+0x9a/0x120
[ 1263.204852]  ? __local_bh_enable_ip+0x160/0x260
[ 1263.209514]  tcp_sendmsg+0x2f/0x50
[ 1263.213047]  inet_sendmsg+0x1a1/0x690
[ 1263.216837]  ? ipip_gro_receive+0x100/0x100
[ 1263.221156]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1263.225903]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1263.231435]  ? security_socket_sendmsg+0x94/0xc0
[ 1263.236181]  ? ipip_gro_receive+0x100/0x100
[ 1263.240578]  sock_sendmsg+0xd5/0x120
[ 1263.244282]  __sys_sendto+0x3d7/0x670
[ 1263.248074]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1263.252734]  ? arch_local_save_flags+0x40/0x40
[ 1263.257390]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1263.262845]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1263.268371]  ? compat_put_timespec64+0x110/0x280
[ 1263.273129]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1263.277877]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1263.282796]  ? trace_hardirqs_on+0xbd/0x310
[ 1263.287109]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1263.292634]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1263.297202]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1263.302642]  __ia32_sys_sendto+0xdf/0x1a0
[ 1263.306782]  do_fast_syscall_32+0x34d/0xfb2
[ 1263.311093]  ? do_int80_syscall_32+0x890/0x890
[ 1263.316531]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1263.321100]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1263.326104]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1263.330946]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1263.336213]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1263.341218]  ? recalc_sigpending_tsk+0x180/0x180
[ 1263.345963]  ? kasan_check_write+0x14/0x20
[ 1263.350189]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1263.355545]  entry_SYSENTER_compat+0x70/0x7f
[ 1263.361178] RIP: 0023:0xf7f56ca9
15:26:14 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1263.364534] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1263.383778] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1263.391476] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1263.398732] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1263.405987] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1263.413244] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1263.421031] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:14 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x800010a0, 0x80})

15:26:14 executing program 5:
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x8, 0x10000)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:26:14 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe000f000}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:14 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x800, 0x0)
ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000300)="4cbefa55a1c52113aae58fc1222005e616df01a0be70f2198d979dfa5c16ba1445c3f43d0e90292eb9b5b4aeaf33879c27e86ebad488547f102751bff3bcdc62e2428021dea15c82b16921479df5059672666b4fce7d7244f2ea8f492807b264d065f5fd124f309fb78773b4fdcfc53710e57b3edace2de437b47cc189eef1f7d22ffa0dbda687b933e8508b5ac04d00a86b4fb0837ad5e8c439acbf910a552b8b40cb7e02a783fd2cb6c83b685cdb223629570c3362630a8ff098b9f0717c87e8a0c3d5d47164a3f1446cef0c044af7c61191108a4145fa6a95e0a66cde71da084c564261622c42b44be78bf6af23f19f2f5e39531e11ce04a8cae4b372d52c")
ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000140))
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x98b4})

[ 1263.487194] vhci_hcd: invalid port number 128
[ 1263.505204] vhci_hcd: default hub control req: a010 v8000 i0080 l0
15:26:14 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000005}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x2000)
ioctl$ASHMEM_SET_PROT_MASK(r2, 0x40047705, &(0x7f0000000100)={0xe1, 0x3})
creat(&(0x7f0000000080)='./file0\x00', 0x45128f1241e027b)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:14 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000080)='security.ima\x00', &(0x7f00000000c0)=@sha1={0x1, "9a81299f48977b6c640a9dfa5b0a170cd4c49cd1"}, 0x15, 0x2)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1263.568169] Task in /syz4 killed as a result of limit of /syz4
[ 1263.585251] memory: usage 204788kB, limit 204800kB, failcnt 1437
[ 1263.607638] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:26:14 executing program 2:
r0 = syz_open_dev$midi(&(0x7f0000000540)='/dev/midi#\x00', 0x2, 0x400400)
ioctl$KVM_GET_XSAVE(r0, 0x9000aea4, &(0x7f0000000100))
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0xfffffffffffffffe)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={<r2=>0x0}, &(0x7f0000000080)=0xc)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000500)=<r3=>0x0)
kcmp(r2, r3, 0x7, r1, r0)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x9, 0x40000, 0x2, 0xfffffffffffffff8, 0xb1})

15:26:14 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000003}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1263.626975] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1263.640762] Memory cgroup stats for /syz4: cache:152KB rss:180KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1263.691894] Memory cgroup out of memory: Kill process 25612 (syz-executor4) score 161 or sacrifice child
[ 1263.709303] Killed process 25612 (syz-executor4) total-vm:70252kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1263.729501] oom_reaper: reaped process 25612 (syz-executor4), now anon-rss:0kB, file-rss:32792kB, shmem-rss:0kB
15:26:14 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x900000000000000}, 0x6)

15:26:14 executing program 1:
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000011c0)={<r0=>0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000001180)='vmnet1\x00', 0xffffffffffffffff}, 0x30)
wait4(r0, &(0x7f0000001200), 0x0, &(0x7f0000001240))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x5, 0x48440)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000000c0)={<r3=>0x0, 0x1000, "fc16702752035f0aa95bc59b33ae1d42fd90ac7bf3cb5d61b92f1c252ab33e5e7366ac38bd4eb7ec049452516013f46ec0a703035a9d035e124a2d0f33302f9c99653f8f34a6dd204be8f5a6d19cbb0778cc755f656977bdfded77e413a2547abced4006bb4d56f98f48096c04c1663248a5576ab78b8e22ee3fee27e3e271416d3fccd14c3665b9b6a0e1c6f656c42ac45e806376a936c385695d2f95d43b68f10e1ebc36f1a3133e47aa1279e48d48277a0ef5d63888cd47617871549d8cb78b1a1eaa4253790c726171201dd5dce7862f13b2a5b40202245e5d5fdb7b3b8f580bbea62e3f87db3b972e41a93348f9745322e36c70beca04c81cd288ba27a5d50df5247fc74bde4736267e1f35674177cbe7a464c285f957ae39441a934479d90b1e5790806627349efdff09e5cbf6c340dbabd3573aa5da7cd1626e31018bf6cf5cd3b8f4519a9ee46932efd1ed68430e1a69f71db64a0f0c58c1e961dbafb9b013eaa5212e87ea9f15d4dbbc7c50b75d3e507b2a88bd74784aeaa68525de4e1282ffc33532795ddf1f36add8c7cf7237907bbea0575872d953ec479be2b2f9c5e8fd0cd0cd5a6c72a4126a06cc77b46079525fb13f273e755bf6441365b2e89a844e80a9732cb9a35e9841fb8258f9a4cdb82b6cf3c2a4eecdd62bbacf38f19e3ce777418638debac39cfb3fc69b51825814b8c27e2b7a4c2ccbcb90075e4ec23ef9dc6c9960ded1fed4a819c6948fad9d33957bdd1af0a10b43e509670ce90d11c1c5af8caf8873fca2f67b6bfa8642146563209148b4f1fa6b96490ef47fcf8f2a233a3c0af33d834697a7243aa5cc4e0b7963978b98c9f43f1ed64dea7fb4356c6d572760a6d4a78c7007a3d83f662b06b60282e8b706c43f87191bf0b76396fb9f32168c52c6caaafe9af4e5855116dd9cc69444c48bee5366dd756035b2c7c4229bc1a2416780248903a25b7e6e254d67848ecb47e357b7b4be818964f46635a0b6abce6f48e260b7ab45ad5840043bd90fcb616ba7cb427ab23cf098c67619ee9125aa6286b4c42cf0e594977201b290ae040ba13bea587036a7b8aa6f3e8f055cd5bd72255ea6af58d82fd95db81531643ae0c15743527135d051afae57e0860f884f7c62c22918c2f0ee3cfcc0b676c7b2b00ee5d2d81d310ac40645e943a4eafbccdfe332a49ede428348a2b2fc9be10540d2100f0b01bf4df9479bf0ced3c542dec2bf4713748618c5b666589a2ff3517f0fdf18c220b4807ce45ebebb861c2ab786b405ce24530fde30920f6a53dad8f109232938db0026ebb5e125ced1ee6033292dbdde245446b86e4f1cbee2d8e6d0af9a29698565b25c0b9159ca6f960c786a5cb83274300f38e7a245e15f28732047b93288e6dc8993bfda40c7710b8829418add791a4282af28284134ba45ea9884b573fc5f0fa2de597f6f0e835e08717e454e545e3dad5b1823c29e4145831433ce1ba3b9140ac1c95eab39bea490f38420ef844df48dcaf67c66834c79d12c3d4938eee4e8fbe28d78e437f8fc00906bd181cd17e4cd5b475f59a206221676190caefe34a63d9146869b8e683441e412d0e4b725c753dda6e5ce864ab0df327fce022d1ddc9201d2c7281d49bca2d9f30b810e3d8baf07bff9c321dc1864dea881209b1733488faec0bc32a48fe4cc2e8d6ac1e0003accb704ed9e326879f9fc1e6cdcb5723ec56ca4bc8a150a388ca457269a70283df2c3379710ccf17ec37e2f9c404b8f20c69b7d9ee51476b5c5e711643123dac20ee5d6b8dd8e05504db430dd44578fa3b762efed63d07be82c0004d9fdff026a204d7ecdd79311294f55d5fc0213e0c611507e596254ed14f35c152fd34efec16302cd9a84488906fc9b4f626a368ae426906d965515722433b3f20e65dec97c92548f2b75e5fd08a1cc552af204bf9c77cb86ee5ffedce0899b77b25d560dd617eefe9bcdf3a314033b552355edf619038bfec55495d2005c9542f71bef0dcbcffe927e9ee5fc6db1bfc5e49f404850b54da83d670cd8e444c1db25be7a5ab6903160bd5813aad0b7dc3e996b802df98167a7d2c06474473cb84432e162cd37f42cc53eeb7d6689486bbd19464ef0a5225081f31e2df6a8057884fec1945b6e5159abe7f1bfec67bee9104a403149c677f00aa489cbef387a7b720e02989d4812077fadcf3cb64b98c6296d5f62b25e76b2a7493c6ea08994ac0e0870322218aeb49660b88bc80d5bad8f9e15b0d791813d42950b8fd1b2478778c97cadb83a0c4fd2a2519bff0aa8e926ee6d7480a8d612c49eaed3ee6e86e71aaa882fb21ab49b8d242fa582f01357b71b6c7261cf9f769a375a72839698232ad9704a7bc11080f28212ce66ff3ea5cd30db04ebf05847e2ca769be58cd8834093fb830ea49714a74b438a224efd506fd95965b8ecfc16cdef258c558ee288c0f6be32d40ba067352d1c7044a7c70abb714fbef5cf0abc54e388a820407c53edcc57d2fef7641c14a3cf3792d55186982015f4dcea1c1115dd8c81a4b9964c53d12a406b167d7cdda9d7f244e83598e84ec474d763b5b7c309c3d97542f0efedc3dd87a0a422ad4ab8162eed6408c4494e530052e9b42b527b742f408ef46d12c0c2f072e67758f61f2311e01e677764bd200c50709cfc3c3672cc842b0aacc323ed6fdfa1f655e09c31bffd3dc45ce41cbd69f6c46b33f4ef791cba754d29868b696a34c4d26d101e80e3798031e8859510fb2ea1527d16479785f29ab230b4320ea4817d44e87257b074a387592ead3398ba20856f1d030649206aabea7503cd2f673bcfdbfbb29be3c8a058c938ab16e3b54cd7969e2d8ac3ef70a03c0901d6615d89c4cd9d3bf3c88415d2ff42388c0ca022b3440d597bafa81bd6972cac579a70ab6c1c7dce6df136525b95d5e5bf51583aed7d254e9d0d4b3a81a079cac9b191accc8f7af6af862a62bdaeae093312ce2cc2f5a3a169e50dd7f2dc8dc20ae2ae6ea4425f13433a6197ff7704b752f10cb6ead681fd7feb12495a99d9866755be5463771caa0c7228181cf2341922869fce56539e9f1d0ad24991e9d264554fe082a4780193ad7a422a1622dcc89c3b41fcb60214021cae5196c007aab10242c8353bf1241f67e397909a83d91e21a78f4d58900986212b9ee32a6e74d836624ad5d421fc4232accc107e03a2906f3f9036db4575330c0d665f397cf4111c605e765c57892140582aeeae460a3addda4d4de20cb067b28fae11ee5540d533101a44b9c8eb589d05d2f71927070506bd525da883e96cf4fa46c434e456cba4f12663da54b3536b0e51f3018b5ceb1988a761b688e45d7f57a66adf119b7a610610c591de0a4671a077e2287975add8ffbe998bb5583d9fc5de1a2d4bcbd5e2935d223466b32ad4722ffb7ef282284adb2d21091a3b256de5e86b090cdff8f7aa2644f0049e56b54bf73651563320b855a2ca36cfca7d07ddbbd01e83349d8a8cad27730ef834262d8f70fe386b67d20f9339d2372e5a913468c39b4746fd0b91863043ad70a5b7e028dca7875391969f580e410816ecbb4f66415da78a2dfada745509485694b3f086e69021028a22178f00c8d96ed1b9c54bc4a1defa3d48825ccb92ca7f08182632356b1c03736eee31a0b3d7cbf2a2bd707ee28f2ad5346df82238a336844fbd9a9f8e6d906daf593efef979823d165b7ff12f0b8d324d77116c2f54c4d826046c7869214928870128c40a9e3885f619bc4d7a5425cd4749aa2bb50884c62ed6173ab002318a273acd4a9f59b551371fadb19cf8bc4bdadc88f9b18410eaac9748a61ab715130ac5d7e93a94a5073bc223ea12df183d0367c4460d96e30eb86974ba47233b878e964298fdf50b781f3977e90ad7bfd3bd9064f6b0eee13acdba4c85b5cf606983ab60dd84e14d8daf8a2abac67aeca8e07621fd87439bc367fd797d643a7026693bd62a571d4b7242048747ed3ad304cceb4dcbf1edf9d6b45055e6487bfd1be4d7cfb45b9c50a033b6095da4dff539d5b8c405c1b019fe9f6eceee8184209a15c5a4d468add64292b61dd41b827eadce0dd09a56839ac296404a2e373a456a0d9ac4f478dfbb7667d4155acea9f77d39a245e28cf5f7d58bc810d67482592b8a9aa652af9f7579c0759b4c1f07ced57c4e9da79f52ac205f8912ae3cf8e4d6d4813d3e8296e18f41530228b7b63176191b8a68c744db16a8b2a54b63888cf03cc2014ffc66d482d49683a10612f81d1becb876feb11fdfeb4f34f6dc8c000aaeeab26e10eb144f1fb626559195c75713aaef50e1223702d9a7c07c10f99ba5fd824158cd51c0a2a022cd980199d7fab216634a384f5272a0d174858059a1a6145f2420021f478b0a1c13f02d8f7909ad6b081362cc4108815b92b1e5f7708bd92ec7050ed89cd44d06b02c960cb21a74891aad1cbf428933199dadf51e0ca1c55d0e9874c5545388e105eb0c31778eed696557bef7e7d49c9a0a8177d11c656c6a42f8b958e89993fc47f2659f578e9983bddef6e524c4375b1429b9af747d2fba4d97202290c37cdf7a42b9ca2a314de5ed6c93466e0893aecc6b4901deb97742e0940700cad12f64ff1fa08955d339e7edb757802c0259ecd134a4379d2057e83758d0b30257ff9800d0ee99d8dae637e363f221d6c0e7685c400da7a8d21cea932ae4862a72c4fc91d25b29369e0cc2c84eefb060780b14dd15bb3c216691f5af613f44c772ab17bb7e5d3f2d5f377856d50ee459154557a1c9c08df8fdb40d488cf4af5af192ab16582bd19f5102fb2b4e49a99b03d2c783156606321b564bb372cb6831848eba618be7c923d98c1228ff866e9b08a4ddc74d670a4d5c66bc1ec1f30f971a8aa6f7ae616c0bf21e307004a9d356870861ebc877853a6c533e57268ccd28b77b543030ac385c438bff55a31abbe42604c60db27cff3538cc12da654c4ebcd5dca9099a15417e185bbd256d8afed6569a403b74a2f9b4e06ee03a9c56ccfaed78f438f03c730d196ef590d7ab7dd462e012463dc9d26fac5c247566f9d4b01813e99014f63e1dc1eda7535b6ec09cd2256a48f45be71a73600d11c4b4c333340f8fb6e428b45a3c52496cad125e23b3c2e00d970b5d4adc49e9e666c1223479cb6bac335e87e50ca7a45e2aae2cb1349852272652c6769dd34353f8a0094c3c26a06084ae3e01e532ba95ecc11edad256033fe1e5896f3739b0322b1ecef9a625b7cef4dce013fac86ecf808d341818761d57dda6d2f8e521e6367edc45a7a48eb88d81d429a0aff56eeb73e5ce565bd01901264fb9d921a09998ca686e0f6d0709b11ae3f48d22a23169995d3322596fe72b806c32a7eb829db6dec573986952e132a014f9884e632cbe30827b9132498d1df2a0b1f03cd3bc8cb1f93b4150425b540007f304bd92499108ac68dc44c6df54da15d5f89504ce3c5a5b3891cc37258ae87db0bb545b4ec46945e1c68c20e1c45b1bc5d4b2258aa23d6115b6224bc2b1fc31e33830132d4dd98797e31be128acb9da065902f73ace43b0d99f7631292582508865835f9b9243a90081575104b51bc1d0a492dae11bd530899085e911829c2112e8a7af8f85411078e33efdc7818e82d5ddc70811fac42fe826abc48c7682ae4623fbe04d357f2778497a6c11cdf4880744f7faa8e0b7dc1753e51531a4e9ef72926634c9981e380477b34ace5619243150f3dfc0f35da8f54eadff67968ced7824c61bf3a25fb11cfba0cb3daaa9264e65dc8cba524bfdaa"}, &(0x7f0000001100)=0x1008)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000001140)={r3, 0x8, 0x6, 0x8, 0x8, 0x7}, 0x14)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000012c0)={r3, 0x3, 0x4, [0x10000, 0x6, 0xd6c3, 0x9]}, 0x10)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0xae78, &(0x7f0000000040))

15:26:14 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000007}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:14 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x20, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x106, 0xd}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f00000001c0)={0xb, 0x10, 0xfa00, {&(0x7f0000001240), r1, 0x5}}, 0x18)
ioctl(r0, 0x32f4, &(0x7f0000000200)="0c2810f4e50137465385efd7874f5ca4ecab8153392ce57cf780c8674e924b48ff8bc0066d52035f964cbd9ee04cfe4a937b2019205816e0c545e89e49590ce902b15c2dbfa49347d0700a9c4eb10e3079d4dc46509ba828a3e70acbcd7be877c670cbbc0105d83080fbee46a229c4eaf6cae9b11b1f045f18f9eb6872b464068e62712511dd63a55df3395dc50c278830fb36353a70b25052588e570cd3a4d6b03f703004cb3511015a4a06696b73295eb1e94eed5df0fb198baed628904f90aa1399d13e1d23766dd4db642b4b09402255135c835a25973c1084da2b6ea1eb25da17363ec872520fe6fa6a3b14407319e70a953d119daf2b9e71c9f2252c1b92f2d1b5b1c553b24ed028001bccfa09666f5453a930e8c23d03a9e077b7ad96f80abc4f58e2f6c9306a55f58c21dc05b3dd5bd9bd5af45b8c2711d1d15c322cdcf2c5959b1213e41bee8e8d80878e27ba190f1a25f1f0e98523a110910787174d83031adc05b84371bb69e5c490b34839e9cc0763575b5f4a94907d4a971b7ae9fc3f5c373bc12941cf2c6572bbf8a470a2947e1a5d52bdf5e5fc2678b8776b3b48911c29b46566d381fe21d1c9c68c4eed304db875587424e51a314a31839bb68d1ca03204d7f4e1eb8afdcfdf5035908b328ca49a520ffd66c98196b669b546b8d8fc9b1fafae605c0c7102c345122e72a72fef8e40dfab1e7d36e358b54cd5aea07e35accf6810011e96c9d14dc5df7a6db62c69a11d38886f333fdeeca89ac5c6f8af05049c6bf5f8ee2a56aa254a24b99529f1016c4712bec9722a6651aaa429270a7c798e825e52246cdc64e4b89739f507a7f5059b41010d31478c9a4fcb0ef41b5d38436e74fb295fedac73c2cfd73d46c281b0c43a22b7770fd9b3d3faef395966b6f2ac083270c948e2aef5091660b54e1c866e296e76bf7fa4fa56cccf5323aea5232d00814bd786e9f140188fe1b8d2dd094ede4ccb9cb9418cfd19a9315291a5d970132bbd5b0e1c79669f3e38bf3764f0edcc53fdb133e6de9801b14369073fb00237c48f8ebd3e9ab17cee136d4d6f0207eeb31845a79af6529ea3abfb25a04239f624e6a2568214fdbffd8edc25a7e8f4bfd847271962f8d8784babd450df0ef213ec9b7e481e0ffdae224952d59d40adefcf245dcb41d0ff615bf85e9c431152427dfadeb39d7f38b43a6638a82ca52df428454a99f7f6d78a4debbb5a5944d5c4421dd92c50f309a41fb724031f7547175473e10d84a47e7f1e2f1f3d8bb11b1930afd854148c902ed3ad944ec1431abdd903cdfc75bfa1bb9eb172c9323875fdb6effe4da65f1365e6f54513972a46cf1112525f9e377443326ce771164fc4b7c4105c50017a75c9210d89aef1ef6d0090755576880575a6fc76748161a5c01a32c5b8aad756802c80cca1bbc43595ff5e3c4805297ae3439917c8d2b44383050f84e20b33e9e383eb5b215499c42754286e1826f238a21a5f2f93b41989d37fbca727774ef2840b04f046265fdd75bc958351e8fe65c8d6aabd680183fd9cb961d2e8a3de6f42a7904b869e7bef30d079615294ff732ed9336f1308113ca74b8bf116975ed671444079545d7892cc45f882fbc6d5ebb8cf9ccfbc289f8a6b40067fc98b32cec93814482121a9d3c4d9e3a2da3fa5be31b956de290edd44a26de246df31e12d57dbb0a65968cece7a760ae8368ae7f62b215a01527d57069f42f87000ffd261064c80792e6821da8ae76e3c203603d57565037b743fa19df79f715abe37247e0e8b06b2c49008d0cf2e91f1445ca42d225080a37a46def236164a36c332f66993722451eaa5db0222d0d0ac3e239731028db43eedc62d0ad75212837d349f59d8e0531f67f7a40756277c6eda0d56e7f4354e6ef885d66215394c23409083b0e1b6e9180bd8038aec50d2a6798399310de5528b7026e1b5e554b61cb8d4a9fd322c670f94bbf105fb7f93b20b798f374fbdf014ca346b6ba6b9e076ca1ad5d299db18eea459684c7a3a65644b0b5b322f253072e56433fc1542d3c25577bfdd736b208f8656b30a38cab22cdfd728b8b8a4c66c01b3aca493bd94e415877df09a4ad97f0572f29e1ef3b5d97e84a351e0257ca0b6ba1a3cf3ba96479034c29304481298c93683bb5ad1a33e5633f7c539ad3d797bf7c87dcd861d8f3febbcb7930845c5b7127125c247299d9561696badc6de0cc200f5a0b9e6e12cfc409e0dfb239a3eeddeb69a0a67c867fa063915ffd557c7a0c89c642288ec3418b263d7137401f029bdbb6c62737594296a0a66f37aceb2eabf1c8790fcd5b4b1ad6c7cb4f94174df09eb080a0ec3ce42aa0d4b17915cfac3ad44c585b826ba2a5a6b134253ae363b2a11e0273b3c325fc97f9da9439881ef27570506db0c4e072a7a9dd9c070b711615363cc8fa3265755ebeeb6a6da349797925a56c4bcc9c33eae9afdf91d1ac9794578ea8b3f8fabea7236c0361995a7a5fc5ede24737f65b0536d8af56e9dc2608ede16d75c708635f3f44d5b273ca6a67a25293d18837038614ea0ea5497e149c643f4d86e541a26e1e7d9ed0a98420e181068bab8299c68c26fb72d3f0d74e4da7f8728230162ff151472ff9f0f7e8f7bae3a7cc1879f1f8448a105871c58a9986b93b47a3191bce0862794187b3708aff282ada938c720d39ed917ccb857c6c23e5760a813d849de6f0a69382e3a0d14c25a1c924003e203e62c6bb1c3f167b49aec022601c781415f4891c1a6bc128c271a735f7cc2e2796153935ca459f3b24355d88185d1a05b88832c4ce0def21739b782ab5bfb00521d1a1eb66fef889d8ddae977c7425275fd57ed0ee84e35e4eb31cb020aa980bd0b11d824bdef10f277984389be8ac0e38392bb685302f55ca420e999b2e8451367606eeaad9259b1b3efdb69f75a98f11af26757554a8dee5a0088bd84db98177c32b36c0f0a35ac36041d9436ae40b9a39433cef5c78e20ce391d6fb33625931a5d85976845014ad680ddbb18ba96e4bdf6df7e0213212765f1b143b91d4e74738f6c59cf8da82e7139ac4b3f9a308b8064b8248fb94d667c25388da4537657d993a5a7250cf1a81e2a23848c473cf703bb8332518b8dccd623d9363eb32b5855d44981eb63787eef9a900889e6cc486cdc22454764767a423f2b8c33333e1d0f81c4a02ceac9fb21487b51ed06094b6aaf7618791c344e224600a3a221ad65b7510624491260160c276dfd62d3291e664faa5a14e54616f852a59191e8055ebd4302727ab556582833c410f007d433ca0d3ba2814524b40777aba42c350932ee13108120ce8f05d8e53f18686e4dced7b24b4814b407938b5b779df9e701ae449802d19055556d36a5968ef6e92a1ae07584c13d0fbf26731398612b501ce485a84a76604cda641b3e60055ee0ff354e6199059cdea6b8962cf2d6e7a75c9f43aea3c5987394cceea4483af0a4698acad832b425b5889fe29becaa23abcb859908429f8afb24f9608a9e0bc8fb93b17fe9ecc5b8f4136a019c44c9cfa9ba6a2284a8da9d0d26b4d2a3e73e647c11ae2878baf3db39fe8c553edabb54cf0aef78d5603a09e1d0cf3a246c016b23630dae4813ace05c9f88308087eabf444d8a72faab4eb408988a6bd0d42b6332438de1e990e3506dcc9010abde1f0bf059f14ee8c4aa920ae2b28ef0ee73e77eab078adc21f8d056b37b37a4e849c1e92c59e0b0d7093825a67e2ccee43527bacb8541ff0056d386b2f98e203e48773cfc917a4f5f315397c073154f7c90bbc44236d6ecff9fc0ed3b3464a4fbe4e0f6f87b6701cea90fd28adcbdb4c129852861ff34767c998d279462060b14fc70163783e74f6f9bfa26005f1fc0560464b990897b788745b3ab228aeb11ce582816700740ec43bc53602285a4ade88463ff343bcfdaa83794ea74a3da0a318c92dbd3eb41cd1fe000cce11db679c2670391c70daafb07b2c697aea7f2135babb5977cb8e1f7c9ff1058da8e23c08810d08c8dba66943ff3b22a83dbc9965d075ea24f530fa68abccd1a68edd88bfccb26143cc4a1c4003ec6c65805f88f94919494e4625891016a0a316cc0a3a4a14a1dea0793a88a0aecee7f3b9fd0d260751e2c1888c843727a0b29deda2c52302f504b70c79fb6f1e177784bc7ebc1f4a9c6c5f73149e66e206e50f3131aa4bc63532ec4d02eb34ae35e166515383451bb1187d7a69836470defe294ca089d9a0be59b3018f96c10adabb94c7373b8218255819e1631c5efe7928e0f3dc84c172c39284cbe69daf2df9af919b8b29684d02bc09f78ea729f41ab28b7624722452130fb669dc374824595896cc4b8a223e612ce166116ed9b92adea910e32911e24a74948fba1cebc82f323c2dc2b678958b98bf7af3f0e6fdc00d9df557eb1d5c283705078ccc99a66f6cba6be2cb347519b3004b49902ff0a1f9795922a659100b4f7a292ab6c3de1c7a9b99d402a8e618f6b74798d54d9bff58609a770a4fec4a861bafa725926c3e7d7b9ef860b723c20aa3dbeb0636083eb5a2adab8da34db2871cc820d6ade3f7622cc2ab803ed7e4c8088a58106bc8208059592e41d6a7875dc0c18a5988c1b93a1dc22eb47e51147e22cab67599d64446c2d62c3ef48dd4698b774023164b0d5cdc274e2c331f82331a4b3c0378301b125d6d66c73bf09f88dc0d3ee670c2c693f8bbe6e5c1eb538687f4eed330f7c6b95e88c850fa7889fa35892da9d334f3ed0747c2000e9473a175089e8e58a0fe215a9668a13ebed58eec7c68ae74603c7757cb95fb03d679e575b9145eba99a33d8e85d37ee1a4ae2633daeb0a1b5c5a1ce3f88a68610469730af838a756b4e39a238dc5ec93b5fee1d25db0dcc478ce97861d23dceac5c66f7b5c9a0fc16f4dd4fc5927b83d798515c6ede83b0a1274a446023694d6bc9700dd425130fd5e970e3e270ce594e0b68541331308cf3ab0143a56565459388a58e64d45c18139844727c09751c76365db7a9cb61593a15dc8f341824b7990ea33ec9005b7151d301c8e1dd189e278426e802d2670a1ae218173b0e0abd2ed090cf33580a3674fb0ffd0a935b08670450688079bafde0bb36b8095b44a691fd093db98a57c985c5dd4e0d3dc8372d226f87d6b963dac42509fcce5bfd0ee317adf867b1392929f22c7ed8c4dca4d26d6305f51e05c7313f239f9ca0ff5ad42c19f9c4539c4c3462af32dc7119c5abb78fe02c515147f75e72fc7e6444e821f5eae6cd64e97ca94866c8cde08313902fcdb67081933a620cbf840df145c3d472c8551108e082bac1bfdfd78b88fa4d1fc1129f7f9151f09c932a81229a5dbbde76ddcda086094be8310aeb150a63093bea6088d62e83dbfa6ffe620214e75896e09a76592fc2dd266f076aecf25992c17f6fc0d76b3ab0c8f5cdf299e0061d7404af8d83d9238c22e8adaa1f2c7536a3ad9ce8d8f19751089dec20f6db411aafe67d14e8d258622427631bcc4b8c84d895c1b2bcbbbc7a5a939fc2f000fa2f5054133a96f1e7dc764bdfd33bcebc18dca46ecb551845569231b73c4621fa5a0ad5e253e25215449cd40c2b22b0a7e374d0728b9ef1cf9b723224affd72030ce5cfe0691536dc56da741b63097830d57ae4b1ad574c308070bee2812d90c17a2f872848b56d3dd595e5a7e145e05f0eb6d50604c2a995475c8ffe687d119941e55071962af4fc9f2a3ecc07dfebd6bca9fb9cb8db6dcd96346093dd29e3b6c070339f2a28d34477b94a3490dd86eb7faaf34f78fa0a")
ioctl$TCGETA(r0, 0x5405, &(0x7f0000001200))
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$RTC_AIE_OFF(r0, 0x7002)

[ 1263.851314] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0
[ 1263.863668] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1263.876686] CPU: 0 PID: 25673 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1263.884070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1263.893437] Call Trace:
[ 1263.896036]  dump_stack+0x1c4/0x2b4
[ 1263.899701]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1263.904883]  ? mark_held_locks+0x130/0x130
[ 1263.909113]  ? mark_held_locks+0x130/0x130
[ 1263.913387]  dump_header+0x27b/0xf72
[ 1263.917103]  ? debug_smp_processor_id+0x1c/0x20
[ 1263.921764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1263.927288]  ? pagefault_out_of_memory+0x197/0x197
[ 1263.932205]  ? debug_smp_processor_id+0x1c/0x20
[ 1263.936866]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1263.941826]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1263.946749]  ? perf_trace_lock+0x7a0/0x7a0
[ 1263.951245]  ? perf_trace_lock+0x7a0/0x7a0
[ 1263.955474]  ? debug_smp_processor_id+0x1c/0x20
[ 1263.960129]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1263.965050]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1263.970576]  ? perf_trace_lock+0x7a0/0x7a0
[ 1263.974800]  ? task_will_free_mem+0x239/0xb30
[ 1263.979293]  ? ___ratelimit+0x36f/0x655
[ 1263.983256]  ? lock_downgrade+0x900/0x900
[ 1263.987398]  ? trace_hardirqs_on+0xbd/0x310
[ 1263.991725]  ? kasan_check_read+0x11/0x20
[ 1263.995861]  ? ___ratelimit+0x36f/0x655
[ 1263.999826]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1264.005265]  ? trace_hardirqs_on+0x310/0x310
[ 1264.009663]  ? lock_downgrade+0x900/0x900
[ 1264.013804]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1264.018895]  ? ___ratelimit+0xaa/0x655
[ 1264.022772]  ? idr_get_free+0xec0/0xec0
[ 1264.026733]  ? kasan_check_write+0x14/0x20
[ 1264.030956]  ? do_raw_spin_lock+0xc1/0x200
[ 1264.035269]  oom_kill_process.cold.27+0x10/0x903
[ 1264.040015]  ? kasan_check_write+0x14/0x20
[ 1264.044237]  ? do_raw_spin_lock+0xc1/0x200
[ 1264.048465]  ? oom_evaluate_task+0x540/0x540
[ 1264.052868]  ? cgroup_procs_next+0x70/0x70
[ 1264.057106]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1264.061600]  ? oom_badness+0xaa0/0xaa0
[ 1264.065477]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1264.070220]  ? mem_cgroup_iter_break+0x30/0x30
[ 1264.074797]  ? cgroup_file_notify+0x226/0x2f0
[ 1264.079283]  out_of_memory+0xa84/0x1430
[ 1264.083244]  ? kasan_check_read+0x11/0x20
[ 1264.087381]  ? oom_killer_disable+0x3a0/0x3a0
[ 1264.091863]  ? kasan_check_write+0x14/0x20
[ 1264.096104]  ? do_raw_spin_lock+0xc1/0x200
[ 1264.100420]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1264.105249]  ? memcg_memory_event+0x40/0x40
[ 1264.109560]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1264.114482]  ? page_counter_try_charge+0x1c1/0x220
[ 1264.119403]  try_charge+0xc43/0x1690
[ 1264.123112]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1264.129157]  ? tcp_sendmsg+0x2f/0x50
[ 1264.132863]  ? sock_sendmsg+0xd5/0x120
[ 1264.136738]  ? __sys_sendto+0x3d7/0x670
[ 1264.140698]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1264.145007]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1264.149489]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1264.154060]  ? fs_reclaim_acquire+0x20/0x20
[ 1264.158376]  ? lock_downgrade+0x900/0x900
[ 1264.162516]  ? ___might_sleep+0x1ed/0x300
[ 1264.166653]  ? trace_hardirqs_on+0xbd/0x310
[ 1264.170961]  ? lock_downgrade+0x900/0x900
[ 1264.175104]  ? __kmalloc_node_track_caller+0x33/0x70
[ 1264.180978]  ? kasan_unpoison_shadow+0x35/0x50
[ 1264.185821]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1264.190916]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1264.196369]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1264.201982]  ? check_preemption_disabled+0x48/0x200
[ 1264.208813]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1264.214953]  ? mem_cgroup_sk_free+0x90/0x90
[ 1264.220579]  __sk_mem_raise_allocated+0x642/0x1800
[ 1264.225512]  ? __tcp_transmit_skb+0x3fc0/0x3fc0
[ 1264.230171]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1264.234488]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1264.239494]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1264.244153]  ? sock_kzfree_s+0x60/0x60
[ 1264.248038]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1264.253049]  ? sk_stream_alloc_skb+0x34b/0x970
[ 1264.257627]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1264.262805]  ? skb_entail+0x618/0x8c0
[ 1264.266611]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1264.271789]  ? tcp_splice_data_recv+0x1b0/0x1b0
[ 1264.276452]  __sk_mem_schedule+0x6d/0xe0
[ 1264.280502]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1264.286027]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1264.290523]  ? tcp_sendpage+0x60/0x60
[ 1264.294316]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1264.299846]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1264.304160]  ? aa_profile_af_perm+0x410/0x410
[ 1264.308644]  ? ksys_dup3+0x680/0x680
[ 1264.312608]  ? lock_acquire+0x1ed/0x520
[ 1264.316568]  ? tcp_sendmsg+0x21/0x50
[ 1264.320284]  ? trace_hardirqs_on+0xbd/0x310
[ 1264.324606]  ? lock_release+0x970/0x970
[ 1264.328567]  ? lock_sock_nested+0xe2/0x120
[ 1264.332792]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1264.338244]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1264.343783]  ? check_preemption_disabled+0x48/0x200
[ 1264.348787]  ? lock_sock_nested+0x9a/0x120
[ 1264.353021]  ? lock_sock_nested+0x9a/0x120
[ 1264.357247]  ? __local_bh_enable_ip+0x160/0x260
[ 1264.361937]  tcp_sendmsg+0x2f/0x50
[ 1264.365904]  inet_sendmsg+0x1a1/0x690
[ 1264.370474]  ? ipip_gro_receive+0x100/0x100
[ 1264.374785]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1264.379529]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1264.385062]  ? security_socket_sendmsg+0x94/0xc0
[ 1264.389803]  ? ipip_gro_receive+0x100/0x100
[ 1264.394289]  sock_sendmsg+0xd5/0x120
[ 1264.397992]  __sys_sendto+0x3d7/0x670
[ 1264.401788]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1264.406460]  ? arch_local_save_flags+0x40/0x40
[ 1264.411130]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1264.416580]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1264.422118]  ? compat_put_timespec64+0x110/0x280
[ 1264.426865]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1264.431611]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1264.436545]  ? trace_hardirqs_on+0xbd/0x310
[ 1264.440855]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1264.446392]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1264.450962]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1264.456406]  __ia32_sys_sendto+0xdf/0x1a0
[ 1264.460546]  do_fast_syscall_32+0x34d/0xfb2
[ 1264.464861]  ? do_int80_syscall_32+0x890/0x890
[ 1264.469429]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1264.474086]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1264.479091]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1264.483921]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1264.488926]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1264.493928]  ? recalc_sigpending_tsk+0x180/0x180
[ 1264.498683]  ? kasan_check_write+0x14/0x20
[ 1264.502908]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1264.507740]  entry_SYSENTER_compat+0x70/0x7f
[ 1264.512133] RIP: 0023:0xf7f56ca9
[ 1264.515491] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1264.534378] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1264.542076] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1264.549340] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1264.556597] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1264.563851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1264.571108] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1264.583092] Task in /syz4 killed as a result of limit of /syz4
[ 1264.589241] memory: usage 204708kB, limit 204800kB, failcnt 1479
[ 1264.596990] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1264.604602] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1264.611548] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1264.632424] Memory cgroup out of memory: Kill process 25672 (syz-executor4) score 161 or sacrifice child
[ 1264.642297] Killed process 25672 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:26:15 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x9, 0x0, 0x1})

15:26:15 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000008}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:15 executing program 2:
r0 = add_key(&(0x7f0000000000)='trusted\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000140)="7767904976410d6d3eb45b7b3f83e49a27165ec20d2d0c8f7b22757ddb8f287f563857e6a1a00bcaf48e86eedef9fd8da8acd7c6d68c8c4165903c4b984f89feab72565b0ee033d07a55dd6770c842a4edb289fce268779578c0406178349f267c6ca59acceffb0260d7437660185b4883724b63e68076", 0x77, 0xfffffffffffffffa)
keyctl$read(0xb, r0, &(0x7f00000001c0)=""/209, 0xd1)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x400000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000001c0)={<r2=>0xffffffffffffffff}, 0x111, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000240)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @in6={0xa, 0x4e22, 0x5, @mcast1, 0x8000}}}, 0x90)
socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000100)={'ipvs\x00'}, &(0x7f0000000140)=0x1e)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = memfd_create(&(0x7f0000000080)='\\system\x00', 0x0)
listen(r5, 0x695)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0xae78, &(0x7f0000000040))

15:26:15 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet(0x2, 0x80e, 0x5)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000080)={<r3=>0x0, @in={{0x2, 0x4e24, @multicast2}}, [0x8000, 0x82ad, 0x2, 0x6, 0x10001, 0x64, 0xfffffffffffffff7, 0x3, 0xfff, 0x3f, 0x4000, 0x80000001, 0x5, 0x6, 0x3]}, &(0x7f0000000180)=0x100)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={r3, @in={{0x2, 0x4e23, @remote}}, 0x0, 0x73, 0xd66, 0x3ff, 0x4}, 0x98)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:15 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x735e0100}, 0x6)

[ 1264.653543] oom_reaper: reaped process 25672 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
15:26:15 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x27ae, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0, 0x0, 0x0, 0x1})
getpeername$packet(r0, &(0x7f00000007c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000800)=0x14)
setsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000840)={@mcast1, r1}, 0x14)

15:26:15 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1=0xe0000006}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x501000, 0x0)
bind$alg(r2, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:15 executing program 2:
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101000, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:15 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x6, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:15 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0xf0b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x13, @rand_addr=0x2000000}]}}}]}, 0x38}}, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1264.828108] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0
[ 1264.861505] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1264.869402] CPU: 0 PID: 25702 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1264.876785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1264.886143] Call Trace:
[ 1264.888728]  dump_stack+0x1c4/0x2b4
[ 1264.892716]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1264.898245]  ? mark_held_locks+0x130/0x130
[ 1264.902467]  ? mark_held_locks+0x130/0x130
[ 1264.906693]  dump_header+0x27b/0xf72
[ 1264.910402]  ? debug_smp_processor_id+0x1c/0x20
[ 1264.915079]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1264.920604]  ? pagefault_out_of_memory+0x197/0x197
[ 1264.925522]  ? debug_smp_processor_id+0x1c/0x20
[ 1264.930177]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1264.935092]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1264.940019]  ? perf_trace_lock+0x7a0/0x7a0
[ 1264.944240]  ? perf_trace_lock+0x7a0/0x7a0
[ 1264.948467]  ? debug_smp_processor_id+0x1c/0x20
[ 1264.953126]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1264.958043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1264.963575]  ? perf_trace_lock+0x7a0/0x7a0
[ 1264.967807]  ? task_will_free_mem+0x239/0xb30
[ 1264.972301]  ? ___ratelimit+0x36f/0x655
[ 1264.976263]  ? lock_downgrade+0x900/0x900
[ 1264.980405]  ? trace_hardirqs_on+0xbd/0x310
[ 1264.984711]  ? kasan_check_read+0x11/0x20
[ 1264.988848]  ? ___ratelimit+0x36f/0x655
[ 1264.992809]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1264.998250]  ? trace_hardirqs_on+0x310/0x310
[ 1265.002655]  ? lock_downgrade+0x900/0x900
[ 1265.006796]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1265.011888]  ? ___ratelimit+0xaa/0x655
[ 1265.015761]  ? idr_get_free+0xec0/0xec0
[ 1265.019725]  ? kasan_check_write+0x14/0x20
[ 1265.023948]  ? do_raw_spin_lock+0xc1/0x200
[ 1265.028175]  oom_kill_process.cold.27+0x10/0x903
[ 1265.032921]  ? kasan_check_write+0x14/0x20
[ 1265.037146]  ? do_raw_spin_lock+0xc1/0x200
[ 1265.041371]  ? oom_evaluate_task+0x540/0x540
[ 1265.045772]  ? cgroup_procs_next+0x70/0x70
[ 1265.049996]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1265.054486]  ? oom_badness+0xaa0/0xaa0
[ 1265.058766]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1265.063510]  ? mem_cgroup_iter_break+0x30/0x30
[ 1265.068085]  ? cgroup_file_notify+0x226/0x2f0
[ 1265.072569]  out_of_memory+0xa84/0x1430
[ 1265.076540]  ? kasan_check_read+0x11/0x20
[ 1265.080674]  ? oom_killer_disable+0x3a0/0x3a0
[ 1265.085168]  ? kasan_check_write+0x14/0x20
[ 1265.089417]  ? do_raw_spin_lock+0xc1/0x200
[ 1265.093645]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1265.098473]  ? memcg_memory_event+0x40/0x40
[ 1265.102795]  ? mem_cgroup_charge_skmem+0x1e4/0x390
[ 1265.107719]  ? page_counter_try_charge+0x1c1/0x220
[ 1265.112639]  try_charge+0xc43/0x1690
[ 1265.116351]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1265.122395]  ? tcp_sendmsg+0x2f/0x50
[ 1265.126095]  ? sock_sendmsg+0xd5/0x120
[ 1265.129968]  ? __sys_sendto+0x3d7/0x670
[ 1265.133933]  ? __ia32_sys_sendto+0xdf/0x1a0
[ 1265.138244]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1265.142727]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1265.147299]  ? fs_reclaim_acquire+0x20/0x20
[ 1265.151609]  ? lock_downgrade+0x900/0x900
[ 1265.155745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1265.162822]  ? check_preemption_disabled+0x48/0x200
[ 1265.170282]  ? ___might_sleep+0x1ed/0x300
[ 1265.175634]  ? debug_smp_processor_id+0x1c/0x20
[ 1265.181857]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1265.188699]  ? __sk_mem_raise_allocated+0x642/0x1800
[ 1265.195407]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1265.202681]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1265.208901]  ? check_preemption_disabled+0x48/0x200
[ 1265.213924]  mem_cgroup_charge_skmem+0x1e4/0x390
[ 1265.218670]  ? mem_cgroup_sk_free+0x90/0x90
[ 1265.222997]  __sk_mem_raise_allocated+0x642/0x1800
[ 1265.227923]  ? sk_busy_loop_end+0x1c0/0x1c0
[ 1265.232232]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1265.237764]  ? alloc_pages_current+0x114/0x210
[ 1265.242341]  ? skb_page_frag_refill+0x1eb/0x6a0
[ 1265.247010]  ? sock_kzfree_s+0x60/0x60
[ 1265.250886]  ? _copy_from_iter_full+0x2b3/0xd20
[ 1265.255558]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1265.260663]  ? tcp_rate_check_app_limited+0x121/0x460
[ 1265.265856]  ? iov_iter_advance+0x1460/0x1460
[ 1265.270449]  __sk_mem_schedule+0x6d/0xe0
[ 1265.274511]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1265.280038]  tcp_sendmsg_locked+0x1c86/0x3f00
[ 1265.284531]  ? tcp_sendpage+0x60/0x60
[ 1265.288320]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1265.293845]  ? aa_label_sk_perm+0x46d/0x8e0
[ 1265.298155]  ? aa_profile_af_perm+0x410/0x410
[ 1265.302639]  ? ksys_dup3+0x680/0x680
[ 1265.306345]  ? lock_acquire+0x1ed/0x520
[ 1265.310827]  ? tcp_sendmsg+0x21/0x50
[ 1265.315749]  ? trace_hardirqs_on+0xbd/0x310
[ 1265.321358]  ? lock_release+0x970/0x970
[ 1265.325324]  ? lock_sock_nested+0xe2/0x120
[ 1265.329546]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1265.334992]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1265.340708]  ? check_preemption_disabled+0x48/0x200
[ 1265.345712]  ? lock_sock_nested+0x9a/0x120
[ 1265.349934]  ? lock_sock_nested+0x9a/0x120
[ 1265.354269]  ? __local_bh_enable_ip+0x160/0x260
[ 1265.358931]  tcp_sendmsg+0x2f/0x50
[ 1265.362460]  inet_sendmsg+0x1a1/0x690
[ 1265.366255]  ? ipip_gro_receive+0x100/0x100
[ 1265.370575]  ? apparmor_socket_sendmsg+0x29/0x30
[ 1265.375321]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1265.380845]  ? security_socket_sendmsg+0x94/0xc0
[ 1265.385591]  ? ipip_gro_receive+0x100/0x100
[ 1265.389903]  sock_sendmsg+0xd5/0x120
[ 1265.393608]  __sys_sendto+0x3d7/0x670
[ 1265.397398]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1265.402056]  ? arch_local_save_flags+0x40/0x40
[ 1265.406715]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1265.412168]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1265.417711]  ? compat_put_timespec64+0x110/0x280
[ 1265.422559]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1265.427314]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1265.432232]  ? trace_hardirqs_on+0xbd/0x310
[ 1265.436547]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1265.442075]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1265.446647]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1265.452088]  __ia32_sys_sendto+0xdf/0x1a0
[ 1265.456226]  do_fast_syscall_32+0x34d/0xfb2
[ 1265.460542]  ? do_int80_syscall_32+0x890/0x890
[ 1265.465112]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1265.469683]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1265.474690]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1265.479519]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1265.484521]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1265.489525]  ? recalc_sigpending_tsk+0x180/0x180
[ 1265.494270]  ? kasan_check_write+0x14/0x20
[ 1265.498504]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1265.503355]  entry_SYSENTER_compat+0x70/0x7f
[ 1265.507752] RIP: 0023:0xf7f56ca9
[ 1265.511111] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
15:26:16 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x4, 0x0, 0xfffffffffffffffc})

[ 1265.530096] RSP: 002b:00000000f5f520cc EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1265.537793] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1265.545047] RDX: 00000000fffffe4e RSI: 00000000000000c0 RDI: 00000000200000c0
[ 1265.552300] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[ 1265.559553] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1265.566810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:16 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x400000000000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:16 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x101000, 0x0)
sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x38, r1, 0x700, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x63c8}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x44080}, 0x40004)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1265.628300] netlink: 'syz-executor1': attribute type 19 has an invalid length.
15:26:16 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x3, 0x400)
setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x483, &(0x7f00000000c0)={0x89, @dev={0xac, 0x14, 0x14, 0x1c}, 0x4e20, 0x1, 'lc\x00', 0x1, 0xffffffffffffff01, 0x13}, 0x2c)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:16 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x3000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1265.769448] Task in /syz4 killed as a result of limit of /syz4
[ 1265.780557] memory: usage 204788kB, limit 204800kB, failcnt 1499
[ 1265.787304] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1265.794260] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:26:16 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x20000000}, 0x6)

15:26:16 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x200080, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x80, 0x4)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000500)={0x0, <r2=>0x0})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000006c0))
r3 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x7003, 0x7500000000000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000240)="5500000018007f0c00fe01b2a4a280930a600800ffa84302910000002d00090023000c000b0000000d000500fe8000740000c78b80082314e9030b9d566885b167320b00dc1338d54400009b84136ef75afb83de44", 0x55}], 0x1, &(0x7f0000000080)}, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:16 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2b00, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:16 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x101000, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r2, 0x0, 0x42, &(0x7f00000000c0)={'IDLETIMER\x00'}, &(0x7f0000000100)=0x1e)

[ 1265.800568] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1265.821665] Memory cgroup out of memory: Kill process 25701 (syz-executor4) score 161 or sacrifice child
[ 1265.832268] Killed process 25701 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1265.848437] oom_reaper: reaped process 25701 (syz-executor4), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB
15:26:16 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1265.900413] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=-1000
[ 1265.931208] netlink: 9 bytes leftover after parsing attributes in process `syz-executor3'.
[ 1265.942460] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1265.948450] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1265.955734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1265.965081] Call Trace:
[ 1265.965103]  dump_stack+0x1c4/0x2b4
[ 1265.965121]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1265.976496]  dump_header+0x27b/0xf72
[ 1265.976517]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1265.986011]  ? pagefault_out_of_memory+0x197/0x197
[ 1265.990961]  ? rcu_read_unlock+0x33/0x60
[ 1265.995026]  ? mem_cgroup_iter+0x514/0x1160
[ 1265.999358]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1266.004122]  ? css_task_iter_end+0x222/0x490
[ 1266.008541]  ? lock_downgrade+0x900/0x900
[ 1266.012707]  ? trace_hardirqs_on+0xbd/0x310
[ 1266.017036]  ? kasan_check_read+0x11/0x20
[ 1266.021194]  ? css_task_iter_end+0x222/0x490
[ 1266.025701]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1266.031158]  ? kasan_check_write+0x14/0x20
[ 1266.035405]  ? do_raw_spin_lock+0xc1/0x200
[ 1266.039651]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1266.044239]  ? css_task_iter_end+0x2ce/0x490
[ 1266.048653]  ? cgroup_procs_next+0x70/0x70
[ 1266.052899]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1266.057405]  ? oom_badness+0xaa0/0xaa0
[ 1266.061302]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1266.066063]  ? mem_cgroup_iter_break+0x30/0x30
[ 1266.066086]  ? cgroup_file_notify+0x226/0x2f0
[ 1266.075140]  out_of_memory.cold.30+0xf/0x184
[ 1266.075156]  ? kasan_check_read+0x11/0x20
[ 1266.075170]  ? oom_killer_disable+0x3a0/0x3a0
[ 1266.075184]  ? kasan_check_write+0x14/0x20
[ 1266.092437]  ? do_raw_spin_lock+0xc1/0x200
[ 1266.096786]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1266.101640]  ? memcg_memory_event+0x40/0x40
[ 1266.105964]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1266.105985]  ? page_counter_try_charge+0x1c1/0x220
[ 1266.106000]  try_charge+0xc43/0x1690
[ 1266.106012]  ? lock_downgrade+0x900/0x900
[ 1266.106031]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1266.115772]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1266.115789]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1266.115804]  ? should_fail+0x22d/0xd01
[ 1266.115821]  ? percpu_ref_tryget_live+0x168/0x460
[ 1266.149678]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1266.154530]  ? lock_downgrade+0x900/0x900
[ 1266.158665]  ? lock_release+0x970/0x970
[ 1266.162629]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1266.168417]  ? __kernel_text_address+0xd/0x40
[ 1266.172904]  ? __save_stack_trace+0x8d/0xf0
[ 1266.177226]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1266.182494]  ? fs_reclaim_acquire+0x20/0x20
[ 1266.186806]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1266.191463]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1266.195949]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1266.200528]  memcg_kmem_charge+0x135/0x300
[ 1266.204755]  __alloc_pages_nodemask+0x72e/0xde0
[ 1266.209414]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1266.214421]  ? percpu_ref_put_many+0x13e/0x260
[ 1266.219004]  ? trace_hardirqs_on+0xbd/0x310
[ 1266.223320]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1266.228671]  ? kasan_kmalloc+0xc7/0xe0
[ 1266.232552]  ? kasan_slab_alloc+0x12/0x20
[ 1266.236692]  ? kmem_cache_alloc_node+0x303/0x730
[ 1266.241431]  ? kasan_check_write+0x14/0x20
[ 1266.245655]  ? do_raw_spin_lock+0xc1/0x200
[ 1266.249885]  copy_process+0xa09/0x8780
[ 1266.253769]  ? debug_smp_processor_id+0x1c/0x20
[ 1266.258422]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1266.263370]  ? perf_trace_lock+0x7a0/0x7a0
[ 1266.267594]  ? debug_smp_processor_id+0x1c/0x20
[ 1266.272254]  ? __cleanup_sighand+0x70/0x70
[ 1266.276475]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1266.280790]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1266.286315]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1266.291839]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1266.296149]  ? page_swapcount+0x1d0/0x1d0
[ 1266.300292]  ? trace_hardirqs_off+0xb8/0x310
[ 1266.304690]  ? kasan_check_read+0x11/0x20
[ 1266.308828]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1266.313223]  ? trace_hardirqs_on+0x310/0x310
[ 1266.317618]  ? rcu_read_lock+0x70/0x70
[ 1266.321498]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1266.326589]  ? try_to_wake_up+0x10a/0x12f0
[ 1266.330816]  ? migrate_swap_stop+0x930/0x930
[ 1266.335214]  ? perf_trace_lock+0x7a0/0x7a0
[ 1266.339440]  ? perf_trace_lock+0x7a0/0x7a0
[ 1266.343671]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.349196]  ? check_preemption_disabled+0x48/0x200
[ 1266.354204]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1266.359129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.364652]  ? reuse_swap_page+0x4bd/0x1520
[ 1266.368972]  ? swp_swapcount+0x530/0x530
[ 1266.373021]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1266.377417]  ? mark_held_locks+0x130/0x130
[ 1266.381637]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.387165]  ? check_preemption_disabled+0x48/0x200
[ 1266.392172]  ? debug_smp_processor_id+0x1c/0x20
[ 1266.396828]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1266.401746]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1266.406836]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.412363]  ? ep_poll_callback+0x527/0x10e0
[ 1266.416758]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.422292]  ? check_preemption_disabled+0x48/0x200
[ 1266.427296]  ? mark_held_locks+0x130/0x130
[ 1266.431519]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1266.436438]  ? perf_trace_lock+0x7a0/0x7a0
[ 1266.440669]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.446636]  ? check_preemption_disabled+0x48/0x200
[ 1266.451644]  ? check_preemption_disabled+0x48/0x200
[ 1266.456653]  ? debug_smp_processor_id+0x1c/0x20
[ 1266.461314]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1266.466840]  ? page_move_anon_rmap+0x33f/0x620
[ 1266.471426]  ? do_wp_page+0xa6f/0x1390
[ 1266.475305]  ? lock_downgrade+0x900/0x900
[ 1266.479440]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1266.483753]  ? kasan_check_read+0x11/0x20
[ 1266.487894]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1266.492294]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1266.496863]  ? pgd_free+0x380/0x380
[ 1266.500488]  ? mark_held_locks+0x130/0x130
[ 1266.504715]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1266.509374]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1266.514566]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.520093]  ? check_preemption_disabled+0x48/0x200
[ 1266.525097]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.530621]  ? check_preemption_disabled+0x48/0x200
[ 1266.535628]  ? debug_smp_processor_id+0x1c/0x20
[ 1266.540288]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1266.545203]  ? kasan_check_write+0x14/0x20
[ 1266.549427]  ? perf_trace_lock+0x7a0/0x7a0
[ 1266.553654]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1266.558142]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1266.562971]  ? __kasan_slab_free+0x119/0x150
[ 1266.567373]  ? pipe_read+0x702/0x940
[ 1266.571082]  _do_fork+0x1cb/0x11d0
[ 1266.574611]  ? fork_idle+0x1d0/0x1d0
[ 1266.578320]  ? kasan_check_read+0x11/0x20
[ 1266.582454]  ? _copy_to_user+0xc8/0x110
[ 1266.586418]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1266.591945]  ? compat_put_timespec64+0x110/0x280
[ 1266.596691]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1266.601437]  ? trace_hardirqs_on+0xbd/0x310
[ 1266.605744]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1266.611267]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1266.615834]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1266.621276]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1266.626297]  do_fast_syscall_32+0x34d/0xfb2
[ 1266.630606]  ? do_int80_syscall_32+0x890/0x890
[ 1266.635175]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1266.639746]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1266.644749]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1266.649576]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1266.654405]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1266.659410]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1266.664421]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1266.669254]  entry_SYSENTER_compat+0x70/0x7f
[ 1266.673651] RIP: 0023:0xf7f56ca9
[ 1266.677008] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1266.695898] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
15:26:17 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2b000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1266.703595] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1266.710850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1266.718124] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1266.725379] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1266.732634] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:17 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x0, 0x0, 0x7fffffff})

15:26:17 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x800000a0, 0x0, 0x0, 0xfffffffffffffff9, 0xfffffffffffffffe})
syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00')

15:26:17 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2c00, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:17 executing program 1:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0xae78, &(0x7f0000000040))

[ 1266.759062] Memory limit reached of cgroup /syz4
15:26:17 executing program 3:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1266.785758] memory: usage 205120kB, limit 204800kB, failcnt 1574
[ 1266.792132] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1266.810218] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1266.832302] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1266.853704] Out of memory and no killable processes...
[ 1266.869727] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1266.902946] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1266.908112] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1266.915390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1266.924740] Call Trace:
[ 1266.927325]  dump_stack+0x1c4/0x2b4
[ 1266.930948]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1266.936131]  dump_header+0x27b/0xf72
[ 1266.939833]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1266.945635]  ? pagefault_out_of_memory+0x197/0x197
[ 1266.950574]  ? rcu_read_unlock+0x33/0x60
[ 1266.954634]  ? mem_cgroup_iter+0x514/0x1160
[ 1266.958943]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1266.963944]  ? css_task_iter_end+0x222/0x490
[ 1266.968339]  ? lock_downgrade+0x900/0x900
[ 1266.972482]  ? trace_hardirqs_on+0xbd/0x310
[ 1266.976798]  ? kasan_check_read+0x11/0x20
[ 1266.980929]  ? css_task_iter_end+0x222/0x490
[ 1266.985325]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1266.990763]  ? kasan_check_write+0x14/0x20
[ 1266.994984]  ? do_raw_spin_lock+0xc1/0x200
[ 1266.999206]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1267.003793]  ? css_task_iter_end+0x2ce/0x490
[ 1267.008188]  ? cgroup_procs_next+0x70/0x70
[ 1267.012411]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1267.017239]  ? oom_badness+0xaa0/0xaa0
[ 1267.021235]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1267.025977]  ? mem_cgroup_iter_break+0x30/0x30
[ 1267.030563]  ? cgroup_file_notify+0x226/0x2f0
[ 1267.035050]  out_of_memory.cold.30+0xf/0x184
[ 1267.040834]  ? kasan_check_read+0x11/0x20
[ 1267.044984]  ? oom_killer_disable+0x3a0/0x3a0
[ 1267.049476]  ? kasan_check_write+0x14/0x20
[ 1267.053698]  ? do_raw_spin_lock+0xc1/0x200
[ 1267.057939]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1267.062773]  ? memcg_memory_event+0x40/0x40
[ 1267.067077]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1267.071908]  ? page_counter_try_charge+0x1c1/0x220
[ 1267.076824]  try_charge+0xc43/0x1690
[ 1267.080531]  ? lock_downgrade+0x900/0x900
[ 1267.084682]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1267.090727]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1267.096264]  ? should_fail+0x22d/0xd01
[ 1267.100148]  ? percpu_ref_tryget_live+0x168/0x460
[ 1267.104978]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1267.109815]  ? lock_downgrade+0x900/0x900
[ 1267.113955]  ? lock_release+0x970/0x970
[ 1267.117913]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1267.124651]  ? mark_held_locks+0x130/0x130
[ 1267.128873]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.134396]  ? check_preemption_disabled+0x48/0x200
[ 1267.139399]  ? debug_smp_processor_id+0x1c/0x20
[ 1267.144057]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1267.148882]  ? fs_reclaim_acquire+0x20/0x20
[ 1267.153206]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1267.157871]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1267.162359]  memcg_kmem_charge+0x135/0x300
[ 1267.166582]  __alloc_pages_nodemask+0x72e/0xde0
[ 1267.171244]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1267.176244]  ? lock_downgrade+0x900/0x900
[ 1267.180380]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1267.186186]  ? rcu_bh_qs+0xc0/0xc0
[ 1267.189710]  ? unwind_dump+0x190/0x190
[ 1267.193586]  ? is_bpf_text_address+0xd3/0x170
[ 1267.198081]  ? kernel_text_address+0x79/0xf0
[ 1267.202496]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1267.208023]  alloc_pages_current+0x10c/0x210
[ 1267.212418]  __get_free_pages+0xc/0x40
[ 1267.216292]  pgd_alloc+0x9a/0x480
[ 1267.219730]  ? __init_rwsem+0x1cc/0x2a0
[ 1267.223691]  ? pgd_page_get_mm+0x40/0x40
[ 1267.227736]  ? save_stack+0xa9/0xd0
[ 1267.231347]  ? save_stack+0x43/0xd0
[ 1267.234964]  ? kasan_slab_alloc+0x12/0x20
[ 1267.239203]  ? kmem_cache_alloc+0x12e/0x730
[ 1267.243507]  ? copy_process+0x3564/0x8780
[ 1267.247637]  ? _do_fork+0x1cb/0x11d0
[ 1267.251334]  ? __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1267.256505]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1267.260985]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1267.265548]  ? __lockdep_init_map+0x105/0x590
[ 1267.270049]  mm_init+0x740/0xc30
[ 1267.273405]  ? list_add_tail_rcu+0x200/0x200
[ 1267.277801]  ? lock_release+0x970/0x970
[ 1267.281765]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1267.287028]  ? lock_downgrade+0x900/0x900
[ 1267.291167]  ? trace_hardirqs_on+0xbd/0x310
[ 1267.295480]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1267.300840]  ? kasan_kmalloc+0xc7/0xe0
[ 1267.304720]  ? kasan_slab_alloc+0x12/0x20
[ 1267.308855]  ? kmem_cache_alloc+0x306/0x730
[ 1267.313162]  ? kasan_check_write+0x14/0x20
[ 1267.317387]  ? do_raw_spin_lock+0xc1/0x200
[ 1267.321625]  copy_process+0x35cb/0x8780
[ 1267.325595]  ? debug_smp_processor_id+0x1c/0x20
[ 1267.330247]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1267.335181]  ? __cleanup_sighand+0x70/0x70
[ 1267.339403]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1267.343719]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1267.349241]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1267.354760]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1267.359066]  ? page_swapcount+0x1d0/0x1d0
[ 1267.363204]  ? trace_hardirqs_off+0xb8/0x310
[ 1267.367605]  ? kasan_check_read+0x11/0x20
[ 1267.371747]  ? trace_hardirqs_on+0x310/0x310
[ 1267.376144]  ? rcu_read_lock+0x70/0x70
[ 1267.380136]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1267.385223]  ? try_to_wake_up+0x10a/0x12f0
[ 1267.389447]  ? migrate_swap_stop+0x930/0x930
[ 1267.393847]  ? perf_trace_lock+0x7a0/0x7a0
[ 1267.398070]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.403599]  ? check_preemption_disabled+0x48/0x200
[ 1267.408630]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.414149]  ? reuse_swap_page+0x4bd/0x1520
[ 1267.418457]  ? swp_swapcount+0x530/0x530
[ 1267.422508]  ? mark_held_locks+0x130/0x130
[ 1267.426727]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.432259]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1267.437183]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1267.442272]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.447793]  ? ep_poll_callback+0x527/0x10e0
[ 1267.452190]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.457713]  ? check_preemption_disabled+0x48/0x200
[ 1267.462713]  ? mark_held_locks+0x130/0x130
[ 1267.467021]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1267.471937]  ? perf_trace_lock+0x7a0/0x7a0
[ 1267.476157]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.481678]  ? check_preemption_disabled+0x48/0x200
[ 1267.486675]  ? check_preemption_disabled+0x48/0x200
[ 1267.491678]  ? debug_smp_processor_id+0x1c/0x20
[ 1267.496332]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1267.501870]  ? page_move_anon_rmap+0x33f/0x620
[ 1267.506440]  ? lock_downgrade+0x900/0x900
[ 1267.510578]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1267.514884]  ? kasan_check_read+0x11/0x20
[ 1267.519031]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1267.523423]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1267.527996]  ? pgd_free+0x380/0x380
[ 1267.531732]  ? mark_held_locks+0x130/0x130
[ 1267.535954]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1267.540609]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1267.545783]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.551333]  ? check_preemption_disabled+0x48/0x200
[ 1267.556334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.561859]  ? check_preemption_disabled+0x48/0x200
[ 1267.567233]  ? debug_smp_processor_id+0x1c/0x20
[ 1267.571887]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1267.576798]  ? kasan_check_write+0x14/0x20
[ 1267.581051]  ? perf_trace_lock+0x7a0/0x7a0
[ 1267.585281]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1267.589765]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1267.594597]  ? __kasan_slab_free+0x119/0x150
[ 1267.598995]  ? pipe_read+0x702/0x940
[ 1267.602703]  _do_fork+0x1cb/0x11d0
[ 1267.606238]  ? fork_idle+0x1d0/0x1d0
[ 1267.609946]  ? kasan_check_read+0x11/0x20
[ 1267.614084]  ? _copy_to_user+0xc8/0x110
[ 1267.618048]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1267.623576]  ? compat_put_timespec64+0x110/0x280
[ 1267.628316]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1267.633075]  ? trace_hardirqs_on+0xbd/0x310
[ 1267.637401]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1267.642944]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1267.647529]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1267.652981]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1267.652998]  do_fast_syscall_32+0x34d/0xfb2
[ 1267.653014]  ? do_int80_syscall_32+0x890/0x890
[ 1267.666908]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1267.671849]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1267.676873]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1267.681822]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1267.686663]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1267.691664]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1267.696683]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1267.701513]  entry_SYSENTER_compat+0x70/0x7f
[ 1267.705905] RIP: 0023:0xf7f56ca9
[ 1267.709256] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1267.728449] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1267.736139] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1267.743389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1267.750641] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1267.757893] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1267.765147] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1267.773721] Memory limit reached of cgroup /syz4
[ 1267.778512] memory: usage 205152kB, limit 204800kB, failcnt 1582
[ 1267.785200] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1267.791941] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1267.798125] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1267.818445] Out of memory and no killable processes...
[ 1267.824456] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1267.837337] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1267.842448] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1267.849712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1267.859049] Call Trace:
[ 1267.861623]  dump_stack+0x1c4/0x2b4
[ 1267.865236]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1267.870421]  dump_header+0x27b/0xf72
[ 1267.874121]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1267.879902]  ? pagefault_out_of_memory+0x197/0x197
[ 1267.884819]  ? rcu_read_unlock+0x33/0x60
[ 1267.888863]  ? mem_cgroup_iter+0x514/0x1160
[ 1267.893173]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1267.897911]  ? css_task_iter_end+0x222/0x490
[ 1267.902305]  ? lock_downgrade+0x900/0x900
[ 1267.906440]  ? trace_hardirqs_on+0xbd/0x310
[ 1267.910743]  ? kasan_check_read+0x11/0x20
[ 1267.914877]  ? css_task_iter_end+0x222/0x490
[ 1267.919270]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1267.924705]  ? kasan_check_write+0x14/0x20
[ 1267.928924]  ? do_raw_spin_lock+0xc1/0x200
[ 1267.933166]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1267.937642]  ? css_task_iter_end+0x2ce/0x490
[ 1267.942031]  ? cgroup_procs_next+0x70/0x70
[ 1267.946253]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1267.950742]  ? oom_badness+0xaa0/0xaa0
[ 1267.954613]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1267.959479]  ? mem_cgroup_iter_break+0x30/0x30
[ 1267.964071]  ? cgroup_file_notify+0x226/0x2f0
[ 1267.968554]  out_of_memory.cold.30+0xf/0x184
[ 1267.972947]  ? kasan_check_read+0x11/0x20
[ 1267.977079]  ? oom_killer_disable+0x3a0/0x3a0
[ 1267.981559]  ? kasan_check_write+0x14/0x20
[ 1267.985784]  ? do_raw_spin_lock+0xc1/0x200
[ 1267.990010]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1267.994841]  ? memcg_memory_event+0x40/0x40
[ 1267.999144]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1268.003972]  ? page_counter_try_charge+0x1c1/0x220
[ 1268.008880]  try_charge+0xc43/0x1690
[ 1268.012590]  ? lock_downgrade+0x900/0x900
[ 1268.016727]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1268.022777]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1268.028299]  ? should_fail+0x22d/0xd01
[ 1268.032171]  ? percpu_ref_tryget_live+0x168/0x460
[ 1268.036998]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1268.041823]  ? lock_downgrade+0x900/0x900
[ 1268.045973]  ? lock_release+0x970/0x970
[ 1268.049936]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1268.055721]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.061243]  ? check_preemption_disabled+0x48/0x200
[ 1268.066242]  ? debug_smp_processor_id+0x1c/0x20
[ 1268.070907]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1268.075822]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1268.080662]  ? fs_reclaim_acquire+0x20/0x20
[ 1268.084982]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1268.089644]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1268.094130]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1268.100171]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.105691]  memcg_kmem_charge+0x135/0x300
[ 1268.109921]  __alloc_pages_nodemask+0x72e/0xde0
[ 1268.114575]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1268.119573]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.125102]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1268.130101]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1268.134862]  ? modules_open+0xa0/0xa0
[ 1268.138650]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1268.144183]  alloc_pages_current+0x10c/0x210
[ 1268.148580]  get_zeroed_page+0x14/0x50
[ 1268.152454]  __pud_alloc+0x3b/0x240
[ 1268.156065]  pud_alloc+0xe1/0x150
[ 1268.159501]  copy_page_range+0x439/0x26b0
[ 1268.163637]  ? rb_insert_color_cached+0x14b0/0x14b0
[ 1268.168636]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.174155]  ? check_preemption_disabled+0x48/0x200
[ 1268.179156]  ? mark_held_locks+0x130/0x130
[ 1268.183376]  ? perf_trace_lock+0x7a0/0x7a0
[ 1268.187592]  ? pmd_alloc+0x180/0x180
[ 1268.191302]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.197516]  ? check_preemption_disabled+0x48/0x200
[ 1268.203040]  ? kasan_kmalloc+0xc7/0xe0
[ 1268.206912]  ? debug_smp_processor_id+0x1c/0x20
[ 1268.211564]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1268.216479]  ? perf_trace_lock+0x7a0/0x7a0
[ 1268.220696]  ? lock_release+0x970/0x970
[ 1268.224653]  ? anon_vma_fork+0x5ef/0x820
[ 1268.228698]  ? lock_downgrade+0x900/0x900
[ 1268.233701]  ? arch_local_save_flags+0x40/0x40
[ 1268.239044]  ? percpu_ref_put_many+0x13e/0x260
[ 1268.243608]  ? trace_hardirqs_on+0xbd/0x310
[ 1268.247913]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1268.253262]  ? copy_process+0x454b/0x8780
[ 1268.257410]  ? lock_downgrade+0x900/0x900
[ 1268.261545]  ? lock_release+0x970/0x970
[ 1268.265501]  ? arch_local_save_flags+0x40/0x40
[ 1268.270076]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1268.275681]  ? vma_compute_subtree_gap+0x160/0x240
[ 1268.281496]  ? validate_mm_rb+0xaa/0xc0
[ 1268.285457]  ? __vma_link_rb+0x26c/0x370
[ 1268.289509]  copy_process+0x4721/0x8780
[ 1268.293483]  ? __cleanup_sighand+0x70/0x70
[ 1268.297699]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1268.302037]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1268.307557]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1268.313077]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1268.317395]  ? page_swapcount+0x1d0/0x1d0
[ 1268.321528]  ? trace_hardirqs_off+0xb8/0x310
[ 1268.325915]  ? kasan_check_read+0x11/0x20
[ 1268.330057]  ? trace_hardirqs_on+0x310/0x310
[ 1268.334450]  ? rcu_read_lock+0x70/0x70
[ 1268.338322]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1268.343407]  ? try_to_wake_up+0x10a/0x12f0
[ 1268.348761]  ? migrate_swap_stop+0x930/0x930
[ 1268.354035]  ? perf_trace_lock+0x7a0/0x7a0
[ 1268.358324]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.363846]  ? check_preemption_disabled+0x48/0x200
[ 1268.368854]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.374372]  ? reuse_swap_page+0x4bd/0x1520
[ 1268.378698]  ? swp_swapcount+0x530/0x530
[ 1268.382750]  ? mark_held_locks+0x130/0x130
[ 1268.386966]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.392487]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1268.397399]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1268.402498]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.408025]  ? ep_poll_callback+0x527/0x10e0
[ 1268.412416]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.417940]  ? check_preemption_disabled+0x48/0x200
[ 1268.422943]  ? mark_held_locks+0x130/0x130
[ 1268.427159]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1268.432072]  ? perf_trace_lock+0x7a0/0x7a0
[ 1268.436291]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.441810]  ? check_preemption_disabled+0x48/0x200
[ 1268.446807]  ? check_preemption_disabled+0x48/0x200
[ 1268.451809]  ? debug_smp_processor_id+0x1c/0x20
[ 1268.456462]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1268.461981]  ? page_move_anon_rmap+0x33f/0x620
[ 1268.466551]  ? lock_downgrade+0x900/0x900
[ 1268.470681]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1268.474984]  ? kasan_check_read+0x11/0x20
[ 1268.479116]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1268.483511]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1268.488072]  ? pgd_free+0x380/0x380
[ 1268.491683]  ? mark_held_locks+0x130/0x130
[ 1268.495904]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1268.501061]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1268.506238]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.511763]  ? check_preemption_disabled+0x48/0x200
[ 1268.516763]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.522281]  ? check_preemption_disabled+0x48/0x200
[ 1268.527281]  ? debug_smp_processor_id+0x1c/0x20
[ 1268.531951]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1268.536867]  ? kasan_check_write+0x14/0x20
[ 1268.541096]  ? perf_trace_lock+0x7a0/0x7a0
[ 1268.545322]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1268.549802]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1268.554625]  ? __kasan_slab_free+0x119/0x150
[ 1268.559029]  ? pipe_read+0x702/0x940
[ 1268.562743]  _do_fork+0x1cb/0x11d0
[ 1268.566279]  ? fork_idle+0x1d0/0x1d0
[ 1268.569980]  ? kasan_check_read+0x11/0x20
[ 1268.574110]  ? _copy_to_user+0xc8/0x110
[ 1268.578070]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1268.583590]  ? compat_put_timespec64+0x110/0x280
[ 1268.588341]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1268.593083]  ? trace_hardirqs_on+0xbd/0x310
[ 1268.597391]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1268.602912]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1268.607494]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1268.612933]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1268.617933]  do_fast_syscall_32+0x34d/0xfb2
[ 1268.622238]  ? do_int80_syscall_32+0x890/0x890
[ 1268.626800]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1268.631369]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1268.636366]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1268.641192]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1268.646017]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1268.651115]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1268.656116]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1268.660942]  entry_SYSENTER_compat+0x70/0x7f
[ 1268.665333] RIP: 0023:0xf7f56ca9
[ 1268.668683] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1268.688695] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1268.696771] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1268.704038] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1268.711287] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1268.718538] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1268.725788] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1268.733458] Memory limit reached of cgroup /syz4
[ 1268.738632] memory: usage 205156kB, limit 204800kB, failcnt 1590
[ 1268.744824] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1268.751572] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1268.757754] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1268.778020] Out of memory and no killable processes...
[ 1268.784019] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1268.796895] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1268.802009] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1268.809261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1268.819218] Call Trace:
[ 1268.821797]  dump_stack+0x1c4/0x2b4
[ 1268.825421]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1268.830612]  dump_header+0x27b/0xf72
[ 1268.834313]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1268.840106]  ? pagefault_out_of_memory+0x197/0x197
[ 1268.845019]  ? rcu_read_unlock+0x33/0x60
[ 1268.849062]  ? mem_cgroup_iter+0x514/0x1160
[ 1268.853371]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1268.858109]  ? css_task_iter_end+0x222/0x490
[ 1268.862518]  ? lock_downgrade+0x900/0x900
[ 1268.866656]  ? trace_hardirqs_on+0xbd/0x310
[ 1268.870960]  ? kasan_check_read+0x11/0x20
[ 1268.875093]  ? css_task_iter_end+0x222/0x490
[ 1268.879747]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1268.885179]  ? kasan_check_write+0x14/0x20
[ 1268.889655]  ? do_raw_spin_lock+0xc1/0x200
[ 1268.894049]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1268.898527]  ? css_task_iter_end+0x2ce/0x490
[ 1268.902920]  ? cgroup_procs_next+0x70/0x70
[ 1268.907136]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1268.911614]  ? oom_badness+0xaa0/0xaa0
[ 1268.915487]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1268.920228]  ? mem_cgroup_iter_break+0x30/0x30
[ 1268.924799]  ? cgroup_file_notify+0x226/0x2f0
[ 1268.929278]  out_of_memory.cold.30+0xf/0x184
[ 1268.933669]  ? kasan_check_read+0x11/0x20
[ 1268.937801]  ? oom_killer_disable+0x3a0/0x3a0
[ 1268.942277]  ? kasan_check_write+0x14/0x20
[ 1268.946497]  ? do_raw_spin_lock+0xc1/0x200
[ 1268.950725]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1268.955548]  ? memcg_memory_event+0x40/0x40
[ 1268.959849]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1268.964679]  ? page_counter_try_charge+0x1c1/0x220
[ 1268.969611]  try_charge+0xc43/0x1690
[ 1268.973310]  ? lock_downgrade+0x900/0x900
[ 1268.977445]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1268.983850]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1268.989372]  ? should_fail+0x22d/0xd01
[ 1268.993256]  ? percpu_ref_tryget_live+0x168/0x460
[ 1268.998082]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1269.002917]  ? lock_downgrade+0x900/0x900
[ 1269.007046]  ? lock_release+0x970/0x970
[ 1269.011009]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1269.016790]  ? lock_release+0x970/0x970
[ 1269.020751]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1269.025576]  ? fs_reclaim_acquire+0x20/0x20
[ 1269.029885]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1269.034535]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1269.039112]  memcg_kmem_charge+0x135/0x300
[ 1269.043330]  __alloc_pages_nodemask+0x72e/0xde0
[ 1269.047985]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1269.053679]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.059211]  ? lock_downgrade+0x900/0x900
[ 1269.063343]  ? kasan_check_read+0x11/0x20
[ 1269.067906]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1269.072298]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1269.076862]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1269.082399]  alloc_pages_current+0x10c/0x210
[ 1269.086792]  __pmd_alloc+0x3e/0x450
[ 1269.090422]  ? __pmd+0x60/0x60
[ 1269.093597]  pmd_alloc+0x10f/0x180
[ 1269.097120]  copy_page_range+0x6cf/0x26b0
[ 1269.101250]  ? rb_insert_color_cached+0x14b0/0x14b0
[ 1269.106251]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.111772]  ? check_preemption_disabled+0x48/0x200
[ 1269.116771]  ? mark_held_locks+0x130/0x130
[ 1269.120994]  ? pmd_alloc+0x180/0x180
[ 1269.124697]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.130219]  ? check_preemption_disabled+0x48/0x200
[ 1269.135213]  ? kasan_kmalloc+0xc7/0xe0
[ 1269.139083]  ? debug_smp_processor_id+0x1c/0x20
[ 1269.143734]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1269.148647]  ? perf_trace_lock+0x7a0/0x7a0
[ 1269.153655]  ? lock_release+0x970/0x970
[ 1269.159355]  ? anon_vma_fork+0x5ef/0x820
[ 1269.164528]  ? lock_downgrade+0x900/0x900
[ 1269.170485]  ? arch_local_save_flags+0x40/0x40
[ 1269.177117]  ? percpu_ref_put_many+0x13e/0x260
[ 1269.182379]  ? trace_hardirqs_on+0xbd/0x310
[ 1269.186698]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1269.192047]  ? copy_process+0x454b/0x8780
[ 1269.196177]  ? lock_downgrade+0x900/0x900
[ 1269.200309]  ? lock_release+0x970/0x970
[ 1269.204269]  ? arch_local_save_flags+0x40/0x40
[ 1269.208838]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1269.213834]  ? vma_compute_subtree_gap+0x160/0x240
[ 1269.218746]  ? validate_mm_rb+0xaa/0xc0
[ 1269.222705]  ? __vma_link_rb+0x26c/0x370
[ 1269.226752]  copy_process+0x4721/0x8780
[ 1269.230719]  ? __cleanup_sighand+0x70/0x70
[ 1269.234938]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1269.239257]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1269.244783]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1269.250388]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1269.254696]  ? page_swapcount+0x1d0/0x1d0
[ 1269.258829]  ? trace_hardirqs_off+0xb8/0x310
[ 1269.263220]  ? kasan_check_read+0x11/0x20
[ 1269.267350]  ? trace_hardirqs_on+0x310/0x310
[ 1269.271741]  ? rcu_read_lock+0x70/0x70
[ 1269.275627]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1269.280713]  ? try_to_wake_up+0x10a/0x12f0
[ 1269.284931]  ? migrate_swap_stop+0x930/0x930
[ 1269.289324]  ? perf_trace_lock+0x7a0/0x7a0
[ 1269.293558]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.299078]  ? check_preemption_disabled+0x48/0x200
[ 1269.304088]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.309716]  ? reuse_swap_page+0x4bd/0x1520
[ 1269.314109]  ? swp_swapcount+0x530/0x530
[ 1269.318157]  ? mark_held_locks+0x130/0x130
[ 1269.322372]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.327892]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1269.332893]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1269.337979]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.343594]  ? ep_poll_callback+0x527/0x10e0
[ 1269.347986]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.353508]  ? check_preemption_disabled+0x48/0x200
[ 1269.359962]  ? mark_held_locks+0x130/0x130
[ 1269.364351]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1269.369265]  ? perf_trace_lock+0x7a0/0x7a0
[ 1269.373483]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.379002]  ? check_preemption_disabled+0x48/0x200
[ 1269.384003]  ? check_preemption_disabled+0x48/0x200
[ 1269.389037]  ? debug_smp_processor_id+0x1c/0x20
[ 1269.393713]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1269.399231]  ? page_move_anon_rmap+0x33f/0x620
[ 1269.403800]  ? lock_downgrade+0x900/0x900
[ 1269.407932]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1269.412238]  ? kasan_check_read+0x11/0x20
[ 1269.416374]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1269.420767]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1269.425332]  ? pgd_free+0x380/0x380
[ 1269.428946]  ? mark_held_locks+0x130/0x130
[ 1269.433167]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1269.437818]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1269.443009]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.448530]  ? check_preemption_disabled+0x48/0x200
[ 1269.453528]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.459046]  ? check_preemption_disabled+0x48/0x200
[ 1269.464047]  ? debug_smp_processor_id+0x1c/0x20
[ 1269.468711]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1269.474577]  ? kasan_check_write+0x14/0x20
[ 1269.480271]  ? perf_trace_lock+0x7a0/0x7a0
[ 1269.484489]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1269.488970]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1269.493793]  ? __kasan_slab_free+0x119/0x150
[ 1269.498187]  ? pipe_read+0x702/0x940
[ 1269.501891]  _do_fork+0x1cb/0x11d0
[ 1269.505413]  ? fork_idle+0x1d0/0x1d0
[ 1269.509122]  ? kasan_check_read+0x11/0x20
[ 1269.513254]  ? _copy_to_user+0xc8/0x110
[ 1269.517215]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1269.522908]  ? compat_put_timespec64+0x110/0x280
[ 1269.527647]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1269.532405]  ? trace_hardirqs_on+0xbd/0x310
[ 1269.536715]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1269.542235]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1269.547152]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1269.552943]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1269.557945]  do_fast_syscall_32+0x34d/0xfb2
[ 1269.562437]  ? do_int80_syscall_32+0x890/0x890
[ 1269.567871]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1269.572441]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1269.577442]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1269.582380]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1269.587204]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1269.592290]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1269.597293]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1269.602132]  entry_SYSENTER_compat+0x70/0x7f
[ 1269.606519] RIP: 0023:0xf7f56ca9
[ 1269.609869] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1269.628760] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1269.636453] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1269.643711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1269.650960] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1269.658210] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1269.665461] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1269.674841] Memory limit reached of cgroup /syz4
[ 1269.679643] memory: usage 205012kB, limit 204800kB, failcnt 1598
[ 1269.685827] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1269.692569] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1269.698788] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1269.718991] Out of memory and no killable processes...
[ 1269.724996] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1269.738389] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1269.743562] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1269.750828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1269.760159] Call Trace:
[ 1269.762732]  dump_stack+0x1c4/0x2b4
[ 1269.766356]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1269.771532]  dump_header+0x27b/0xf72
[ 1269.775235]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1269.781028]  ? pagefault_out_of_memory+0x197/0x197
[ 1269.785940]  ? rcu_read_unlock+0x33/0x60
[ 1269.789981]  ? mem_cgroup_iter+0x514/0x1160
[ 1269.794285]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1269.799023]  ? css_task_iter_end+0x222/0x490
[ 1269.803417]  ? lock_downgrade+0x900/0x900
[ 1269.807552]  ? trace_hardirqs_on+0xbd/0x310
[ 1269.811852]  ? kasan_check_read+0x11/0x20
[ 1269.815982]  ? css_task_iter_end+0x222/0x490
[ 1269.820373]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1269.825807]  ? kasan_check_write+0x14/0x20
[ 1269.830025]  ? do_raw_spin_lock+0xc1/0x200
[ 1269.834254]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1269.838745]  ? css_task_iter_end+0x2ce/0x490
[ 1269.843152]  ? cgroup_procs_next+0x70/0x70
[ 1269.847369]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1269.851847]  ? oom_badness+0xaa0/0xaa0
[ 1269.855720]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1269.860473]  ? mem_cgroup_iter_break+0x30/0x30
[ 1269.865044]  ? cgroup_file_notify+0x226/0x2f0
[ 1269.869524]  out_of_memory.cold.30+0xf/0x184
[ 1269.873938]  ? kasan_check_read+0x11/0x20
[ 1269.878420]  ? oom_killer_disable+0x3a0/0x3a0
[ 1269.882904]  ? kasan_check_write+0x14/0x20
[ 1269.887123]  ? do_raw_spin_lock+0xc1/0x200
[ 1269.891343]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1269.896180]  ? memcg_memory_event+0x40/0x40
[ 1269.900495]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1269.905322]  ? page_counter_try_charge+0x1c1/0x220
[ 1269.910233]  try_charge+0xc43/0x1690
[ 1269.913928]  ? lock_downgrade+0x900/0x900
[ 1269.918061]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1269.924101]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1269.929637]  ? should_fail+0x22d/0xd01
[ 1269.933511]  ? percpu_ref_tryget_live+0x168/0x460
[ 1269.938336]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1269.943159]  ? lock_downgrade+0x900/0x900
[ 1269.947287]  ? lock_release+0x970/0x970
[ 1269.951247]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1269.957201]  ? __kernel_text_address+0xd/0x40
[ 1269.961679]  ? unwind_get_return_address+0x61/0xa0
[ 1269.966596]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1269.971432]  ? fs_reclaim_acquire+0x20/0x20
[ 1269.975738]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1269.981268]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1269.985749]  ? perf_trace_lock+0x7a0/0x7a0
[ 1269.989966]  memcg_kmem_charge+0x135/0x300
[ 1269.994359]  __alloc_pages_nodemask+0x72e/0xde0
[ 1269.999013]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1270.004009]  ? fs_reclaim_acquire+0x20/0x20
[ 1270.008315]  ? lock_downgrade+0x900/0x900
[ 1270.013146]  ? lock_downgrade+0x900/0x900
[ 1270.017279]  ? kasan_check_read+0x11/0x20
[ 1270.021432]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1270.025824]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1270.030396]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1270.035923]  alloc_pages_current+0x10c/0x210
[ 1270.040318]  pte_alloc_one+0x1b/0x1a0
[ 1270.044101]  __pte_alloc+0x2a/0x350
[ 1270.047712]  copy_page_range+0x18c5/0x26b0
[ 1270.051932]  ? rb_insert_color_cached+0x14b0/0x14b0
[ 1270.056949]  ? check_preemption_disabled+0x48/0x200
[ 1270.061955]  ? pmd_alloc+0x180/0x180
[ 1270.065665]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.071184]  ? check_preemption_disabled+0x48/0x200
[ 1270.076183]  ? kasan_kmalloc+0xc7/0xe0
[ 1270.080054]  ? debug_smp_processor_id+0x1c/0x20
[ 1270.084705]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1270.089629]  ? perf_trace_lock+0x7a0/0x7a0
[ 1270.093845]  ? lock_release+0x970/0x970
[ 1270.097802]  ? anon_vma_fork+0x5ef/0x820
[ 1270.101847]  ? lock_downgrade+0x900/0x900
[ 1270.105979]  ? arch_local_save_flags+0x40/0x40
[ 1270.110542]  ? percpu_ref_put_many+0x13e/0x260
[ 1270.115107]  ? trace_hardirqs_on+0xbd/0x310
[ 1270.119511]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1270.124861]  ? copy_process+0x454b/0x8780
[ 1270.128991]  ? lock_downgrade+0x900/0x900
[ 1270.133124]  ? lock_release+0x970/0x970
[ 1270.137080]  ? arch_local_save_flags+0x40/0x40
[ 1270.141662]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1270.146754]  ? vma_compute_subtree_gap+0x160/0x240
[ 1270.151663]  ? validate_mm_rb+0xaa/0xc0
[ 1270.155625]  ? __vma_link_rb+0x26c/0x370
[ 1270.159671]  copy_process+0x4721/0x8780
[ 1270.163651]  ? __cleanup_sighand+0x70/0x70
[ 1270.167869]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1270.172180]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1270.177700]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1270.183220]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1270.187540]  ? page_swapcount+0x1d0/0x1d0
[ 1270.191677]  ? trace_hardirqs_off+0xb8/0x310
[ 1270.196078]  ? kasan_check_read+0x11/0x20
[ 1270.200208]  ? trace_hardirqs_on+0x310/0x310
[ 1270.204603]  ? rcu_read_lock+0x70/0x70
[ 1270.208473]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1270.213555]  ? try_to_wake_up+0x10a/0x12f0
[ 1270.217795]  ? migrate_swap_stop+0x930/0x930
[ 1270.222189]  ? perf_trace_lock+0x7a0/0x7a0
[ 1270.226413]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.232020]  ? check_preemption_disabled+0x48/0x200
[ 1270.237027]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.242631]  ? reuse_swap_page+0x4bd/0x1520
[ 1270.246940]  ? swp_swapcount+0x530/0x530
[ 1270.250991]  ? mark_held_locks+0x130/0x130
[ 1270.255209]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.260731]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1270.265639]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1270.270724]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.276255]  ? ep_poll_callback+0x527/0x10e0
[ 1270.280648]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.286178]  ? check_preemption_disabled+0x48/0x200
[ 1270.291178]  ? mark_held_locks+0x130/0x130
[ 1270.295393]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1270.300306]  ? perf_trace_lock+0x7a0/0x7a0
[ 1270.304523]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.310042]  ? check_preemption_disabled+0x48/0x200
[ 1270.315040]  ? check_preemption_disabled+0x48/0x200
[ 1270.320040]  ? debug_smp_processor_id+0x1c/0x20
[ 1270.324691]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1270.330218]  ? page_move_anon_rmap+0x33f/0x620
[ 1270.334790]  ? lock_downgrade+0x900/0x900
[ 1270.338944]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1270.343252]  ? kasan_check_read+0x11/0x20
[ 1270.347382]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1270.351773]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1270.356338]  ? pgd_free+0x380/0x380
[ 1270.360214]  ? mark_held_locks+0x130/0x130
[ 1270.366084]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1270.371704]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1270.376879]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.382401]  ? check_preemption_disabled+0x48/0x200
[ 1270.387398]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.392915]  ? check_preemption_disabled+0x48/0x200
[ 1270.397927]  ? debug_smp_processor_id+0x1c/0x20
[ 1270.402577]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1270.407505]  ? kasan_check_write+0x14/0x20
[ 1270.411733]  ? perf_trace_lock+0x7a0/0x7a0
[ 1270.416066]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1270.420545]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1270.425367]  ? __kasan_slab_free+0x119/0x150
[ 1270.429760]  ? pipe_read+0x702/0x940
[ 1270.433476]  _do_fork+0x1cb/0x11d0
[ 1270.437091]  ? fork_idle+0x1d0/0x1d0
[ 1270.440879]  ? kasan_check_read+0x11/0x20
[ 1270.445015]  ? _copy_to_user+0xc8/0x110
[ 1270.448972]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1270.454495]  ? compat_put_timespec64+0x110/0x280
[ 1270.459233]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1270.463973]  ? trace_hardirqs_on+0xbd/0x310
[ 1270.468277]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.473796]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1270.478363]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1270.483799]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1270.490078]  do_fast_syscall_32+0x34d/0xfb2
[ 1270.495083]  ? do_int80_syscall_32+0x890/0x890
[ 1270.499653]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1270.504275]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1270.509294]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1270.514116]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1270.518940]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1270.523937]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1270.528938]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1270.534360]  entry_SYSENTER_compat+0x70/0x7f
[ 1270.538749] RIP: 0023:0xf7f56ca9
[ 1270.542111] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1270.560994] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1270.568682] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1270.575934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1270.583185] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1270.590435] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1270.597686] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1270.605191] Memory limit reached of cgroup /syz4
[ 1270.609972] memory: usage 205008kB, limit 204800kB, failcnt 1606
[ 1270.616145] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1270.622913] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1270.629036] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1270.649145] Out of memory and no killable processes...
[ 1270.655233] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1270.668084] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1270.673247] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1270.680511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1270.689852] Call Trace:
[ 1270.692450]  dump_stack+0x1c4/0x2b4
[ 1270.696090]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1270.701279]  dump_header+0x27b/0xf72
[ 1270.704982]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1270.710764]  ? pagefault_out_of_memory+0x197/0x197
[ 1270.715681]  ? rcu_read_unlock+0x33/0x60
[ 1270.719827]  ? mem_cgroup_iter+0x514/0x1160
[ 1270.724140]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1270.728878]  ? css_task_iter_end+0x222/0x490
[ 1270.733272]  ? lock_downgrade+0x900/0x900
[ 1270.737406]  ? trace_hardirqs_on+0xbd/0x310
[ 1270.741709]  ? kasan_check_read+0x11/0x20
[ 1270.745954]  ? css_task_iter_end+0x222/0x490
[ 1270.750364]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1270.755800]  ? kasan_check_write+0x14/0x20
[ 1270.760040]  ? do_raw_spin_lock+0xc1/0x200
[ 1270.764261]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1270.770040]  ? css_task_iter_end+0x2ce/0x490
[ 1270.774617]  ? cgroup_procs_next+0x70/0x70
[ 1270.778840]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1270.783317]  ? oom_badness+0xaa0/0xaa0
[ 1270.787395]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1270.792135]  ? mem_cgroup_iter_break+0x30/0x30
[ 1270.796705]  ? cgroup_file_notify+0x226/0x2f0
[ 1270.801183]  out_of_memory.cold.30+0xf/0x184
[ 1270.805580]  ? kasan_check_read+0x11/0x20
[ 1270.809711]  ? oom_killer_disable+0x3a0/0x3a0
[ 1270.814191]  ? kasan_check_write+0x14/0x20
[ 1270.818412]  ? do_raw_spin_lock+0xc1/0x200
[ 1270.822638]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1270.827463]  ? memcg_memory_event+0x40/0x40
[ 1270.831766]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1270.836594]  ? page_counter_try_charge+0x1c1/0x220
[ 1270.841510]  try_charge+0xc43/0x1690
[ 1270.845207]  ? lock_downgrade+0x900/0x900
[ 1270.849341]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1270.855384]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1270.860902]  ? should_fail+0x22d/0xd01
[ 1270.864775]  ? percpu_ref_tryget_live+0x168/0x460
[ 1270.869599]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1270.874423]  ? lock_downgrade+0x900/0x900
[ 1270.878573]  ? lock_release+0x970/0x970
[ 1270.882530]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1270.888325]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.894484]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1270.899314]  ? fs_reclaim_acquire+0x20/0x20
[ 1270.903620]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1270.908271]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1270.912748]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.918269]  ? check_preemption_disabled+0x48/0x200
[ 1270.923269]  memcg_kmem_charge+0x135/0x300
[ 1270.927598]  __alloc_pages_nodemask+0x72e/0xde0
[ 1270.933142]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1270.938173]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1270.943709]  ? check_preemption_disabled+0x48/0x200
[ 1270.948719]  ? mark_held_locks+0x130/0x130
[ 1270.952942]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1270.957858]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1270.962862]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1270.967603]  ? modules_open+0xa0/0xa0
[ 1270.971387]  ? is_bpf_text_address+0xac/0x170
[ 1270.975866]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1270.981387]  alloc_pages_current+0x10c/0x210
[ 1270.985779]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1270.991569]  pte_alloc_one+0x1b/0x1a0
[ 1270.995366]  __pte_alloc+0x2a/0x350
[ 1270.998978]  copy_page_range+0x18c5/0x26b0
[ 1271.003197]  ? rb_insert_color_cached+0x14b0/0x14b0
[ 1271.008200]  ? check_preemption_disabled+0x48/0x200
[ 1271.013208]  ? pmd_alloc+0x180/0x180
[ 1271.016910]  ? save_stack+0x43/0xd0
[ 1271.020519]  ? kasan_kmalloc+0xc7/0xe0
[ 1271.024390]  ? kasan_slab_alloc+0x12/0x20
[ 1271.028522]  ? kmem_cache_alloc+0x12e/0x730
[ 1271.032917]  ? anon_vma_fork+0x2c9/0x820
[ 1271.036958]  ? copy_process+0x47c7/0x8780
[ 1271.041089]  ? _do_fork+0x1cb/0x11d0
[ 1271.044784]  ? __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1271.049956]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1271.054432]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1271.058998]  ? percpu_ref_put_many+0x11c/0x260
[ 1271.063563]  ? lock_downgrade+0x900/0x900
[ 1271.067692]  ? lock_release+0x970/0x970
[ 1271.071651]  ? anon_vma_fork+0x5ef/0x820
[ 1271.075695]  ? lock_downgrade+0x900/0x900
[ 1271.079824]  ? lock_release+0x970/0x970
[ 1271.083779]  ? arch_local_save_flags+0x40/0x40
[ 1271.088347]  ? percpu_ref_put_many+0x13e/0x260
[ 1271.092913]  ? trace_hardirqs_on+0xbd/0x310
[ 1271.097217]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1271.102579]  ? up_write+0x7b/0x220
[ 1271.106098]  ? up_read+0x110/0x110
[ 1271.109632]  ? anon_vma_interval_tree_insert+0x2c9/0x370
[ 1271.115070]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1271.120064]  ? vma_compute_subtree_gap+0x160/0x240
[ 1271.124987]  ? validate_mm_rb+0xaa/0xc0
[ 1271.128942]  ? __vma_link_rb+0x26c/0x370
[ 1271.132993]  copy_process+0x4721/0x8780
[ 1271.136959]  ? __cleanup_sighand+0x70/0x70
[ 1271.141174]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1271.145481]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1271.150999]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1271.156515]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1271.160829]  ? page_swapcount+0x1d0/0x1d0
[ 1271.165090]  ? trace_hardirqs_off+0xb8/0x310
[ 1271.169481]  ? kasan_check_read+0x11/0x20
[ 1271.173618]  ? trace_hardirqs_on+0x310/0x310
[ 1271.178008]  ? rcu_read_lock+0x70/0x70
[ 1271.181881]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1271.186965]  ? try_to_wake_up+0x10a/0x12f0
[ 1271.191196]  ? migrate_swap_stop+0x930/0x930
[ 1271.195587]  ? perf_trace_lock+0x7a0/0x7a0
[ 1271.199815]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.205337]  ? check_preemption_disabled+0x48/0x200
[ 1271.210346]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.215865]  ? reuse_swap_page+0x4bd/0x1520
[ 1271.220172]  ? swp_swapcount+0x530/0x530
[ 1271.224215]  ? mark_held_locks+0x130/0x130
[ 1271.228431]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.233951]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1271.238859]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1271.244061]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.249591]  ? ep_poll_callback+0x527/0x10e0
[ 1271.253985]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.259505]  ? check_preemption_disabled+0x48/0x200
[ 1271.264529]  ? mark_held_locks+0x130/0x130
[ 1271.268744]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1271.273660]  ? perf_trace_lock+0x7a0/0x7a0
[ 1271.277879]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.283398]  ? check_preemption_disabled+0x48/0x200
[ 1271.288398]  ? check_preemption_disabled+0x48/0x200
[ 1271.293401]  ? debug_smp_processor_id+0x1c/0x20
[ 1271.298052]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1271.303577]  ? page_move_anon_rmap+0x33f/0x620
[ 1271.308145]  ? lock_downgrade+0x900/0x900
[ 1271.312275]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1271.316584]  ? kasan_check_read+0x11/0x20
[ 1271.320718]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1271.325112]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1271.329690]  ? pgd_free+0x380/0x380
[ 1271.333309]  ? mark_held_locks+0x130/0x130
[ 1271.337533]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1271.342199]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1271.347373]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.352892]  ? check_preemption_disabled+0x48/0x200
[ 1271.357893]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.363416]  ? check_preemption_disabled+0x48/0x200
[ 1271.368416]  ? debug_smp_processor_id+0x1c/0x20
[ 1271.373069]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1271.377981]  ? kasan_check_write+0x14/0x20
[ 1271.382200]  ? perf_trace_lock+0x7a0/0x7a0
[ 1271.386420]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1271.390903]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1271.395813]  ? __kasan_slab_free+0x119/0x150
[ 1271.400211]  ? pipe_read+0x702/0x940
[ 1271.403916]  _do_fork+0x1cb/0x11d0
[ 1271.407440]  ? fork_idle+0x1d0/0x1d0
[ 1271.411139]  ? kasan_check_read+0x11/0x20
[ 1271.415296]  ? _copy_to_user+0xc8/0x110
[ 1271.419255]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1271.424778]  ? compat_put_timespec64+0x110/0x280
[ 1271.429522]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1271.434263]  ? trace_hardirqs_on+0xbd/0x310
[ 1271.438573]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.444095]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1271.448659]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1271.454098]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1271.459102]  do_fast_syscall_32+0x34d/0xfb2
[ 1271.463410]  ? do_int80_syscall_32+0x890/0x890
[ 1271.467979]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1271.472542]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1271.477543]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1271.482369]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1271.487206]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1271.492206]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1271.497215]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1271.502055]  entry_SYSENTER_compat+0x70/0x7f
[ 1271.506447] RIP: 0023:0xf7f56ca9
[ 1271.509798] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1271.528776] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1271.536480] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1271.543738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1271.550989] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1271.558326] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1271.565588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1271.574363] Memory limit reached of cgroup /syz4
[ 1271.579186] memory: usage 204992kB, limit 204800kB, failcnt 1614
[ 1271.585868] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1271.592732] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1271.598905] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1271.619112] Out of memory and no killable processes...
[ 1271.625128] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1271.637990] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1271.643165] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1271.650418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1271.659749] Call Trace:
[ 1271.662326]  dump_stack+0x1c4/0x2b4
[ 1271.665945]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1271.671126]  dump_header+0x27b/0xf72
[ 1271.674829]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1271.680619]  ? pagefault_out_of_memory+0x197/0x197
[ 1271.685545]  ? rcu_read_unlock+0x33/0x60
[ 1271.689589]  ? mem_cgroup_iter+0x514/0x1160
[ 1271.693909]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1271.698660]  ? css_task_iter_end+0x222/0x490
[ 1271.703052]  ? lock_downgrade+0x900/0x900
[ 1271.707186]  ? trace_hardirqs_on+0xbd/0x310
[ 1271.711495]  ? kasan_check_read+0x11/0x20
[ 1271.715628]  ? css_task_iter_end+0x222/0x490
[ 1271.720020]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1271.726121]  ? kasan_check_write+0x14/0x20
[ 1271.730341]  ? do_raw_spin_lock+0xc1/0x200
[ 1271.734580]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1271.739060]  ? css_task_iter_end+0x2ce/0x490
[ 1271.743451]  ? cgroup_procs_next+0x70/0x70
[ 1271.747677]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1271.752154]  ? oom_badness+0xaa0/0xaa0
[ 1271.756024]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1271.760762]  ? mem_cgroup_iter_break+0x30/0x30
[ 1271.765330]  ? cgroup_file_notify+0x226/0x2f0
[ 1271.769915]  out_of_memory.cold.30+0xf/0x184
[ 1271.774315]  ? kasan_check_read+0x11/0x20
[ 1271.778447]  ? oom_killer_disable+0x3a0/0x3a0
[ 1271.782921]  ? kasan_check_write+0x14/0x20
[ 1271.787146]  ? do_raw_spin_lock+0xc1/0x200
[ 1271.791367]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1271.796190]  ? memcg_memory_event+0x40/0x40
[ 1271.800493]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1271.805334]  ? page_counter_try_charge+0x1c1/0x220
[ 1271.810267]  try_charge+0xc43/0x1690
[ 1271.813962]  ? lock_downgrade+0x900/0x900
[ 1271.818101]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1271.824146]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1271.829676]  ? should_fail+0x22d/0xd01
[ 1271.833547]  ? percpu_ref_tryget_live+0x168/0x460
[ 1271.838373]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1271.843199]  ? lock_downgrade+0x900/0x900
[ 1271.847330]  ? lock_release+0x970/0x970
[ 1271.851289]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1271.857184]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.862730]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1271.867559]  ? fs_reclaim_acquire+0x20/0x20
[ 1271.871866]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1271.876521]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1271.881002]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.886522]  ? check_preemption_disabled+0x48/0x200
[ 1271.891523]  memcg_kmem_charge+0x135/0x300
[ 1271.895759]  __alloc_pages_nodemask+0x72e/0xde0
[ 1271.900414]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1271.905414]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1271.910936]  ? check_preemption_disabled+0x48/0x200
[ 1271.915937]  ? mark_held_locks+0x130/0x130
[ 1271.920169]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1271.925085]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1271.930087]  ? bpf_prog_kallsyms_find+0xde/0x4a0
[ 1271.934826]  ? modules_open+0xa0/0xa0
[ 1271.938610]  ? is_bpf_text_address+0xac/0x170
[ 1271.943091]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1271.948614]  alloc_pages_current+0x10c/0x210
[ 1271.953007]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1271.958875]  pte_alloc_one+0x1b/0x1a0
[ 1271.962661]  __pte_alloc+0x2a/0x350
[ 1271.966274]  copy_page_range+0x18c5/0x26b0
[ 1271.970493]  ? rb_insert_color_cached+0x14b0/0x14b0
[ 1271.975497]  ? check_preemption_disabled+0x48/0x200
[ 1271.980506]  ? pmd_alloc+0x180/0x180
[ 1271.984202]  ? save_stack+0x43/0xd0
[ 1271.987809]  ? kasan_kmalloc+0xc7/0xe0
[ 1271.991675]  ? kasan_slab_alloc+0x12/0x20
[ 1271.995806]  ? kmem_cache_alloc+0x12e/0x730
[ 1272.000116]  ? anon_vma_fork+0x2c9/0x820
[ 1272.004165]  ? copy_process+0x47c7/0x8780
[ 1272.008296]  ? _do_fork+0x1cb/0x11d0
[ 1272.011991]  ? __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1272.017180]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1272.021660]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1272.026230]  ? percpu_ref_put_many+0x11c/0x260
[ 1272.030794]  ? lock_downgrade+0x900/0x900
[ 1272.034925]  ? lock_release+0x970/0x970
[ 1272.038882]  ? anon_vma_fork+0x5ef/0x820
[ 1272.042927]  ? lock_downgrade+0x900/0x900
[ 1272.047056]  ? lock_release+0x970/0x970
[ 1272.051012]  ? arch_local_save_flags+0x40/0x40
[ 1272.055576]  ? percpu_ref_put_many+0x13e/0x260
[ 1272.060139]  ? trace_hardirqs_on+0xbd/0x310
[ 1272.064443]  ? mem_cgroup_charge_statistics+0x780/0x780
[ 1272.069801]  ? up_write+0x7b/0x220
[ 1272.073323]  ? up_read+0x110/0x110
[ 1272.076845]  ? anon_vma_interval_tree_insert+0x2c9/0x370
[ 1272.082292]  ? anon_vma_fork+0x13c/0x820
[ 1272.086340]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1272.091338]  ? validate_mm_rb+0xaa/0xc0
[ 1272.095293]  ? __vma_link_rb+0x26c/0x370
[ 1272.099336]  copy_process+0x4721/0x8780
[ 1272.103303]  ? __cleanup_sighand+0x70/0x70
[ 1272.107521]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1272.111834]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1272.117359]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1272.122879]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1272.127199]  ? page_swapcount+0x1d0/0x1d0
[ 1272.131337]  ? trace_hardirqs_off+0xb8/0x310
[ 1272.135742]  ? kasan_check_read+0x11/0x20
[ 1272.139874]  ? trace_hardirqs_on+0x310/0x310
[ 1272.144267]  ? rcu_read_lock+0x70/0x70
[ 1272.148143]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1272.153229]  ? try_to_wake_up+0x10a/0x12f0
[ 1272.157454]  ? migrate_swap_stop+0x930/0x930
[ 1272.161847]  ? perf_trace_lock+0x7a0/0x7a0
[ 1272.166073]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.171592]  ? check_preemption_disabled+0x48/0x200
[ 1272.176615]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.182133]  ? reuse_swap_page+0x4bd/0x1520
[ 1272.186452]  ? swp_swapcount+0x530/0x530
[ 1272.190503]  ? mark_held_locks+0x130/0x130
[ 1272.194732]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.200265]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1272.205176]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1272.210265]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.215791]  ? ep_poll_callback+0x527/0x10e0
[ 1272.220181]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.225701]  ? check_preemption_disabled+0x48/0x200
[ 1272.230705]  ? mark_held_locks+0x130/0x130
[ 1272.234925]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1272.239844]  ? perf_trace_lock+0x7a0/0x7a0
[ 1272.244066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.249585]  ? check_preemption_disabled+0x48/0x200
[ 1272.254583]  ? check_preemption_disabled+0x48/0x200
[ 1272.259582]  ? debug_smp_processor_id+0x1c/0x20
[ 1272.264234]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1272.269756]  ? page_move_anon_rmap+0x33f/0x620
[ 1272.274328]  ? lock_downgrade+0x900/0x900
[ 1272.278465]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1272.282770]  ? kasan_check_read+0x11/0x20
[ 1272.286900]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1272.291294]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1272.295859]  ? pgd_free+0x380/0x380
[ 1272.299476]  ? mark_held_locks+0x130/0x130
[ 1272.303695]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1272.308466]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1272.313639]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.319163]  ? check_preemption_disabled+0x48/0x200
[ 1272.324160]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.329680]  ? check_preemption_disabled+0x48/0x200
[ 1272.334680]  ? debug_smp_processor_id+0x1c/0x20
[ 1272.339332]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1272.344243]  ? kasan_check_write+0x14/0x20
[ 1272.348459]  ? perf_trace_lock+0x7a0/0x7a0
[ 1272.352692]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1272.357177]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1272.362013]  ? __kasan_slab_free+0x119/0x150
[ 1272.366413]  ? pipe_read+0x702/0x940
[ 1272.370127]  _do_fork+0x1cb/0x11d0
[ 1272.373654]  ? fork_idle+0x1d0/0x1d0
[ 1272.377355]  ? kasan_check_read+0x11/0x20
[ 1272.381484]  ? _copy_to_user+0xc8/0x110
[ 1272.385449]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1272.390967]  ? compat_put_timespec64+0x110/0x280
[ 1272.395711]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1272.400455]  ? trace_hardirqs_on+0xbd/0x310
[ 1272.404762]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.410293]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1272.414858]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1272.420296]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1272.425300]  do_fast_syscall_32+0x34d/0xfb2
[ 1272.429607]  ? do_int80_syscall_32+0x890/0x890
[ 1272.434170]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1272.438737]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1272.443736]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1272.448561]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1272.453385]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1272.458385]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1272.463388]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1272.468220]  entry_SYSENTER_compat+0x70/0x7f
[ 1272.472610] RIP: 0023:0xf7f56ca9
[ 1272.475973] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1272.494942] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1272.502644] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1272.509898] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1272.517158] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1272.524426] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1272.531677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1272.539217] Memory limit reached of cgroup /syz4
[ 1272.544048] memory: usage 204952kB, limit 204800kB, failcnt 1622
[ 1272.550222] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1272.557017] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1272.563187] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1272.583399] Out of memory and no killable processes...
[ 1272.589372] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1272.602257] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1272.607440] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1272.614694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1272.624029] Call Trace:
[ 1272.626603]  dump_stack+0x1c4/0x2b4
[ 1272.630214]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1272.635388]  dump_header+0x27b/0xf72
[ 1272.639095]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1272.644877]  ? pagefault_out_of_memory+0x197/0x197
[ 1272.649800]  ? rcu_read_unlock+0x33/0x60
[ 1272.653879]  ? mem_cgroup_iter+0x514/0x1160
[ 1272.658192]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1272.662930]  ? css_task_iter_end+0x222/0x490
[ 1272.667321]  ? lock_downgrade+0x900/0x900
[ 1272.671466]  ? trace_hardirqs_on+0xbd/0x310
[ 1272.675771]  ? kasan_check_read+0x11/0x20
[ 1272.679905]  ? css_task_iter_end+0x222/0x490
[ 1272.684295]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1272.689727]  ? kasan_check_write+0x14/0x20
[ 1272.693943]  ? do_raw_spin_lock+0xc1/0x200
[ 1272.698177]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1272.702657]  ? css_task_iter_end+0x2ce/0x490
[ 1272.707062]  ? cgroup_procs_next+0x70/0x70
[ 1272.711280]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1272.715757]  ? oom_badness+0xaa0/0xaa0
[ 1272.719635]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1272.724377]  ? mem_cgroup_iter_break+0x30/0x30
[ 1272.728959]  ? cgroup_file_notify+0x226/0x2f0
[ 1272.733437]  out_of_memory.cold.30+0xf/0x184
[ 1272.737827]  ? kasan_check_read+0x11/0x20
[ 1272.741974]  ? oom_killer_disable+0x3a0/0x3a0
[ 1272.746451]  ? kasan_check_write+0x14/0x20
[ 1272.750671]  ? do_raw_spin_lock+0xc1/0x200
[ 1272.754891]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1272.759716]  ? memcg_memory_event+0x40/0x40
[ 1272.764018]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1272.768846]  ? page_counter_try_charge+0x1c1/0x220
[ 1272.773759]  try_charge+0xc43/0x1690
[ 1272.777453]  ? lock_downgrade+0x900/0x900
[ 1272.781588]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1272.787632]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1272.793171]  ? should_fail+0x22d/0xd01
[ 1272.797046]  ? percpu_ref_tryget_live+0x168/0x460
[ 1272.801872]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1272.806701]  ? lock_downgrade+0x900/0x900
[ 1272.810832]  ? lock_release+0x970/0x970
[ 1272.814794]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1272.820580]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1272.825410]  ? fs_reclaim_acquire+0x20/0x20
[ 1272.829713]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1272.834363]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1272.838844]  memcg_kmem_charge+0x135/0x300
[ 1272.843075]  __alloc_pages_nodemask+0x72e/0xde0
[ 1272.847729]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1272.852731]  ? perf_trace_lock+0x7a0/0x7a0
[ 1272.856951]  ? mark_held_locks+0x130/0x130
[ 1272.861255]  ? debug_smp_processor_id+0x1c/0x20
[ 1272.865903]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1272.870922]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1272.875919]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1272.881525]  alloc_pages_current+0x10c/0x210
[ 1272.885921]  __pmd_alloc+0x3e/0x450
[ 1272.889528]  ? __pmd+0x60/0x60
[ 1272.893265]  pmd_alloc+0x10f/0x180
[ 1272.896790]  copy_page_range+0x6cf/0x26b0
[ 1272.900923]  ? rcu_bh_qs+0xc0/0xc0
[ 1272.904448]  ? vma_compute_subtree_gap+0x160/0x240
[ 1272.909398]  ? unwind_get_return_address+0x61/0xa0
[ 1272.914335]  ? __save_stack_trace+0x8d/0xf0
[ 1272.918640]  ? pmd_alloc+0x180/0x180
[ 1272.922340]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1272.927860]  ? check_preemption_disabled+0x48/0x200
[ 1272.932859]  ? debug_smp_processor_id+0x1c/0x20
[ 1272.937620]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1272.942529]  ? save_stack+0x43/0xd0
[ 1272.946140]  ? kasan_kmalloc+0xc7/0xe0
[ 1272.950011]  ? kasan_slab_alloc+0x12/0x20
[ 1272.954159]  ? perf_trace_lock+0x7a0/0x7a0
[ 1272.958396]  ? percpu_ref_put_many+0x11c/0x260
[ 1272.962972]  ? lock_downgrade+0x900/0x900
[ 1272.967114]  ? lock_release+0x970/0x970
[ 1272.971083]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1272.975735]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1272.980995]  ? lock_downgrade+0x900/0x900
[ 1272.985128]  ? copy_process+0x454b/0x8780
[ 1272.989260]  ? lock_downgrade+0x900/0x900
[ 1272.993503]  ? lock_release+0x970/0x970
[ 1272.997460]  ? arch_local_save_flags+0x40/0x40
[ 1273.002038]  ? dup_userfaultfd+0x6d8/0x890
[ 1273.006263]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1273.011259]  ? vma_compute_subtree_gap+0x160/0x240
[ 1273.016170]  ? validate_mm_rb+0xaa/0xc0
[ 1273.020127]  ? __vma_link_rb+0x26c/0x370
[ 1273.024174]  copy_process+0x4721/0x8780
[ 1273.028147]  ? __cleanup_sighand+0x70/0x70
[ 1273.032365]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1273.036680]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1273.042201]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1273.047719]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1273.052122]  ? page_swapcount+0x1d0/0x1d0
[ 1273.056258]  ? trace_hardirqs_off+0xb8/0x310
[ 1273.060646]  ? kasan_check_read+0x11/0x20
[ 1273.064778]  ? trace_hardirqs_on+0x310/0x310
[ 1273.069167]  ? rcu_read_lock+0x70/0x70
[ 1273.073041]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1273.078126]  ? try_to_wake_up+0x10a/0x12f0
[ 1273.082359]  ? migrate_swap_stop+0x930/0x930
[ 1273.086758]  ? perf_trace_lock+0x7a0/0x7a0
[ 1273.090978]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.096496]  ? check_preemption_disabled+0x48/0x200
[ 1273.101504]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.107022]  ? reuse_swap_page+0x4bd/0x1520
[ 1273.111342]  ? swp_swapcount+0x530/0x530
[ 1273.115400]  ? mark_held_locks+0x130/0x130
[ 1273.119619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.125145]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1273.130057]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1273.135151]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.140756]  ? ep_poll_callback+0x527/0x10e0
[ 1273.145148]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.150668]  ? check_preemption_disabled+0x48/0x200
[ 1273.155670]  ? mark_held_locks+0x130/0x130
[ 1273.159888]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1273.164803]  ? perf_trace_lock+0x7a0/0x7a0
[ 1273.169024]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.174546]  ? check_preemption_disabled+0x48/0x200
[ 1273.179557]  ? check_preemption_disabled+0x48/0x200
[ 1273.184567]  ? debug_smp_processor_id+0x1c/0x20
[ 1273.189219]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1273.194740]  ? page_move_anon_rmap+0x33f/0x620
[ 1273.199307]  ? lock_downgrade+0x900/0x900
[ 1273.203437]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1273.207741]  ? kasan_check_read+0x11/0x20
[ 1273.211972]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1273.216373]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1273.220938]  ? pgd_free+0x380/0x380
[ 1273.224555]  ? mark_held_locks+0x130/0x130
[ 1273.228776]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1273.233430]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1273.238603]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.244124]  ? check_preemption_disabled+0x48/0x200
[ 1273.249129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.254648]  ? check_preemption_disabled+0x48/0x200
[ 1273.259650]  ? debug_smp_processor_id+0x1c/0x20
[ 1273.264300]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1273.269214]  ? kasan_check_write+0x14/0x20
[ 1273.273431]  ? perf_trace_lock+0x7a0/0x7a0
[ 1273.277650]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1273.282144]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1273.287054]  ? __kasan_slab_free+0x119/0x150
[ 1273.291449]  ? pipe_read+0x702/0x940
[ 1273.295156]  _do_fork+0x1cb/0x11d0
[ 1273.298682]  ? fork_idle+0x1d0/0x1d0
[ 1273.302387]  ? kasan_check_read+0x11/0x20
[ 1273.306518]  ? _copy_to_user+0xc8/0x110
[ 1273.310479]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1273.316000]  ? compat_put_timespec64+0x110/0x280
[ 1273.320740]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1273.325482]  ? trace_hardirqs_on+0xbd/0x310
[ 1273.329791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.335319]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1273.339906]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1273.345344]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1273.350357]  do_fast_syscall_32+0x34d/0xfb2
[ 1273.354664]  ? do_int80_syscall_32+0x890/0x890
[ 1273.359230]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1273.363796]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1273.368796]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1273.373621]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1273.378445]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1273.383447]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1273.388446]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1273.393273]  entry_SYSENTER_compat+0x70/0x7f
[ 1273.397681] RIP: 0023:0xf7f56ca9
[ 1273.401066] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1273.419963] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1273.427657] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1273.434907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1273.442268] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1273.449519] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1273.456868] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1273.464502] Memory limit reached of cgroup /syz4
[ 1273.469304] memory: usage 204956kB, limit 204800kB, failcnt 1630
[ 1273.475492] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1273.482240] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1273.488428] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1273.508619] Out of memory and no killable processes...
[ 1273.514597] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1273.527456] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1273.532576] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1273.539831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1273.549163] Call Trace:
[ 1273.551739]  dump_stack+0x1c4/0x2b4
[ 1273.555356]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1273.560534]  dump_header+0x27b/0xf72
[ 1273.564258]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1273.570040]  ? pagefault_out_of_memory+0x197/0x197
[ 1273.574969]  ? rcu_read_unlock+0x33/0x60
[ 1273.579011]  ? mem_cgroup_iter+0x514/0x1160
[ 1273.583316]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1273.588058]  ? css_task_iter_end+0x222/0x490
[ 1273.592449]  ? lock_downgrade+0x900/0x900
[ 1273.596597]  ? trace_hardirqs_on+0xbd/0x310
[ 1273.600901]  ? kasan_check_read+0x11/0x20
[ 1273.605032]  ? css_task_iter_end+0x222/0x490
[ 1273.609422]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1273.614858]  ? kasan_check_write+0x14/0x20
[ 1273.619249]  ? do_raw_spin_lock+0xc1/0x200
[ 1273.623469]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1273.627948]  ? css_task_iter_end+0x2ce/0x490
[ 1273.632342]  ? cgroup_procs_next+0x70/0x70
[ 1273.636559]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1273.641036]  ? oom_badness+0xaa0/0xaa0
[ 1273.644920]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1273.649660]  ? mem_cgroup_iter_break+0x30/0x30
[ 1273.654253]  ? cgroup_file_notify+0x226/0x2f0
[ 1273.658732]  out_of_memory.cold.30+0xf/0x184
[ 1273.663135]  ? kasan_check_read+0x11/0x20
[ 1273.667265]  ? oom_killer_disable+0x3a0/0x3a0
[ 1273.671742]  ? kasan_check_write+0x14/0x20
[ 1273.675960]  ? do_raw_spin_lock+0xc1/0x200
[ 1273.680183]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1273.685008]  ? memcg_memory_event+0x40/0x40
[ 1273.689310]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1273.694145]  ? page_counter_try_charge+0x1c1/0x220
[ 1273.699055]  try_charge+0xc43/0x1690
[ 1273.702750]  ? lock_downgrade+0x900/0x900
[ 1273.706885]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1273.712926]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1273.718445]  ? should_fail+0x22d/0xd01
[ 1273.722319]  ? percpu_ref_tryget_live+0x168/0x460
[ 1273.727146]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1273.732445]  ? lock_downgrade+0x900/0x900
[ 1273.736578]  ? lock_release+0x970/0x970
[ 1273.740537]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1273.746317]  ? __kernel_text_address+0xd/0x40
[ 1273.750802]  ? unwind_get_return_address+0x61/0xa0
[ 1273.755717]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1273.760542]  ? fs_reclaim_acquire+0x20/0x20
[ 1273.764847]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1273.769499]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1273.773979]  ? perf_trace_lock+0x7a0/0x7a0
[ 1273.778197]  memcg_kmem_charge+0x135/0x300
[ 1273.782415]  __alloc_pages_nodemask+0x72e/0xde0
[ 1273.787071]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1273.792074]  ? fs_reclaim_acquire+0x20/0x20
[ 1273.796381]  ? lock_downgrade+0x900/0x900
[ 1273.800512]  ? lock_downgrade+0x900/0x900
[ 1273.804642]  ? kasan_check_read+0x11/0x20
[ 1273.808771]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1273.813163]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1273.817759]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1273.823279]  alloc_pages_current+0x10c/0x210
[ 1273.827670]  pte_alloc_one+0x1b/0x1a0
[ 1273.831456]  __pte_alloc+0x2a/0x350
[ 1273.835068]  copy_page_range+0x18c5/0x26b0
[ 1273.839297]  ? rcu_bh_qs+0xc0/0xc0
[ 1273.842840]  ? unwind_get_return_address+0x61/0xa0
[ 1273.847760]  ? pmd_alloc+0x180/0x180
[ 1273.851458]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1273.856978]  ? check_preemption_disabled+0x48/0x200
[ 1273.861981]  ? debug_smp_processor_id+0x1c/0x20
[ 1273.866630]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1273.871538]  ? save_stack+0x43/0xd0
[ 1273.875146]  ? kasan_kmalloc+0xc7/0xe0
[ 1273.879015]  ? kasan_slab_alloc+0x12/0x20
[ 1273.883146]  ? perf_trace_lock+0x7a0/0x7a0
[ 1273.887365]  ? percpu_ref_put_many+0x11c/0x260
[ 1273.891928]  ? lock_downgrade+0x900/0x900
[ 1273.896061]  ? lock_release+0x970/0x970
[ 1273.900029]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1273.904695]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1273.909952]  ? lock_downgrade+0x900/0x900
[ 1273.914088]  ? copy_process+0x454b/0x8780
[ 1273.918219]  ? lock_downgrade+0x900/0x900
[ 1273.922349]  ? lock_release+0x970/0x970
[ 1273.926315]  ? arch_local_save_flags+0x40/0x40
[ 1273.930878]  ? dup_userfaultfd+0x6d8/0x890
[ 1273.935101]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1273.940100]  ? vma_compute_subtree_gap+0x160/0x240
[ 1273.945013]  ? validate_mm_rb+0xaa/0xc0
[ 1273.948969]  ? __vma_link_rb+0x26c/0x370
[ 1273.953014]  copy_process+0x4721/0x8780
[ 1273.956982]  ? __cleanup_sighand+0x70/0x70
[ 1273.961197]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1273.965507]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1273.971026]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1273.976576]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1273.980884]  ? page_swapcount+0x1d0/0x1d0
[ 1273.985014]  ? trace_hardirqs_off+0xb8/0x310
[ 1273.989405]  ? kasan_check_read+0x11/0x20
[ 1273.993538]  ? trace_hardirqs_on+0x310/0x310
[ 1273.997927]  ? rcu_read_lock+0x70/0x70
[ 1274.001803]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1274.006886]  ? try_to_wake_up+0x10a/0x12f0
[ 1274.011102]  ? migrate_swap_stop+0x930/0x930
[ 1274.015493]  ? perf_trace_lock+0x7a0/0x7a0
[ 1274.019716]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.025235]  ? check_preemption_disabled+0x48/0x200
[ 1274.030243]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.035763]  ? reuse_swap_page+0x4bd/0x1520
[ 1274.040074]  ? swp_swapcount+0x530/0x530
[ 1274.044120]  ? mark_held_locks+0x130/0x130
[ 1274.048335]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.053855]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1274.058782]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1274.063870]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.069397]  ? ep_poll_callback+0x527/0x10e0
[ 1274.073798]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.079319]  ? check_preemption_disabled+0x48/0x200
[ 1274.084324]  ? mark_held_locks+0x130/0x130
[ 1274.088540]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1274.093455]  ? perf_trace_lock+0x7a0/0x7a0
[ 1274.097673]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.103191]  ? check_preemption_disabled+0x48/0x200
[ 1274.108188]  ? check_preemption_disabled+0x48/0x200
[ 1274.113188]  ? debug_smp_processor_id+0x1c/0x20
[ 1274.117839]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1274.123357]  ? page_move_anon_rmap+0x33f/0x620
[ 1274.127924]  ? lock_downgrade+0x900/0x900
[ 1274.132060]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1274.136362]  ? kasan_check_read+0x11/0x20
[ 1274.140494]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1274.144885]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1274.149448]  ? pgd_free+0x380/0x380
[ 1274.153067]  ? mark_held_locks+0x130/0x130
[ 1274.157387]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1274.162040]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1274.167213]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.172732]  ? check_preemption_disabled+0x48/0x200
[ 1274.177731]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.183253]  ? check_preemption_disabled+0x48/0x200
[ 1274.188252]  ? debug_smp_processor_id+0x1c/0x20
[ 1274.192902]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1274.197811]  ? kasan_check_write+0x14/0x20
[ 1274.202029]  ? perf_trace_lock+0x7a0/0x7a0
[ 1274.206255]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1274.210736]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1274.215559]  ? __kasan_slab_free+0x119/0x150
[ 1274.219956]  ? pipe_read+0x702/0x940
[ 1274.223660]  _do_fork+0x1cb/0x11d0
[ 1274.227184]  ? fork_idle+0x1d0/0x1d0
[ 1274.230883]  ? kasan_check_read+0x11/0x20
[ 1274.235012]  ? _copy_to_user+0xc8/0x110
[ 1274.238984]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1274.244506]  ? compat_put_timespec64+0x110/0x280
[ 1274.249245]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1274.253984]  ? trace_hardirqs_on+0xbd/0x310
[ 1274.258294]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.263812]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1274.268376]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1274.273811]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1274.278816]  do_fast_syscall_32+0x34d/0xfb2
[ 1274.283136]  ? do_int80_syscall_32+0x890/0x890
[ 1274.287702]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1274.292264]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1274.297267]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1274.302096]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1274.306918]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1274.311916]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1274.317006]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1274.321834]  entry_SYSENTER_compat+0x70/0x7f
[ 1274.326234] RIP: 0023:0xf7f56ca9
[ 1274.329598] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1274.348479] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1274.356176] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1274.363425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1274.370675] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1274.377928] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1274.385181] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1274.394946] Memory limit reached of cgroup /syz4
[ 1274.399741] memory: usage 204872kB, limit 204800kB, failcnt 1638
[ 1274.405930] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1274.412763] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1274.418973] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1274.439375] Out of memory and no killable processes...
[ 1274.445444] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1274.458303] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1274.463488] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1274.470754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1274.480088] Call Trace:
[ 1274.482662]  dump_stack+0x1c4/0x2b4
[ 1274.486276]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1274.491451]  dump_header+0x27b/0xf72
[ 1274.495149]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1274.500940]  ? pagefault_out_of_memory+0x197/0x197
[ 1274.505876]  ? rcu_read_unlock+0x33/0x60
[ 1274.509925]  ? mem_cgroup_iter+0x514/0x1160
[ 1274.514231]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1274.518970]  ? css_task_iter_end+0x222/0x490
[ 1274.523362]  ? lock_downgrade+0x900/0x900
[ 1274.527499]  ? trace_hardirqs_on+0xbd/0x310
[ 1274.531907]  ? kasan_check_read+0x11/0x20
[ 1274.536053]  ? css_task_iter_end+0x222/0x490
[ 1274.540445]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1274.545877]  ? kasan_check_write+0x14/0x20
[ 1274.550099]  ? do_raw_spin_lock+0xc1/0x200
[ 1274.554325]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1274.558815]  ? css_task_iter_end+0x2ce/0x490
[ 1274.563214]  ? cgroup_procs_next+0x70/0x70
[ 1274.567439]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1274.571921]  ? oom_badness+0xaa0/0xaa0
[ 1274.575801]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1274.580558]  ? mem_cgroup_iter_break+0x30/0x30
[ 1274.585219]  ? cgroup_file_notify+0x226/0x2f0
[ 1274.589700]  out_of_memory.cold.30+0xf/0x184
[ 1274.594192]  ? kasan_check_read+0x11/0x20
[ 1274.598322]  ? oom_killer_disable+0x3a0/0x3a0
[ 1274.602811]  ? kasan_check_write+0x14/0x20
[ 1274.607033]  ? do_raw_spin_lock+0xc1/0x200
[ 1274.611260]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1274.616085]  ? memcg_memory_event+0x40/0x40
[ 1274.620386]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1274.625215]  ? page_counter_try_charge+0x1c1/0x220
[ 1274.630128]  try_charge+0xc43/0x1690
[ 1274.633826]  ? lock_downgrade+0x900/0x900
[ 1274.637961]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1274.644005]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1274.649532]  ? should_fail+0x22d/0xd01
[ 1274.653406]  ? percpu_ref_tryget_live+0x168/0x460
[ 1274.658231]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1274.663061]  ? lock_downgrade+0x900/0x900
[ 1274.667196]  ? lock_release+0x970/0x970
[ 1274.671159]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1274.676950]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1274.681774]  ? fs_reclaim_acquire+0x20/0x20
[ 1274.686085]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1274.690735]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1274.695218]  ? debug_smp_processor_id+0x1c/0x20
[ 1274.699874]  memcg_kmem_charge+0x135/0x300
[ 1274.704090]  __alloc_pages_nodemask+0x72e/0xde0
[ 1274.708744]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1274.713740]  ? fs_reclaim_acquire+0x20/0x20
[ 1274.718054]  ? lock_acquire+0x1ed/0x520
[ 1274.722014]  ? copy_page_range+0x1770/0x26b0
[ 1274.726405]  ? lock_downgrade+0x900/0x900
[ 1274.730536]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1274.736059]  alloc_pages_current+0x10c/0x210
[ 1274.740451]  ? ___might_sleep+0x1ed/0x300
[ 1274.744591]  pte_alloc_one+0x1b/0x1a0
[ 1274.748381]  __pte_alloc+0x2a/0x350
[ 1274.751995]  copy_page_range+0x18c5/0x26b0
[ 1274.756224]  ? pmd_alloc+0x180/0x180
[ 1274.759926]  ? check_preemption_disabled+0x48/0x200
[ 1274.764925]  ? debug_smp_processor_id+0x1c/0x20
[ 1274.769576]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1274.774491]  ? save_stack+0x43/0xd0
[ 1274.778100]  ? kasan_slab_alloc+0x12/0x20
[ 1274.782232]  ? perf_trace_lock+0x7a0/0x7a0
[ 1274.786473]  ? percpu_ref_put_many+0x11c/0x260
[ 1274.791038]  ? lock_downgrade+0x900/0x900
[ 1274.795171]  ? lock_release+0x970/0x970
[ 1274.799127]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1274.803897]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1274.809157]  ? lock_downgrade+0x900/0x900
[ 1274.813311]  ? copy_process+0x454b/0x8780
[ 1274.817445]  ? lock_downgrade+0x900/0x900
[ 1274.821582]  ? lock_release+0x970/0x970
[ 1274.825551]  ? arch_local_save_flags+0x40/0x40
[ 1274.830135]  ? dup_userfaultfd+0x6d8/0x890
[ 1274.834358]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1274.839358]  ? vma_compute_subtree_gap+0x160/0x240
[ 1274.844270]  ? validate_mm_rb+0xaa/0xc0
[ 1274.848227]  ? __vma_link_rb+0x26c/0x370
[ 1274.852281]  copy_process+0x4721/0x8780
[ 1274.856254]  ? __cleanup_sighand+0x70/0x70
[ 1274.860575]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1274.864987]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1274.870509]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1274.876039]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1274.880346]  ? page_swapcount+0x1d0/0x1d0
[ 1274.884475]  ? trace_hardirqs_off+0xb8/0x310
[ 1274.888866]  ? kasan_check_read+0x11/0x20
[ 1274.893495]  ? trace_hardirqs_on+0x310/0x310
[ 1274.897991]  ? rcu_read_lock+0x70/0x70
[ 1274.901871]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1274.906966]  ? try_to_wake_up+0x10a/0x12f0
[ 1274.911186]  ? migrate_swap_stop+0x930/0x930
[ 1274.915580]  ? perf_trace_lock+0x7a0/0x7a0
[ 1274.919802]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.925327]  ? check_preemption_disabled+0x48/0x200
[ 1274.930336]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.935856]  ? reuse_swap_page+0x4bd/0x1520
[ 1274.940164]  ? swp_swapcount+0x530/0x530
[ 1274.944207]  ? mark_held_locks+0x130/0x130
[ 1274.948428]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.953951]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1274.958862]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1274.963950]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.969468]  ? ep_poll_callback+0x527/0x10e0
[ 1274.973876]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1274.979401]  ? check_preemption_disabled+0x48/0x200
[ 1274.984403]  ? mark_held_locks+0x130/0x130
[ 1274.988617]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1274.993532]  ? perf_trace_lock+0x7a0/0x7a0
[ 1274.997762]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.003282]  ? check_preemption_disabled+0x48/0x200
[ 1275.008277]  ? check_preemption_disabled+0x48/0x200
[ 1275.013280]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.017940]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1275.023459]  ? page_move_anon_rmap+0x33f/0x620
[ 1275.028025]  ? lock_downgrade+0x900/0x900
[ 1275.032157]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1275.036461]  ? kasan_check_read+0x11/0x20
[ 1275.040596]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1275.045012]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1275.049576]  ? pgd_free+0x380/0x380
[ 1275.053196]  ? mark_held_locks+0x130/0x130
[ 1275.057420]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1275.062074]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1275.067249]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.072768]  ? check_preemption_disabled+0x48/0x200
[ 1275.077889]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.083422]  ? check_preemption_disabled+0x48/0x200
[ 1275.088423]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.093076]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1275.097990]  ? kasan_check_write+0x14/0x20
[ 1275.102211]  ? perf_trace_lock+0x7a0/0x7a0
[ 1275.106438]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1275.110919]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1275.115754]  ? __kasan_slab_free+0x119/0x150
[ 1275.120149]  ? pipe_read+0x702/0x940
[ 1275.123853]  _do_fork+0x1cb/0x11d0
[ 1275.127380]  ? fork_idle+0x1d0/0x1d0
[ 1275.131080]  ? kasan_check_read+0x11/0x20
[ 1275.135208]  ? _copy_to_user+0xc8/0x110
[ 1275.139175]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1275.144697]  ? compat_put_timespec64+0x110/0x280
[ 1275.149448]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1275.154190]  ? trace_hardirqs_on+0xbd/0x310
[ 1275.158497]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.164016]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1275.168583]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1275.174017]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1275.179017]  do_fast_syscall_32+0x34d/0xfb2
[ 1275.183327]  ? do_int80_syscall_32+0x890/0x890
[ 1275.187892]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1275.192455]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1275.197456]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1275.202282]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1275.207105]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1275.212117]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1275.217210]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1275.222039]  entry_SYSENTER_compat+0x70/0x7f
[ 1275.226430] RIP: 0023:0xf7f56ca9
[ 1275.229779] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1275.248659] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1275.256348] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1275.263599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1275.270849] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1275.278103] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1275.285356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1275.293778] Memory limit reached of cgroup /syz4
[ 1275.298570] memory: usage 204872kB, limit 204800kB, failcnt 1646
[ 1275.304755] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1275.311498] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1275.317769] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1275.337970] Out of memory and no killable processes...
[ 1275.344110] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1275.356980] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1275.362201] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1275.369454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1275.378786] Call Trace:
[ 1275.381360]  dump_stack+0x1c4/0x2b4
[ 1275.384976]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1275.390152]  dump_header+0x27b/0xf72
[ 1275.393852]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1275.399651]  ? pagefault_out_of_memory+0x197/0x197
[ 1275.404568]  ? rcu_read_unlock+0x33/0x60
[ 1275.408611]  ? mem_cgroup_iter+0x514/0x1160
[ 1275.412934]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1275.417677]  ? css_task_iter_end+0x222/0x490
[ 1275.422068]  ? lock_downgrade+0x900/0x900
[ 1275.426206]  ? trace_hardirqs_on+0xbd/0x310
[ 1275.430511]  ? kasan_check_read+0x11/0x20
[ 1275.434643]  ? css_task_iter_end+0x222/0x490
[ 1275.439032]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1275.444466]  ? kasan_check_write+0x14/0x20
[ 1275.448681]  ? do_raw_spin_lock+0xc1/0x200
[ 1275.452926]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1275.457419]  ? css_task_iter_end+0x2ce/0x490
[ 1275.461811]  ? cgroup_procs_next+0x70/0x70
[ 1275.466028]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1275.470504]  ? oom_badness+0xaa0/0xaa0
[ 1275.474390]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1275.479131]  ? mem_cgroup_iter_break+0x30/0x30
[ 1275.483701]  ? cgroup_file_notify+0x226/0x2f0
[ 1275.488179]  out_of_memory.cold.30+0xf/0x184
[ 1275.492591]  ? kasan_check_read+0x11/0x20
[ 1275.496735]  ? oom_killer_disable+0x3a0/0x3a0
[ 1275.501212]  ? kasan_check_write+0x14/0x20
[ 1275.505429]  ? do_raw_spin_lock+0xc1/0x200
[ 1275.509659]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1275.514489]  ? memcg_memory_event+0x40/0x40
[ 1275.518792]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1275.523634]  ? page_counter_try_charge+0x1c1/0x220
[ 1275.528550]  try_charge+0xc43/0x1690
[ 1275.532259]  ? lock_downgrade+0x900/0x900
[ 1275.536400]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1275.542442]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1275.547967]  ? should_fail+0x22d/0xd01
[ 1275.551840]  ? percpu_ref_tryget_live+0x168/0x460
[ 1275.556663]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1275.561488]  ? lock_downgrade+0x900/0x900
[ 1275.565618]  ? lock_release+0x970/0x970
[ 1275.569577]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1275.575365]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1275.580196]  ? fs_reclaim_acquire+0x20/0x20
[ 1275.584507]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1275.589159]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1275.593645]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.598308]  memcg_kmem_charge+0x135/0x300
[ 1275.602528]  __alloc_pages_nodemask+0x72e/0xde0
[ 1275.607189]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.611944]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1275.616948]  ? perf_trace_lock+0x7a0/0x7a0
[ 1275.621170]  ? lock_acquire+0x1ed/0x520
[ 1275.625148]  ? copy_page_range+0x1770/0x26b0
[ 1275.629546]  ? lock_downgrade+0x900/0x900
[ 1275.633679]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1275.639201]  alloc_pages_current+0x10c/0x210
[ 1275.643590]  ? ___might_sleep+0x1ed/0x300
[ 1275.647722]  pte_alloc_one+0x1b/0x1a0
[ 1275.651506]  __pte_alloc+0x2a/0x350
[ 1275.655120]  copy_page_range+0x18c5/0x26b0
[ 1275.659350]  ? pmd_alloc+0x180/0x180
[ 1275.663046]  ? check_preemption_disabled+0x48/0x200
[ 1275.668046]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.672697]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1275.677610]  ? save_stack+0x43/0xd0
[ 1275.681220]  ? kasan_slab_alloc+0x12/0x20
[ 1275.685349]  ? perf_trace_lock+0x7a0/0x7a0
[ 1275.689568]  ? percpu_ref_put_many+0x11c/0x260
[ 1275.694132]  ? lock_downgrade+0x900/0x900
[ 1275.698275]  ? lock_release+0x970/0x970
[ 1275.702245]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1275.706911]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1275.712198]  ? lock_downgrade+0x900/0x900
[ 1275.716334]  ? copy_process+0x454b/0x8780
[ 1275.720463]  ? lock_downgrade+0x900/0x900
[ 1275.724595]  ? lock_release+0x970/0x970
[ 1275.729144]  ? arch_local_save_flags+0x40/0x40
[ 1275.733717]  ? dup_userfaultfd+0x6d8/0x890
[ 1275.737950]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1275.742954]  ? vma_compute_subtree_gap+0x160/0x240
[ 1275.747864]  ? validate_mm_rb+0xaa/0xc0
[ 1275.751822]  ? __vma_link_rb+0x26c/0x370
[ 1275.755888]  copy_process+0x4721/0x8780
[ 1275.759858]  ? __cleanup_sighand+0x70/0x70
[ 1275.764076]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1275.768386]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1275.773904]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1275.779424]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1275.783737]  ? page_swapcount+0x1d0/0x1d0
[ 1275.787868]  ? trace_hardirqs_off+0xb8/0x310
[ 1275.792284]  ? kasan_check_read+0x11/0x20
[ 1275.796416]  ? trace_hardirqs_on+0x310/0x310
[ 1275.800833]  ? rcu_read_lock+0x70/0x70
[ 1275.804710]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1275.809796]  ? try_to_wake_up+0x10a/0x12f0
[ 1275.814015]  ? migrate_swap_stop+0x930/0x930
[ 1275.818404]  ? perf_trace_lock+0x7a0/0x7a0
[ 1275.822625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.828146]  ? check_preemption_disabled+0x48/0x200
[ 1275.833166]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.838691]  ? reuse_swap_page+0x4bd/0x1520
[ 1275.843000]  ? swp_swapcount+0x530/0x530
[ 1275.847045]  ? mark_held_locks+0x130/0x130
[ 1275.851262]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.856786]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1275.861697]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1275.866783]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.872303]  ? ep_poll_callback+0x527/0x10e0
[ 1275.876694]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.882213]  ? check_preemption_disabled+0x48/0x200
[ 1275.887214]  ? mark_held_locks+0x130/0x130
[ 1275.891431]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1275.896354]  ? perf_trace_lock+0x7a0/0x7a0
[ 1275.900574]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.906094]  ? check_preemption_disabled+0x48/0x200
[ 1275.911093]  ? check_preemption_disabled+0x48/0x200
[ 1275.916093]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.920748]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1275.926270]  ? page_move_anon_rmap+0x33f/0x620
[ 1275.930848]  ? lock_downgrade+0x900/0x900
[ 1275.934983]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1275.939288]  ? kasan_check_read+0x11/0x20
[ 1275.943420]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1275.947815]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1275.952393]  ? pgd_free+0x380/0x380
[ 1275.956007]  ? mark_held_locks+0x130/0x130
[ 1275.960225]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1275.964876]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1275.970050]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.975570]  ? check_preemption_disabled+0x48/0x200
[ 1275.980570]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1275.986101]  ? check_preemption_disabled+0x48/0x200
[ 1275.991102]  ? debug_smp_processor_id+0x1c/0x20
[ 1275.995756]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1276.000678]  ? kasan_check_write+0x14/0x20
[ 1276.004899]  ? perf_trace_lock+0x7a0/0x7a0
[ 1276.009126]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1276.013613]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1276.018436]  ? __kasan_slab_free+0x119/0x150
[ 1276.022837]  ? pipe_read+0x702/0x940
[ 1276.026551]  _do_fork+0x1cb/0x11d0
[ 1276.030077]  ? fork_idle+0x1d0/0x1d0
[ 1276.033780]  ? kasan_check_read+0x11/0x20
[ 1276.037912]  ? _copy_to_user+0xc8/0x110
[ 1276.041869]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1276.047387]  ? compat_put_timespec64+0x110/0x280
[ 1276.052129]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1276.056885]  ? trace_hardirqs_on+0xbd/0x310
[ 1276.061197]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.066719]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1276.071283]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1276.076731]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1276.081734]  do_fast_syscall_32+0x34d/0xfb2
[ 1276.086040]  ? do_int80_syscall_32+0x890/0x890
[ 1276.090605]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1276.095257]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1276.100256]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1276.105081]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1276.109909]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1276.114914]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1276.119918]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1276.124744]  entry_SYSENTER_compat+0x70/0x7f
[ 1276.129130] RIP: 0023:0xf7f56ca9
[ 1276.132486] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1276.151369] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1276.159058] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1276.166308] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1276.173558] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1276.180808] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1276.188063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1276.195993] Memory limit reached of cgroup /syz4
[ 1276.200763] memory: usage 204876kB, limit 204800kB, failcnt 1654
[ 1276.206954] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1276.213727] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1276.219848] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1276.239979] Out of memory and no killable processes...
[ 1276.246121] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1276.258982] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1276.264168] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1276.271423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1276.280774] Call Trace:
[ 1276.283353]  dump_stack+0x1c4/0x2b4
[ 1276.286964]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1276.292145]  dump_header+0x27b/0xf72
[ 1276.295849]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1276.301632]  ? pagefault_out_of_memory+0x197/0x197
[ 1276.306545]  ? rcu_read_unlock+0x33/0x60
[ 1276.310590]  ? mem_cgroup_iter+0x514/0x1160
[ 1276.314903]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1276.319643]  ? css_task_iter_end+0x222/0x490
[ 1276.324032]  ? lock_downgrade+0x900/0x900
[ 1276.328162]  ? trace_hardirqs_on+0xbd/0x310
[ 1276.332466]  ? kasan_check_read+0x11/0x20
[ 1276.336596]  ? css_task_iter_end+0x222/0x490
[ 1276.340984]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1276.346415]  ? kasan_check_write+0x14/0x20
[ 1276.350631]  ? do_raw_spin_lock+0xc1/0x200
[ 1276.354851]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1276.359452]  ? css_task_iter_end+0x2ce/0x490
[ 1276.363845]  ? cgroup_procs_next+0x70/0x70
[ 1276.368061]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1276.372535]  ? oom_badness+0xaa0/0xaa0
[ 1276.376404]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1276.381143]  ? mem_cgroup_iter_break+0x30/0x30
[ 1276.385712]  ? cgroup_file_notify+0x226/0x2f0
[ 1276.390196]  out_of_memory.cold.30+0xf/0x184
[ 1276.394705]  ? kasan_check_read+0x11/0x20
[ 1276.398833]  ? oom_killer_disable+0x3a0/0x3a0
[ 1276.403308]  ? kasan_check_write+0x14/0x20
[ 1276.407525]  ? do_raw_spin_lock+0xc1/0x200
[ 1276.411747]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1276.416572]  ? memcg_memory_event+0x40/0x40
[ 1276.420893]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1276.425729]  ? page_counter_try_charge+0x1c1/0x220
[ 1276.430640]  try_charge+0xc43/0x1690
[ 1276.434339]  ? lock_downgrade+0x900/0x900
[ 1276.438589]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1276.444630]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1276.450153]  ? should_fail+0x22d/0xd01
[ 1276.454021]  ? percpu_ref_tryget_live+0x168/0x460
[ 1276.458845]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1276.463667]  ? lock_downgrade+0x900/0x900
[ 1276.467795]  ? lock_release+0x970/0x970
[ 1276.471750]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1276.477535]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1276.482445]  ? fs_reclaim_acquire+0x20/0x20
[ 1276.486752]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1276.491402]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1276.495888]  ? debug_smp_processor_id+0x1c/0x20
[ 1276.500544]  memcg_kmem_charge+0x135/0x300
[ 1276.504762]  __alloc_pages_nodemask+0x72e/0xde0
[ 1276.509414]  ? debug_smp_processor_id+0x1c/0x20
[ 1276.514065]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1276.519062]  ? perf_trace_lock+0x7a0/0x7a0
[ 1276.523285]  ? lock_acquire+0x1ed/0x520
[ 1276.527242]  ? copy_page_range+0x1770/0x26b0
[ 1276.531631]  ? lock_downgrade+0x900/0x900
[ 1276.535763]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1276.541284]  alloc_pages_current+0x10c/0x210
[ 1276.545698]  ? ___might_sleep+0x1ed/0x300
[ 1276.549829]  pte_alloc_one+0x1b/0x1a0
[ 1276.553622]  __pte_alloc+0x2a/0x350
[ 1276.557322]  copy_page_range+0x18c5/0x26b0
[ 1276.561549]  ? pmd_alloc+0x180/0x180
[ 1276.565243]  ? check_preemption_disabled+0x48/0x200
[ 1276.570243]  ? debug_smp_processor_id+0x1c/0x20
[ 1276.574899]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1276.579810]  ? save_stack+0x43/0xd0
[ 1276.583517]  ? kasan_slab_alloc+0x12/0x20
[ 1276.587650]  ? perf_trace_lock+0x7a0/0x7a0
[ 1276.591870]  ? percpu_ref_put_many+0x11c/0x260
[ 1276.596432]  ? lock_downgrade+0x900/0x900
[ 1276.600562]  ? lock_release+0x970/0x970
[ 1276.604517]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1276.609169]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1276.614426]  ? lock_downgrade+0x900/0x900
[ 1276.618562]  ? copy_process+0x454b/0x8780
[ 1276.622689]  ? lock_downgrade+0x900/0x900
[ 1276.626819]  ? lock_release+0x970/0x970
[ 1276.630777]  ? arch_local_save_flags+0x40/0x40
[ 1276.635343]  ? dup_userfaultfd+0x6d8/0x890
[ 1276.639564]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1276.644561]  ? vma_compute_subtree_gap+0x160/0x240
[ 1276.649473]  ? validate_mm_rb+0xaa/0xc0
[ 1276.653428]  ? __vma_link_rb+0x26c/0x370
[ 1276.657470]  copy_process+0x4721/0x8780
[ 1276.661438]  ? __cleanup_sighand+0x70/0x70
[ 1276.665656]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1276.669963]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1276.675494]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1276.681011]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1276.685319]  ? page_swapcount+0x1d0/0x1d0
[ 1276.689449]  ? trace_hardirqs_off+0xb8/0x310
[ 1276.693838]  ? kasan_check_read+0x11/0x20
[ 1276.697969]  ? trace_hardirqs_on+0x310/0x310
[ 1276.702359]  ? rcu_read_lock+0x70/0x70
[ 1276.706237]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1276.711323]  ? try_to_wake_up+0x10a/0x12f0
[ 1276.715555]  ? migrate_swap_stop+0x930/0x930
[ 1276.719950]  ? perf_trace_lock+0x7a0/0x7a0
[ 1276.724173]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.729694]  ? check_preemption_disabled+0x48/0x200
[ 1276.734700]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.740222]  ? reuse_swap_page+0x4bd/0x1520
[ 1276.744530]  ? swp_swapcount+0x530/0x530
[ 1276.748572]  ? mark_held_locks+0x130/0x130
[ 1276.752791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.758318]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1276.763318]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1276.768402]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.773935]  ? ep_poll_callback+0x527/0x10e0
[ 1276.778435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.783958]  ? check_preemption_disabled+0x48/0x200
[ 1276.788959]  ? mark_held_locks+0x130/0x130
[ 1276.793177]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1276.798109]  ? perf_trace_lock+0x7a0/0x7a0
[ 1276.802328]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.807856]  ? check_preemption_disabled+0x48/0x200
[ 1276.812874]  ? check_preemption_disabled+0x48/0x200
[ 1276.817876]  ? debug_smp_processor_id+0x1c/0x20
[ 1276.822530]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1276.828051]  ? page_move_anon_rmap+0x33f/0x620
[ 1276.832616]  ? lock_downgrade+0x900/0x900
[ 1276.836747]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1276.841049]  ? kasan_check_read+0x11/0x20
[ 1276.845189]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1276.849581]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1276.854146]  ? pgd_free+0x380/0x380
[ 1276.857761]  ? mark_held_locks+0x130/0x130
[ 1276.861977]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1276.866627]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1276.871798]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.877343]  ? check_preemption_disabled+0x48/0x200
[ 1276.882349]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.887995]  ? check_preemption_disabled+0x48/0x200
[ 1276.893421]  ? debug_smp_processor_id+0x1c/0x20
[ 1276.898081]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1276.902993]  ? kasan_check_write+0x14/0x20
[ 1276.907310]  ? perf_trace_lock+0x7a0/0x7a0
[ 1276.911529]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1276.916014]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1276.920835]  ? __kasan_slab_free+0x119/0x150
[ 1276.925237]  ? pipe_read+0x702/0x940
[ 1276.928939]  _do_fork+0x1cb/0x11d0
[ 1276.932465]  ? fork_idle+0x1d0/0x1d0
[ 1276.936164]  ? kasan_check_read+0x11/0x20
[ 1276.940303]  ? _copy_to_user+0xc8/0x110
[ 1276.944261]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1276.949786]  ? compat_put_timespec64+0x110/0x280
[ 1276.954524]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1276.959265]  ? trace_hardirqs_on+0xbd/0x310
[ 1276.963568]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1276.969092]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1276.973657]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1276.979095]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1276.984096]  do_fast_syscall_32+0x34d/0xfb2
[ 1276.988399]  ? do_int80_syscall_32+0x890/0x890
[ 1276.992965]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1276.997532]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1277.002527]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1277.007349]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1277.012174]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1277.017176]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1277.022182]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1277.027008]  entry_SYSENTER_compat+0x70/0x7f
[ 1277.031395] RIP: 0023:0xf7f56ca9
[ 1277.034748] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1277.053742] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1277.061431] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1277.068680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1277.075931] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1277.083182] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1277.090430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1277.098546] Memory limit reached of cgroup /syz4
[ 1277.103387] memory: usage 204820kB, limit 204800kB, failcnt 1662
[ 1277.109531] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1277.116301] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1277.122435] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1277.142684] Out of memory and no killable processes...
[ 1277.148805] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1277.161666] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1277.166848] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1277.174125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1277.183475] Call Trace:
[ 1277.186054]  dump_stack+0x1c4/0x2b4
[ 1277.189685]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1277.194865]  dump_header+0x27b/0xf72
[ 1277.198565]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1277.204344]  ? pagefault_out_of_memory+0x197/0x197
[ 1277.209257]  ? rcu_read_unlock+0x33/0x60
[ 1277.213298]  ? mem_cgroup_iter+0x514/0x1160
[ 1277.217605]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1277.222342]  ? css_task_iter_end+0x222/0x490
[ 1277.226734]  ? lock_downgrade+0x900/0x900
[ 1277.230868]  ? trace_hardirqs_on+0xbd/0x310
[ 1277.235172]  ? kasan_check_read+0x11/0x20
[ 1277.239301]  ? css_task_iter_end+0x222/0x490
[ 1277.243694]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1277.249127]  ? kasan_check_write+0x14/0x20
[ 1277.253342]  ? do_raw_spin_lock+0xc1/0x200
[ 1277.257575]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1277.262057]  ? css_task_iter_end+0x2ce/0x490
[ 1277.266447]  ? cgroup_procs_next+0x70/0x70
[ 1277.270674]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1277.275153]  ? oom_badness+0xaa0/0xaa0
[ 1277.279026]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1277.283778]  ? mem_cgroup_iter_break+0x30/0x30
[ 1277.288372]  ? cgroup_file_notify+0x226/0x2f0
[ 1277.292854]  out_of_memory.cold.30+0xf/0x184
[ 1277.297242]  ? kasan_check_read+0x11/0x20
[ 1277.301486]  ? oom_killer_disable+0x3a0/0x3a0
[ 1277.305961]  ? kasan_check_write+0x14/0x20
[ 1277.310178]  ? do_raw_spin_lock+0xc1/0x200
[ 1277.314398]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1277.319221]  ? memcg_memory_event+0x40/0x40
[ 1277.323611]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1277.328436]  ? page_counter_try_charge+0x1c1/0x220
[ 1277.333349]  try_charge+0xc43/0x1690
[ 1277.337049]  ? lock_downgrade+0x900/0x900
[ 1277.341186]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1277.347233]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1277.352754]  ? should_fail+0x22d/0xd01
[ 1277.356636]  ? percpu_ref_tryget_live+0x168/0x460
[ 1277.361460]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1277.366284]  ? lock_downgrade+0x900/0x900
[ 1277.370416]  ? lock_release+0x970/0x970
[ 1277.374376]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1277.380162]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1277.384998]  ? fs_reclaim_acquire+0x20/0x20
[ 1277.389307]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1277.393957]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1277.398434]  ? debug_smp_processor_id+0x1c/0x20
[ 1277.403085]  memcg_kmem_charge+0x135/0x300
[ 1277.407319]  __alloc_pages_nodemask+0x72e/0xde0
[ 1277.411968]  ? debug_smp_processor_id+0x1c/0x20
[ 1277.416621]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1277.421622]  ? perf_trace_lock+0x7a0/0x7a0
[ 1277.425848]  ? lock_acquire+0x1ed/0x520
[ 1277.429889]  ? copy_page_range+0x1770/0x26b0
[ 1277.434283]  ? lock_downgrade+0x900/0x900
[ 1277.438415]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1277.443935]  alloc_pages_current+0x10c/0x210
[ 1277.448326]  ? ___might_sleep+0x1ed/0x300
[ 1277.452456]  pte_alloc_one+0x1b/0x1a0
[ 1277.456243]  __pte_alloc+0x2a/0x350
[ 1277.459854]  copy_page_range+0x18c5/0x26b0
[ 1277.464084]  ? pmd_alloc+0x180/0x180
[ 1277.467819]  ? check_preemption_disabled+0x48/0x200
[ 1277.472825]  ? debug_smp_processor_id+0x1c/0x20
[ 1277.477485]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1277.482408]  ? save_stack+0x43/0xd0
[ 1277.486016]  ? kasan_slab_alloc+0x12/0x20
[ 1277.490151]  ? perf_trace_lock+0x7a0/0x7a0
[ 1277.494369]  ? percpu_ref_put_many+0x11c/0x260
[ 1277.498932]  ? lock_downgrade+0x900/0x900
[ 1277.503063]  ? lock_release+0x970/0x970
[ 1277.507041]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1277.511694]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1277.516953]  ? lock_downgrade+0x900/0x900
[ 1277.521089]  ? copy_process+0x454b/0x8780
[ 1277.525319]  ? lock_downgrade+0x900/0x900
[ 1277.529448]  ? lock_release+0x970/0x970
[ 1277.533409]  ? arch_local_save_flags+0x40/0x40
[ 1277.537981]  ? dup_userfaultfd+0x6d8/0x890
[ 1277.542205]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1277.547308]  ? vma_compute_subtree_gap+0x160/0x240
[ 1277.552218]  ? validate_mm_rb+0xaa/0xc0
[ 1277.556175]  ? __vma_link_rb+0x26c/0x370
[ 1277.560225]  copy_process+0x4721/0x8780
[ 1277.564197]  ? __cleanup_sighand+0x70/0x70
[ 1277.568413]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1277.572723]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1277.578248]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1277.583767]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1277.588078]  ? page_swapcount+0x1d0/0x1d0
[ 1277.592227]  ? trace_hardirqs_off+0xb8/0x310
[ 1277.596619]  ? kasan_check_read+0x11/0x20
[ 1277.601567]  ? trace_hardirqs_on+0x310/0x310
[ 1277.605964]  ? rcu_read_lock+0x70/0x70
[ 1277.609837]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1277.614923]  ? try_to_wake_up+0x10a/0x12f0
[ 1277.619144]  ? migrate_swap_stop+0x930/0x930
[ 1277.623539]  ? perf_trace_lock+0x7a0/0x7a0
[ 1277.627764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.633292]  ? check_preemption_disabled+0x48/0x200
[ 1277.638314]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.643834]  ? reuse_swap_page+0x4bd/0x1520
[ 1277.648141]  ? swp_swapcount+0x530/0x530
[ 1277.652193]  ? mark_held_locks+0x130/0x130
[ 1277.656411]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.661936]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1277.666865]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1277.671954]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.677474]  ? ep_poll_callback+0x527/0x10e0
[ 1277.681865]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.687386]  ? check_preemption_disabled+0x48/0x200
[ 1277.692401]  ? mark_held_locks+0x130/0x130
[ 1277.696630]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1277.701553]  ? perf_trace_lock+0x7a0/0x7a0
[ 1277.705787]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.712915]  ? check_preemption_disabled+0x48/0x200
[ 1277.717935]  ? check_preemption_disabled+0x48/0x200
[ 1277.722938]  ? debug_smp_processor_id+0x1c/0x20
[ 1277.728038]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1277.733562]  ? page_move_anon_rmap+0x33f/0x620
[ 1277.738130]  ? lock_downgrade+0x900/0x900
[ 1277.742263]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1277.746570]  ? kasan_check_read+0x11/0x20
[ 1277.750703]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1277.755096]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1277.759660]  ? pgd_free+0x380/0x380
[ 1277.763275]  ? mark_held_locks+0x130/0x130
[ 1277.767496]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1277.772148]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1277.777322]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.782852]  ? check_preemption_disabled+0x48/0x200
[ 1277.787860]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.793388]  ? check_preemption_disabled+0x48/0x200
[ 1277.798388]  ? debug_smp_processor_id+0x1c/0x20
[ 1277.803052]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1277.807962]  ? kasan_check_write+0x14/0x20
[ 1277.812180]  ? perf_trace_lock+0x7a0/0x7a0
[ 1277.816397]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1277.820878]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1277.825700]  ? __kasan_slab_free+0x119/0x150
[ 1277.830094]  ? pipe_read+0x702/0x940
[ 1277.833799]  _do_fork+0x1cb/0x11d0
[ 1277.837420]  ? fork_idle+0x1d0/0x1d0
[ 1277.841121]  ? kasan_check_read+0x11/0x20
[ 1277.845249]  ? _copy_to_user+0xc8/0x110
[ 1277.849211]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1277.854732]  ? compat_put_timespec64+0x110/0x280
[ 1277.859469]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1277.864365]  ? trace_hardirqs_on+0xbd/0x310
[ 1277.868670]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.874290]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1277.878867]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1277.884305]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1277.889311]  do_fast_syscall_32+0x34d/0xfb2
[ 1277.893723]  ? do_int80_syscall_32+0x890/0x890
[ 1277.898290]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1277.902861]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1277.907861]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1277.912688]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1277.917526]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1277.922702]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1277.927714]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1277.932541]  entry_SYSENTER_compat+0x70/0x7f
[ 1277.936940] RIP: 0023:0xf7f56ca9
[ 1277.940293] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1277.959292] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1277.966982] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1277.974241] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1277.981495] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1277.988747] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1277.996010] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1278.004110] Memory limit reached of cgroup /syz4
[ 1278.008900] memory: usage 204824kB, limit 204800kB, failcnt 1670
[ 1278.015087] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1278.021834] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1278.028009] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1278.048238] Out of memory and no killable processes...
[ 1278.054364] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1278.067223] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1278.072353] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1278.079619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1278.088952] Call Trace:
[ 1278.091540]  dump_stack+0x1c4/0x2b4
[ 1278.095158]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1278.100336]  dump_header+0x27b/0xf72
[ 1278.104039]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1278.109840]  ? pagefault_out_of_memory+0x197/0x197
[ 1278.114759]  ? rcu_read_unlock+0x33/0x60
[ 1278.118814]  ? mem_cgroup_iter+0x514/0x1160
[ 1278.123133]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1278.127871]  ? css_task_iter_end+0x222/0x490
[ 1278.132264]  ? lock_downgrade+0x900/0x900
[ 1278.136396]  ? trace_hardirqs_on+0xbd/0x310
[ 1278.140696]  ? kasan_check_read+0x11/0x20
[ 1278.144828]  ? css_task_iter_end+0x222/0x490
[ 1278.149218]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1278.154652]  ? kasan_check_write+0x14/0x20
[ 1278.158871]  ? do_raw_spin_lock+0xc1/0x200
[ 1278.163115]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1278.167593]  ? css_task_iter_end+0x2ce/0x490
[ 1278.171992]  ? cgroup_procs_next+0x70/0x70
[ 1278.176209]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1278.180685]  ? oom_badness+0xaa0/0xaa0
[ 1278.184555]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1278.189292]  ? mem_cgroup_iter_break+0x30/0x30
[ 1278.193936]  ? cgroup_file_notify+0x226/0x2f0
[ 1278.198433]  out_of_memory.cold.30+0xf/0x184
[ 1278.202828]  ? kasan_check_read+0x11/0x20
[ 1278.206956]  ? oom_killer_disable+0x3a0/0x3a0
[ 1278.211442]  ? kasan_check_write+0x14/0x20
[ 1278.215667]  ? do_raw_spin_lock+0xc1/0x200
[ 1278.219895]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1278.224717]  ? memcg_memory_event+0x40/0x40
[ 1278.229022]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1278.233847]  ? page_counter_try_charge+0x1c1/0x220
[ 1278.238758]  try_charge+0xc43/0x1690
[ 1278.242454]  ? lock_downgrade+0x900/0x900
[ 1278.246588]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1278.252630]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1278.258150]  ? should_fail+0x22d/0xd01
[ 1278.262022]  ? percpu_ref_tryget_live+0x168/0x460
[ 1278.266845]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1278.271672]  ? lock_downgrade+0x900/0x900
[ 1278.275802]  ? lock_release+0x970/0x970
[ 1278.279762]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1278.285549]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1278.290373]  ? fs_reclaim_acquire+0x20/0x20
[ 1278.294789]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1278.299440]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1278.303918]  ? debug_smp_processor_id+0x1c/0x20
[ 1278.308570]  memcg_kmem_charge+0x135/0x300
[ 1278.312790]  __alloc_pages_nodemask+0x72e/0xde0
[ 1278.317445]  ? debug_smp_processor_id+0x1c/0x20
[ 1278.322111]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1278.327115]  ? perf_trace_lock+0x7a0/0x7a0
[ 1278.331338]  ? lock_acquire+0x1ed/0x520
[ 1278.335296]  ? copy_page_range+0x1770/0x26b0
[ 1278.339689]  ? lock_downgrade+0x900/0x900
[ 1278.343822]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1278.349342]  alloc_pages_current+0x10c/0x210
[ 1278.353857]  ? ___might_sleep+0x1ed/0x300
[ 1278.357990]  pte_alloc_one+0x1b/0x1a0
[ 1278.361777]  __pte_alloc+0x2a/0x350
[ 1278.365387]  copy_page_range+0x18c5/0x26b0
[ 1278.369617]  ? pmd_alloc+0x180/0x180
[ 1278.373315]  ? check_preemption_disabled+0x48/0x200
[ 1278.378316]  ? debug_smp_processor_id+0x1c/0x20
[ 1278.382971]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1278.387883]  ? save_stack+0x43/0xd0
[ 1278.391492]  ? kasan_slab_alloc+0x12/0x20
[ 1278.395625]  ? perf_trace_lock+0x7a0/0x7a0
[ 1278.399843]  ? percpu_ref_put_many+0x11c/0x260
[ 1278.404406]  ? lock_downgrade+0x900/0x900
[ 1278.408542]  ? lock_release+0x970/0x970
[ 1278.412498]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1278.417152]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1278.422409]  ? lock_downgrade+0x900/0x900
[ 1278.426544]  ? copy_process+0x454b/0x8780
[ 1278.430673]  ? lock_downgrade+0x900/0x900
[ 1278.434805]  ? lock_release+0x970/0x970
[ 1278.438761]  ? arch_local_save_flags+0x40/0x40
[ 1278.443338]  ? dup_userfaultfd+0x6d8/0x890
[ 1278.447567]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1278.452570]  ? vma_compute_subtree_gap+0x160/0x240
[ 1278.457479]  ? validate_mm_rb+0xaa/0xc0
[ 1278.461437]  ? __vma_link_rb+0x26c/0x370
[ 1278.465508]  copy_process+0x4721/0x8780
[ 1278.469479]  ? __cleanup_sighand+0x70/0x70
[ 1278.473699]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1278.478010]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1278.483528]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1278.489049]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1278.493368]  ? page_swapcount+0x1d0/0x1d0
[ 1278.497500]  ? trace_hardirqs_off+0xb8/0x310
[ 1278.501890]  ? kasan_check_read+0x11/0x20
[ 1278.506037]  ? trace_hardirqs_on+0x310/0x310
[ 1278.510431]  ? rcu_read_lock+0x70/0x70
[ 1278.514305]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1278.519388]  ? try_to_wake_up+0x10a/0x12f0
[ 1278.523605]  ? migrate_swap_stop+0x930/0x930
[ 1278.527995]  ? perf_trace_lock+0x7a0/0x7a0
[ 1278.532218]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.537739]  ? check_preemption_disabled+0x48/0x200
[ 1278.542748]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.548265]  ? reuse_swap_page+0x4bd/0x1520
[ 1278.552572]  ? swp_swapcount+0x530/0x530
[ 1278.556630]  ? mark_held_locks+0x130/0x130
[ 1278.560848]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.566382]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1278.571296]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1278.576379]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.581897]  ? ep_poll_callback+0x527/0x10e0
[ 1278.586288]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.591822]  ? check_preemption_disabled+0x48/0x200
[ 1278.596822]  ? mark_held_locks+0x130/0x130
[ 1278.601148]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1278.606063]  ? perf_trace_lock+0x7a0/0x7a0
[ 1278.610282]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.615801]  ? check_preemption_disabled+0x48/0x200
[ 1278.620799]  ? check_preemption_disabled+0x48/0x200
[ 1278.625799]  ? debug_smp_processor_id+0x1c/0x20
[ 1278.630450]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1278.635967]  ? page_move_anon_rmap+0x33f/0x620
[ 1278.640536]  ? lock_downgrade+0x900/0x900
[ 1278.644666]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1278.648969]  ? kasan_check_read+0x11/0x20
[ 1278.653100]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1278.657493]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1278.662058]  ? pgd_free+0x380/0x380
[ 1278.665672]  ? mark_held_locks+0x130/0x130
[ 1278.669893]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1278.674557]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1278.679733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.685270]  ? check_preemption_disabled+0x48/0x200
[ 1278.690283]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.695802]  ? check_preemption_disabled+0x48/0x200
[ 1278.700805]  ? debug_smp_processor_id+0x1c/0x20
[ 1278.705457]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1278.710368]  ? kasan_check_write+0x14/0x20
[ 1278.714588]  ? perf_trace_lock+0x7a0/0x7a0
[ 1278.718805]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1278.723286]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1278.728112]  ? __kasan_slab_free+0x119/0x150
[ 1278.732507]  ? pipe_read+0x702/0x940
[ 1278.736219]  _do_fork+0x1cb/0x11d0
[ 1278.739749]  ? fork_idle+0x1d0/0x1d0
[ 1278.743464]  ? kasan_check_read+0x11/0x20
[ 1278.747596]  ? _copy_to_user+0xc8/0x110
[ 1278.751553]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1278.757074]  ? compat_put_timespec64+0x110/0x280
[ 1278.761819]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1278.766562]  ? trace_hardirqs_on+0xbd/0x310
[ 1278.770869]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.776390]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1278.780957]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1278.786394]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1278.791395]  do_fast_syscall_32+0x34d/0xfb2
[ 1278.795703]  ? do_int80_syscall_32+0x890/0x890
[ 1278.800268]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1278.804834]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1278.809834]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1278.814660]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1278.819497]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1278.824681]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1278.829693]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1278.834521]  entry_SYSENTER_compat+0x70/0x7f
[ 1278.838908] RIP: 0023:0xf7f56ca9
[ 1278.842260] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1278.861144] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1278.868833] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1278.876082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1278.883332] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1278.890969] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1278.898221] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1278.906221] Memory limit reached of cgroup /syz4
[ 1278.910994] memory: usage 204732kB, limit 204800kB, failcnt 1678
[ 1278.917181] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1278.923965] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1278.930107] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1278.950239] Out of memory and no killable processes...
[ 1278.958950] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0
[ 1278.970000] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1278.975227] CPU: 1 PID: 25776 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1278.982590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1278.991928] Call Trace:
[ 1278.994505]  dump_stack+0x1c4/0x2b4
[ 1278.998134]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1279.003313]  ? debug_smp_processor_id+0x1c/0x20
[ 1279.008068]  dump_header+0x27b/0xf72
[ 1279.011770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1279.017291]  ? pagefault_out_of_memory+0x197/0x197
[ 1279.022218]  ? debug_smp_processor_id+0x1c/0x20
[ 1279.026873]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1279.031785]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1279.036702]  ? perf_trace_lock+0x7a0/0x7a0
[ 1279.041027]  ? perf_trace_lock+0x7a0/0x7a0
[ 1279.045248]  ? debug_smp_processor_id+0x1c/0x20
[ 1279.049988]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1279.054903]  ? mark_held_locks+0x130/0x130
[ 1279.059154]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1279.064683]  ? perf_trace_lock+0x7a0/0x7a0
[ 1279.068909]  ? task_will_free_mem+0x239/0xb30
[ 1279.073402]  ? ___ratelimit+0x36f/0x655
[ 1279.077377]  ? lock_downgrade+0x900/0x900
[ 1279.081511]  ? trace_hardirqs_on+0xbd/0x310
[ 1279.085815]  ? kasan_check_read+0x11/0x20
[ 1279.089945]  ? ___ratelimit+0x36f/0x655
[ 1279.093909]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1279.099346]  ? trace_hardirqs_on+0x310/0x310
[ 1279.103741]  ? lock_downgrade+0x900/0x900
[ 1279.107876]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1279.112967]  ? ___ratelimit+0xaa/0x655
[ 1279.116841]  ? idr_get_free+0xec0/0xec0
[ 1279.120798]  ? kasan_check_write+0x14/0x20
[ 1279.125025]  ? do_raw_spin_lock+0xc1/0x200
[ 1279.129248]  oom_kill_process.cold.27+0x10/0x903
[ 1279.133988]  ? kasan_check_write+0x14/0x20
[ 1279.138209]  ? do_raw_spin_lock+0xc1/0x200
[ 1279.142434]  ? oom_evaluate_task+0x540/0x540
[ 1279.146831]  ? cgroup_procs_next+0x70/0x70
[ 1279.151062]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1279.155544]  ? oom_badness+0xaa0/0xaa0
[ 1279.159415]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1279.164166]  ? mem_cgroup_iter_break+0x30/0x30
[ 1279.168746]  ? cgroup_file_notify+0x226/0x2f0
[ 1279.173226]  out_of_memory+0xa84/0x1430
[ 1279.177201]  ? kasan_check_read+0x11/0x20
[ 1279.181334]  ? oom_killer_disable+0x3a0/0x3a0
[ 1279.185828]  ? kasan_check_write+0x14/0x20
[ 1279.190047]  ? do_raw_spin_lock+0xc1/0x200
[ 1279.194272]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1279.199101]  ? memcg_memory_event+0x40/0x40
[ 1279.203407]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1279.208239]  ? page_counter_try_charge+0x1c1/0x220
[ 1279.213155]  try_charge+0xc43/0x1690
[ 1279.216858]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1279.221972]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1279.228015]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1279.232853]  ? lock_downgrade+0x900/0x900
[ 1279.237008]  ? lock_release+0x970/0x970
[ 1279.240969]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1279.246760]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1279.251589]  ? mem_cgroup_can_attach+0x580/0x580
[ 1279.256336]  ? __might_sleep+0x95/0x190
[ 1279.260295]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1279.264862]  ? __anon_vma_prepare+0x325/0x6c0
[ 1279.269342]  ? mem_cgroup_protected+0xa60/0xa60
[ 1279.273999]  ? up_write+0x7b/0x220
[ 1279.277527]  ? up_read+0x110/0x110
[ 1279.281056]  ? __anon_vma_prepare+0x353/0x6c0
[ 1279.285538]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1279.291082]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1279.296004]  __handle_mm_fault+0x273a/0x53e0
[ 1279.300403]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1279.305230]  ? lock_downgrade+0x900/0x900
[ 1279.309379]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1279.314382]  ? cap_mmap_addr+0x52/0x130
[ 1279.318341]  ? userfaultfd_unmap_complete+0x32a/0x510
[ 1279.323514]  ? security_mmap_addr+0x80/0xa0
[ 1279.327820]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1279.333338]  ? get_unmapped_area+0x292/0x3b0
[ 1279.337736]  ? lock_acquire+0x1ed/0x520
[ 1279.341710]  ? handle_mm_fault+0x42a/0xc70
[ 1279.345929]  ? lock_downgrade+0x900/0x900
[ 1279.350066]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1279.355848]  ? __do_page_fault+0x67d/0xed0
[ 1279.360080]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1279.365525]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1279.371050]  ? check_preemption_disabled+0x48/0x200
[ 1279.376061]  handle_mm_fault+0x54f/0xc70
[ 1279.380111]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1279.384788]  ? find_vma+0x34/0x190
[ 1279.388315]  __do_page_fault+0x67d/0xed0
[ 1279.392363]  ? mm_fault_error+0x380/0x380
[ 1279.396509]  ? __ia32_sys_mmap_pgoff+0xdd/0x1a0
[ 1279.401169]  do_page_fault+0xf2/0x7e0
[ 1279.404956]  ? vmalloc_sync_all+0x30/0x30
[ 1279.409089]  ? error_entry+0x70/0xd0
[ 1279.412790]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1279.417790]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1279.422704]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1279.427529]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1279.432528]  ? trace_hardirqs_off+0x310/0x310
[ 1279.437009]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1279.442008]  ? page_fault+0x8/0x30
[ 1279.445534]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1279.450360]  ? page_fault+0x8/0x30
[ 1279.453891]  page_fault+0x1e/0x30
[ 1279.457327] RIP: 0023:0x8053442
[ 1279.460590] Code: 00 83 c4 20 83 f8 ff 89 45 b0 0f 84 86 01 00 00 8b 45 b0 85 c0 0f 84 bb 04 00 00 8b 4d b0 8b 7d a8 8d 84 39 40 fb ff ff 89 c6 <89> 88 70 02 00 00 89 b8 74 02 00 00 89 45 b4 05 8c 00 00 00 c7 46
[ 1279.479481] RSP: 002b:000000000845fbb0 EFLAGS: 00010286
[ 1279.484828] RAX: 00000000f5f52b40 RBX: 0000000000020000 RCX: 00000000f5f32000
[ 1279.492082] RDX: 0000000000000003 RSI: 00000000f5f52b40 RDI: 0000000000021000
[ 1279.499333] RBP: 000000000845fc28 R08: 0000000000000000 R09: 0000000000000000
[ 1279.506584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1279.513835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1279.521339] Task in /syz4 killed as a result of limit of /syz4
[ 1279.527404] memory: usage 204800kB, limit 204800kB, failcnt 1707
[ 1279.534086] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1279.541018] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:26:30 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x2000000000000000}, 0x6)

15:26:30 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x222, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:30 executing program 3:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000080)=""/4096)
r2 = memfd_create(&(0x7f0000001080)="8373797374656d00", 0x5)
ioctl$KDSETLED(r2, 0x4b32, 0x7)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

15:26:30 executing program 2:
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fstatfs(r0, &(0x7f0000000180)=""/4096)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000140)={0x80000000, 0x80002, 0x3, 0x2})
ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1d}}})

15:26:30 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

[ 1279.547174] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:84KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1279.567373] Memory cgroup out of memory: Kill process 25776 (syz-executor4) score 160 or sacrifice child
[ 1279.577041] Killed process 25776 (syz-executor4) total-vm:70120kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1279.588059] oom_reaper: reaped process 25776 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
15:26:30 executing program 5:
r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x40001000001, 0x400000)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100)={0x6, 0x1, 0x0, 0x2})

15:26:30 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/114, 0x114000, 0x1800, 0x100}, 0x18)
ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f0000000180))
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={0x0, {0x2, 0x4e21, @local}, {0x2, 0x4e21, @broadcast}, {0x2, 0x4e23, @remote}, 0x8, 0x1, 0x0, 0x5, 0x4, 0x0, 0x5, 0xffffffff, 0x6891})
write$P9_RRENAME(r0, &(0x7f0000000140)={0x7, 0x15, 0x2}, 0x7)

15:26:30 executing program 3:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:30 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x100000000000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1279.678145] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
15:26:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)

[ 1279.762908] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1279.768174] CPU: 1 PID: 25791 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1279.775536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1279.784977] Call Trace:
[ 1279.787576]  dump_stack+0x1c4/0x2b4
[ 1279.791215]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1279.796416]  ? mark_held_locks+0x130/0x130
[ 1279.800669]  ? mark_held_locks+0x130/0x130
[ 1279.804914]  dump_header+0x27b/0xf72
[ 1279.808645]  ? debug_smp_processor_id+0x1c/0x20
15:26:30 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2f000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1279.813328]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1279.818880]  ? pagefault_out_of_memory+0x197/0x197
[ 1279.823828]  ? debug_smp_processor_id+0x1c/0x20
[ 1279.828507]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1279.833447]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1279.838389]  ? perf_trace_lock+0x7a0/0x7a0
[ 1279.842633]  ? perf_trace_lock+0x7a0/0x7a0
[ 1279.846890]  ? debug_smp_processor_id+0x1c/0x20
[ 1279.851569]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1279.856500]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1279.856515]  ? perf_trace_lock+0x7a0/0x7a0
[ 1279.856532]  ? task_will_free_mem+0x239/0xb30
[ 1279.866295]  ? ___ratelimit+0x36f/0x655
[ 1279.866310]  ? lock_downgrade+0x900/0x900
[ 1279.866328]  ? trace_hardirqs_on+0xbd/0x310
[ 1279.866342]  ? kasan_check_read+0x11/0x20
[ 1279.887348]  ? ___ratelimit+0x36f/0x655
[ 1279.891316]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1279.896758]  ? trace_hardirqs_on+0x310/0x310
[ 1279.901156]  ? lock_downgrade+0x900/0x900
[ 1279.905295]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1279.910386]  ? ___ratelimit+0xaa/0x655
[ 1279.914264]  ? idr_get_free+0xec0/0xec0
[ 1279.918235]  ? kasan_check_write+0x14/0x20
[ 1279.922471]  ? do_raw_spin_lock+0xc1/0x200
[ 1279.926698]  oom_kill_process.cold.27+0x10/0x903
[ 1279.931444]  ? kasan_check_write+0x14/0x20
[ 1279.935667]  ? do_raw_spin_lock+0xc1/0x200
[ 1279.939905]  ? oom_evaluate_task+0x540/0x540
[ 1279.944306]  ? cgroup_procs_next+0x70/0x70
[ 1279.948531]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1279.953012]  ? oom_badness+0xaa0/0xaa0
[ 1279.956886]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1279.961631]  ? mem_cgroup_iter_break+0x30/0x30
[ 1279.966206]  ? cgroup_file_notify+0x226/0x2f0
[ 1279.970692]  out_of_memory+0xa84/0x1430
[ 1279.974665]  ? kasan_check_read+0x11/0x20
[ 1279.978799]  ? oom_killer_disable+0x3a0/0x3a0
[ 1279.983281]  ? kasan_check_write+0x14/0x20
[ 1279.987502]  ? do_raw_spin_lock+0xc1/0x200
[ 1279.991729]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1279.996556]  ? memcg_memory_event+0x40/0x40
[ 1280.000863]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1280.005696]  ? page_counter_try_charge+0x1c1/0x220
[ 1280.010617]  try_charge+0xc43/0x1690
[ 1280.014321]  ? lock_downgrade+0x900/0x900
[ 1280.018461]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1280.024510]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1280.030036]  ? should_fail+0x22d/0xd01
[ 1280.033915]  ? percpu_ref_tryget_live+0x168/0x460
[ 1280.038746]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1280.043587]  ? lock_downgrade+0x900/0x900
[ 1280.047727]  ? lock_release+0x970/0x970
[ 1280.051692]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1280.057478]  ? create_empty_buffers+0xdb0/0xdb0
[ 1280.062136]  ? check_preemption_disabled+0x48/0x200
[ 1280.067147]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1280.072150]  ? fs_reclaim_acquire+0x20/0x20
[ 1280.076461]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1280.081118]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1280.085623]  ? lock_downgrade+0x900/0x900
[ 1280.089762]  memcg_kmem_charge+0x135/0x300
[ 1280.093989]  __alloc_pages_nodemask+0x72e/0xde0
[ 1280.098674]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1280.103678]  ? lock_acquire+0x1ed/0x520
[ 1280.107639]  ? ext4_page_mkwrite+0x211/0x14a0
[ 1280.112143]  ? set_page_dirty_lock+0x190/0x190
[ 1280.116717]  ? ext4_page_mkwrite+0xcd9/0x14a0
[ 1280.121199]  ? lock_downgrade+0x900/0x900
[ 1280.125332]  ? lock_downgrade+0x900/0x900
[ 1280.129471]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1280.134996]  alloc_pages_current+0x10c/0x210
[ 1280.139391]  pte_alloc_one+0x1b/0x1a0
[ 1280.143183]  __pte_alloc+0x2a/0x350
[ 1280.146802]  alloc_set_pte+0x1352/0x17d0
[ 1280.150862]  ? do_swap_page+0x2c60/0x2c60
[ 1280.154995]  ? ext4_change_inode_journal_flag+0x3e0/0x3e0
[ 1280.160521]  ? up_read+0x1a/0x110
[ 1280.163966]  ? ext4_filemap_fault+0x8d/0xad
[ 1280.168275]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1280.173798]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1280.179328]  ? unlock_page+0x2c2/0x4c0
[ 1280.183204]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1280.188725]  ? do_page_mkwrite+0x380/0x660
[ 1280.192946]  ? lock_page+0x170/0x170
[ 1280.196647]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1280.202168]  ? pud_val+0x88/0x100
[ 1280.205617]  finish_fault+0x179/0x2d0
[ 1280.209407]  __handle_mm_fault+0x361a/0x53e0
[ 1280.213807]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1280.218641]  ? __kasan_slab_free+0x119/0x150
[ 1280.223043]  ? tun_get+0x22d/0x370
[ 1280.226571]  ? tun_chr_close+0x180/0x180
[ 1280.230623]  ? blkcg_maybe_throttle_current+0xa38/0x1080
[ 1280.236064]  ? lock_acquire+0x1ed/0x520
[ 1280.240136]  ? handle_mm_fault+0x42a/0xc70
[ 1280.244359]  ? lock_downgrade+0x900/0x900
[ 1280.248500]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1280.254286]  ? __do_page_fault+0x67d/0xed0
[ 1280.258511]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1280.263961]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1280.269491]  ? check_preemption_disabled+0x48/0x200
[ 1280.274606]  handle_mm_fault+0x54f/0xc70
[ 1280.278657]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1280.283229]  ? find_vma+0x34/0x190
[ 1280.286758]  __do_page_fault+0x67d/0xed0
[ 1280.290818]  ? mm_fault_error+0x380/0x380
[ 1280.294965]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1280.300493]  do_page_fault+0xf2/0x7e0
[ 1280.304381]  ? vmalloc_sync_all+0x30/0x30
[ 1280.308516]  ? error_entry+0x70/0xd0
[ 1280.312230]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1280.317233]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1280.322166]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1280.326999]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1280.332008]  ? trace_hardirqs_off+0x310/0x310
[ 1280.336496]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1280.341510]  ? page_fault+0x8/0x30
[ 1280.345040]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1280.349868]  ? page_fault+0x8/0x30
[ 1280.353415]  page_fault+0x1e/0x30
[ 1280.356853] RIP: 0023:0x804966e
[ 1280.360120] Code: 02 83 c0 43 e8 83 ff ff ff 8d 76 00 53 83 ec 08 8b 0d 28 00 46 08 8b 15 24 00 46 08 39 ca 8d 99 00 00 00 01 72 15 39 da 73 11 <89> 02 8d 42 04 a3 24 00 46 08 83 c4 08 89 d0 5b c3 53 51 52 68 90
[ 1280.379007] RSP: 002b:000000000845fc30 EFLAGS: 00010287
[ 1280.384358] RAX: 0000000000000000 RBX: 000000002e320000 RCX: 000000002d320000
[ 1280.391615] RDX: 000000002d320000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1280.398871] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1280.406126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1280.413379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1280.422022] Task in /syz4 killed as a result of limit of /syz4
[ 1280.433820] memory: usage 204800kB, limit 204800kB, failcnt 1735
[ 1280.440233] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1280.447437] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1280.454205] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1280.474678] Memory cgroup out of memory: Kill process 25791 (syz-executor4) score 160 or sacrifice child
[ 1280.491722] Killed process 25791 (syz-executor4) total-vm:69988kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
15:26:31 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x725e010000000000}, 0x6)

15:26:31 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0xffffff89, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:31 executing program 2:
r0 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x40001000004, 0x200801)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000000)='trusted.overlay.opaque\x00', &(0x7f00000000c0)='y\x00', 0x517, 0x2)
ioctl$RTC_IRQP_READ(r0, 0x8004700b, &(0x7f0000000040))
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
pause()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={<r1=>0x0}, &(0x7f0000000180)=0xc)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000001c0)={0x7, 0x5, 0x0, 0x20, 0x9, 0xe2, 0x0, 0x3, 0x6, 0x6f8a, 0x8}, 0xb)
getpriority(0x2, r1)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)

15:26:31 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x403c5404, &(0x7f0000000000)={{0x1, 0xad805c8c2f905fd0, 0x4, 0x0, 0x401}, 0x6d, 0x100})
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))

15:26:31 executing program 3:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0xa0800)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r2, 0x800455d1, &(0x7f00000000c0))
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0xae78, &(0x7f0000000040))

[ 1280.510474] oom_reaper: reaped process 25791 (syz-executor4), now anon-rss:0kB, file-rss:32156kB, shmem-rss:0kB
15:26:31 executing program 3:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:31 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x29, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1280.581935] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000
[ 1280.608472] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1280.620413] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1280.627727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1280.627733] Call Trace:
[ 1280.627754]  dump_stack+0x1c4/0x2b4
[ 1280.627774]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1280.648498]  dump_header+0x27b/0xf72
[ 1280.652227]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1280.658037]  ? pagefault_out_of_memory+0x197/0x197
[ 1280.662974]  ? rcu_read_unlock+0x33/0x60
[ 1280.662988]  ? mem_cgroup_iter+0x514/0x1160
[ 1280.663006]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1280.663020]  ? css_task_iter_end+0x222/0x490
[ 1280.663033]  ? lock_downgrade+0x900/0x900
[ 1280.663052]  ? trace_hardirqs_on+0xbd/0x310
[ 1280.671495]  ? kasan_check_read+0x11/0x20
[ 1280.671512]  ? css_task_iter_end+0x222/0x490
[ 1280.671529]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1280.680656]  ? kasan_check_write+0x14/0x20
[ 1280.680672]  ? do_raw_spin_lock+0xc1/0x200
[ 1280.680690]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1280.689127]  ? css_task_iter_end+0x2ce/0x490
[ 1280.689142]  ? cgroup_procs_next+0x70/0x70
[ 1280.689159]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1280.707342]  ? oom_badness+0xaa0/0xaa0
[ 1280.707360]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1280.707379]  ? mem_cgroup_iter_break+0x30/0x30
[ 1280.716083]  ? cgroup_file_notify+0x226/0x2f0
[ 1280.716101]  out_of_memory.cold.30+0xf/0x184
[ 1280.716114]  ? kasan_check_read+0x11/0x20
[ 1280.716128]  ? oom_killer_disable+0x3a0/0x3a0
[ 1280.716140]  ? kasan_check_write+0x14/0x20
[ 1280.716154]  ? do_raw_spin_lock+0xc1/0x200
[ 1280.716175]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1280.773237]  ? memcg_memory_event+0x40/0x40
[ 1280.777552]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1280.782387]  ? page_counter_try_charge+0x1c1/0x220
[ 1280.787309]  try_charge+0xc43/0x1690
[ 1280.791011]  ? lock_downgrade+0x900/0x900
[ 1280.795150]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1280.801200]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1280.806727]  ? should_fail+0x22d/0xd01
[ 1280.810606]  ? percpu_ref_tryget_live+0x168/0x460
[ 1280.815439]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1280.820269]  ? lock_downgrade+0x900/0x900
[ 1280.824417]  ? lock_release+0x970/0x970
[ 1280.828380]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1280.834261]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1280.839090]  ? fs_reclaim_acquire+0x20/0x20
[ 1280.843421]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1280.848076]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1280.852560]  ? debug_smp_processor_id+0x1c/0x20
[ 1280.857220]  memcg_kmem_charge+0x135/0x300
[ 1280.861448]  __alloc_pages_nodemask+0x72e/0xde0
[ 1280.866104]  ? debug_smp_processor_id+0x1c/0x20
[ 1280.870769]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1280.875782]  ? perf_trace_lock+0x7a0/0x7a0
[ 1280.880029]  ? lock_acquire+0x1ed/0x520
[ 1280.883995]  ? copy_page_range+0x1770/0x26b0
[ 1280.888390]  ? lock_downgrade+0x900/0x900
[ 1280.893222]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1280.898748]  alloc_pages_current+0x10c/0x210
[ 1280.903167]  ? ___might_sleep+0x1ed/0x300
[ 1280.907307]  pte_alloc_one+0x1b/0x1a0
[ 1280.911095]  __pte_alloc+0x2a/0x350
[ 1280.914712]  copy_page_range+0x18c5/0x26b0
[ 1280.918956]  ? pmd_alloc+0x180/0x180
[ 1280.922659]  ? check_preemption_disabled+0x48/0x200
[ 1280.927678]  ? debug_smp_processor_id+0x1c/0x20
[ 1280.932334]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1280.937251]  ? save_stack+0x43/0xd0
[ 1280.940876]  ? kasan_slab_alloc+0x12/0x20
[ 1280.945026]  ? perf_trace_lock+0x7a0/0x7a0
[ 1280.949249]  ? percpu_ref_put_many+0x11c/0x260
[ 1280.953818]  ? lock_downgrade+0x900/0x900
[ 1280.957956]  ? lock_release+0x970/0x970
[ 1280.961917]  ? memcg_kmem_get_cache+0x3a9/0x9d0
[ 1280.966578]  ? mem_cgroup_handle_over_high+0x130/0x130
[ 1280.971842]  ? lock_downgrade+0x900/0x900
[ 1280.975983]  ? copy_process+0x454b/0x8780
[ 1280.980123]  ? lock_downgrade+0x900/0x900
[ 1280.984258]  ? lock_release+0x970/0x970
[ 1280.988220]  ? arch_local_save_flags+0x40/0x40
[ 1280.992805]  ? dup_userfaultfd+0x6d8/0x890
[ 1280.997037]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1281.002045]  ? validate_mm_rb+0xaa/0xc0
[ 1281.006009]  ? __vma_link_rb+0x26c/0x370
[ 1281.010061]  copy_process+0x4721/0x8780
[ 1281.014039]  ? __cleanup_sighand+0x70/0x70
[ 1281.018261]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1281.022578]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1281.028100]  ? page_trans_huge_map_swapcount+0xbae/0x1270
[ 1281.033623]  ? enqueue_entity+0x1ff0/0x1ff0
[ 1281.037937]  ? page_swapcount+0x1d0/0x1d0
[ 1281.042073]  ? trace_hardirqs_off+0xb8/0x310
[ 1281.046466]  ? kasan_check_read+0x11/0x20
[ 1281.050599]  ? trace_hardirqs_on+0x310/0x310
[ 1281.054995]  ? rcu_read_lock+0x70/0x70
[ 1281.058877]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1281.063967]  ? try_to_wake_up+0x10a/0x12f0
[ 1281.068190]  ? migrate_swap_stop+0x930/0x930
[ 1281.072584]  ? perf_trace_lock+0x7a0/0x7a0
[ 1281.076811]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.082334]  ? check_preemption_disabled+0x48/0x200
[ 1281.087349]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.092872]  ? reuse_swap_page+0x4bd/0x1520
[ 1281.097186]  ? swp_swapcount+0x530/0x530
[ 1281.101238]  ? mark_held_locks+0x130/0x130
[ 1281.105458]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.110984]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1281.115910]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1281.121013]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.126540]  ? ep_poll_callback+0x527/0x10e0
[ 1281.130933]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.136461]  ? check_preemption_disabled+0x48/0x200
[ 1281.141467]  ? mark_held_locks+0x130/0x130
[ 1281.145697]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1281.150615]  ? perf_trace_lock+0x7a0/0x7a0
[ 1281.154841]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.160367]  ? check_preemption_disabled+0x48/0x200
[ 1281.165372]  ? check_preemption_disabled+0x48/0x200
[ 1281.170375]  ? debug_smp_processor_id+0x1c/0x20
[ 1281.175031]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1281.180558]  ? page_move_anon_rmap+0x33f/0x620
[ 1281.185129]  ? lock_downgrade+0x900/0x900
[ 1281.189265]  ? wake_up_page_bit+0x6f0/0x6f0
[ 1281.193577]  ? kasan_check_read+0x11/0x20
[ 1281.197714]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1281.202139]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1281.206720]  ? pgd_free+0x380/0x380
[ 1281.210350]  ? mark_held_locks+0x130/0x130
[ 1281.214573]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1281.219229]  ? ktime_get_coarse_real_ts64+0x243/0x3b0
[ 1281.224407]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.229930]  ? check_preemption_disabled+0x48/0x200
[ 1281.234950]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.240477]  ? check_preemption_disabled+0x48/0x200
[ 1281.245488]  ? debug_smp_processor_id+0x1c/0x20
[ 1281.250147]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1281.255063]  ? kasan_check_write+0x14/0x20
[ 1281.259304]  ? perf_trace_lock+0x7a0/0x7a0
[ 1281.263528]  ? __handle_mm_fault+0x9ab/0x53e0
[ 1281.268016]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1281.272848]  ? __kasan_slab_free+0x119/0x150
[ 1281.277250]  ? pipe_read+0x702/0x940
[ 1281.280960]  _do_fork+0x1cb/0x11d0
[ 1281.284491]  ? fork_idle+0x1d0/0x1d0
[ 1281.288204]  ? kasan_check_read+0x11/0x20
[ 1281.292352]  ? _copy_to_user+0xc8/0x110
[ 1281.296329]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1281.301876]  ? compat_put_timespec64+0x110/0x280
[ 1281.306622]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1281.311369]  ? trace_hardirqs_on+0xbd/0x310
[ 1281.315678]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.321202]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1281.325773]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1281.331214]  __ia32_compat_sys_x86_clone+0xbc/0x140
[ 1281.336225]  do_fast_syscall_32+0x34d/0xfb2
[ 1281.340539]  ? do_int80_syscall_32+0x890/0x890
[ 1281.345108]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1281.349676]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1281.354691]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1281.359522]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1281.364352]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1281.369356]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1281.374376]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1281.379300]  entry_SYSENTER_compat+0x70/0x7f
[ 1281.383693] RIP: 0023:0xf7f56ca9
[ 1281.387048] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1281.406073] RSP: 002b:000000000845fd70 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[ 1281.413768] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[ 1281.421022] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008eb9968
[ 1281.428274] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
15:26:32 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x20e, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1281.435543] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1281.442798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1281.456857] Memory limit reached of cgroup /syz4
[ 1281.461815] memory: usage 204748kB, limit 204800kB, failcnt 1748
[ 1281.469073] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1281.476063] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:26:32 executing program 3:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1281.492146] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
15:26:32 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x80340, 0x0)

15:26:32 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={<r1=>0x0, 0x100000000, 0x6, 0xed, 0x3ff, 0x7fff}, &(0x7f0000000040)=0x14)
ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f0000000280)=0x1)
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000240)={0x4, @dev={0xac, 0x14, 0x14, 0x1c}, 0x4e23, 0x4, 'lc\x00', 0x8, 0x8001, 0x7b}, 0x2c)
r2 = getpid()
capget(&(0x7f0000000080)={0x200f1526, r2}, &(0x7f00000002c0)={0x3, 0xfffffffffffffffe, 0x1, 0x0, 0x6, 0x100000000})
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00')
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000400)={&(0x7f0000000100), 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="726805ba", @ANYRES16=r3, @ANYBLOB="00022abd7000fcdbdf250d00000008000500f9ffffff4c0001000c000700200000000400000008000600666f000008000b007369700008000b00736970000800090060000000080001000000000008000500040000000c0006006c626c637200000008000400070000000800060007000000"], 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4000800)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={r1, @in={{0x2, 0x4e20, @local}}, 0x20, 0xffff}, &(0x7f0000000200)=0x88)

[ 1281.533938] Out of memory and no killable processes...
[ 1281.587689] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1281.610363] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1281.617296] CPU: 0 PID: 25848 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1281.624679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1281.634036] Call Trace:
[ 1281.636633]  dump_stack+0x1c4/0x2b4
[ 1281.640267]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1281.645484]  dump_header+0x27b/0xf72
[ 1281.649212]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1281.655012]  ? pagefault_out_of_memory+0x197/0x197
[ 1281.659932]  ? rcu_read_unlock+0x33/0x60
[ 1281.663988]  ? mem_cgroup_iter+0x514/0x1160
[ 1281.668332]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1281.673080]  ? css_task_iter_end+0x222/0x490
[ 1281.677476]  ? lock_downgrade+0x900/0x900
[ 1281.681614]  ? trace_hardirqs_on+0xbd/0x310
[ 1281.685921]  ? kasan_check_read+0x11/0x20
[ 1281.690050]  ? css_task_iter_end+0x222/0x490
[ 1281.694451]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1281.699909]  ? kasan_check_write+0x14/0x20
[ 1281.704133]  ? do_raw_spin_lock+0xc1/0x200
[ 1281.708354]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1281.712840]  ? css_task_iter_end+0x2ce/0x490
[ 1281.717240]  ? cgroup_procs_next+0x70/0x70
[ 1281.721459]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1281.725941]  ? oom_badness+0xaa0/0xaa0
[ 1281.729815]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1281.734559]  ? mem_cgroup_iter_break+0x30/0x30
[ 1281.739143]  ? cgroup_file_notify+0x226/0x2f0
[ 1281.743633]  out_of_memory.cold.30+0xf/0x184
[ 1281.748025]  ? kasan_check_read+0x11/0x20
[ 1281.752155]  ? oom_killer_disable+0x3a0/0x3a0
[ 1281.756639]  ? kasan_check_write+0x14/0x20
[ 1281.760857]  ? do_raw_spin_lock+0xc1/0x200
[ 1281.765085]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1281.769910]  ? memcg_memory_event+0x40/0x40
[ 1281.774303]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1281.779049]  ? page_counter_try_charge+0x1c1/0x220
[ 1281.783972]  try_charge+0xc43/0x1690
[ 1281.787670]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1281.792765]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1281.798806]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1281.803632]  ? lock_downgrade+0x900/0x900
[ 1281.807764]  ? lock_release+0x970/0x970
[ 1281.811721]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1281.817514]  ? do_raw_spin_lock+0xc1/0x200
[ 1281.821745]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1281.826569]  ? mem_cgroup_can_attach+0x580/0x580
[ 1281.831313]  ? filemap_map_pages+0xdc3/0x1980
[ 1281.835800]  ? __might_sleep+0x95/0x190
[ 1281.839774]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1281.844341]  ? mem_cgroup_protected+0xa60/0xa60
[ 1281.848993]  ? swp_swapcount+0x530/0x530
[ 1281.853045]  ? find_get_pages_range_tag+0x1320/0x1320
[ 1281.858222]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1281.863747]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1281.868666]  wp_page_copy+0x46c/0x14f0
[ 1281.872553]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.878086]  ? follow_pfn+0x2e0/0x2e0
[ 1281.881875]  ? do_wp_page+0x76c/0x1390
[ 1281.885761]  ? lock_downgrade+0x900/0x900
[ 1281.889894]  ? kasan_check_write+0x14/0x20
[ 1281.894111]  ? kasan_check_read+0x11/0x20
[ 1281.898245]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1281.902637]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1281.907207]  ? __pte_alloc_kernel+0x220/0x220
[ 1281.911693]  ? alloc_set_pte+0xafa/0x17d0
[ 1281.915825]  ? arch_local_save_flags+0x40/0x40
[ 1281.920392]  do_wp_page+0x774/0x1390
[ 1281.924090]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1281.928752]  ? lock_downgrade+0x900/0x900
[ 1281.932883]  ? lock_release+0x970/0x970
[ 1281.936852]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.942377]  ? check_preemption_disabled+0x48/0x200
[ 1281.947375]  ? kasan_check_read+0x11/0x20
[ 1281.951510]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1281.957032]  ? kasan_check_write+0x14/0x20
[ 1281.961259]  ? do_raw_spin_lock+0xc1/0x200
[ 1281.965481]  __handle_mm_fault+0x2c60/0x53e0
[ 1281.969991]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1281.974817]  ? lock_acquire+0x1ed/0x520
[ 1281.978778]  ? handle_mm_fault+0x42a/0xc70
[ 1281.983012]  ? lock_acquire+0x1ed/0x520
[ 1281.986988]  ? handle_mm_fault+0x42a/0xc70
[ 1281.991209]  ? lock_downgrade+0x900/0x900
[ 1281.995344]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1282.001126]  ? __do_page_fault+0x67d/0xed0
[ 1282.005343]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1282.010779]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1282.016315]  ? check_preemption_disabled+0x48/0x200
[ 1282.021321]  handle_mm_fault+0x54f/0xc70
[ 1282.025388]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1282.029958]  ? find_vma+0x34/0x190
[ 1282.033485]  __do_page_fault+0x67d/0xed0
[ 1282.037536]  ? mm_fault_error+0x380/0x380
[ 1282.041667]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1282.046500]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1282.051253]  do_page_fault+0xf2/0x7e0
[ 1282.055039]  ? vmalloc_sync_all+0x30/0x30
[ 1282.059182]  ? error_entry+0x70/0xd0
[ 1282.062891]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1282.067898]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1282.072817]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1282.077693]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1282.082786]  ? trace_hardirqs_off+0x310/0x310
[ 1282.087270]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1282.092271]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1282.097791]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1282.102790]  ? page_fault+0x8/0x30
[ 1282.106314]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1282.111141]  ? page_fault+0x8/0x30
[ 1282.114675]  page_fault+0x1e/0x30
[ 1282.118113] RIP: 0023:0x807ee37
[ 1282.121494] Code: 02 00 00 85 ff 0f 85 e8 00 00 00 65 8b 0d 08 00 00 00 65 a1 68 00 00 00 39 45 dc 0f 84 24 02 00 00 a1 80 36 46 08 85 c0 74 03 <83> 00 04 65 a1 68 00 00 00 65 a3 6c 00 00 00 0f 31 65 a3 1c 02 00
[ 1282.140380] RSP: 002b:000000000845fd80 EFLAGS: 00010206
[ 1282.145729] RAX: 00000000084633e8 RBX: 0000000001200011 RCX: 0000000008eb9900
[ 1282.152980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1282.160232] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1282.167497] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1282.174771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1282.186716] Memory limit reached of cgroup /syz4
[ 1282.191512] memory: usage 204800kB, limit 204800kB, failcnt 1768
[ 1282.198355] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1282.205183] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1282.211343] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1282.231838] Out of memory and no killable processes...
[ 1282.237994] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1282.249236] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1282.254453] CPU: 0 PID: 25848 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1282.261806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1282.271146] Call Trace:
[ 1282.273737]  dump_stack+0x1c4/0x2b4
[ 1282.277352]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1282.282533]  dump_header+0x27b/0xf72
[ 1282.286235]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1282.292021]  ? pagefault_out_of_memory+0x197/0x197
[ 1282.296942]  ? rcu_read_unlock+0x33/0x60
[ 1282.300986]  ? mem_cgroup_iter+0x514/0x1160
[ 1282.305297]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1282.310037]  ? css_task_iter_end+0x222/0x490
[ 1282.314430]  ? lock_downgrade+0x900/0x900
[ 1282.318574]  ? trace_hardirqs_on+0xbd/0x310
[ 1282.322887]  ? kasan_check_read+0x11/0x20
[ 1282.327021]  ? css_task_iter_end+0x222/0x490
[ 1282.331411]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1282.336848]  ? kasan_check_write+0x14/0x20
[ 1282.341066]  ? do_raw_spin_lock+0xc1/0x200
[ 1282.345286]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1282.349765]  ? css_task_iter_end+0x2ce/0x490
[ 1282.354159]  ? cgroup_procs_next+0x70/0x70
[ 1282.358376]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1282.362861]  ? oom_badness+0xaa0/0xaa0
[ 1282.366733]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1282.371471]  ? mem_cgroup_iter_break+0x30/0x30
[ 1282.376047]  ? cgroup_file_notify+0x226/0x2f0
[ 1282.380530]  out_of_memory.cold.30+0xf/0x184
[ 1282.384925]  ? kasan_check_read+0x11/0x20
[ 1282.389055]  ? oom_killer_disable+0x3a0/0x3a0
[ 1282.393550]  ? kasan_check_write+0x14/0x20
[ 1282.397771]  ? do_raw_spin_lock+0xc1/0x200
[ 1282.402010]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1282.407017]  ? memcg_memory_event+0x40/0x40
[ 1282.411322]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1282.416079]  ? page_counter_try_charge+0x1c1/0x220
[ 1282.420997]  try_charge+0xc43/0x1690
[ 1282.424700]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1282.429800]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1282.435842]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1282.440671]  ? lock_downgrade+0x900/0x900
[ 1282.444804]  ? lock_release+0x970/0x970
[ 1282.448762]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1282.454544]  ? do_raw_spin_lock+0xc1/0x200
[ 1282.458769]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1282.463707]  ? mem_cgroup_can_attach+0x580/0x580
[ 1282.468448]  ? filemap_map_pages+0xdc3/0x1980
[ 1282.472935]  ? __might_sleep+0x95/0x190
[ 1282.476893]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1282.481464]  ? mem_cgroup_protected+0xa60/0xa60
[ 1282.486128]  ? swp_swapcount+0x530/0x530
[ 1282.490204]  ? find_get_pages_range_tag+0x1320/0x1320
[ 1282.495378]  ? put_page+0x1bb/0x280
[ 1282.498995]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1282.504536]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1282.509453]  wp_page_copy+0x46c/0x14f0
[ 1282.513339]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1282.518866]  ? follow_pfn+0x2e0/0x2e0
[ 1282.522659]  ? page_move_anon_rmap+0x33f/0x620
[ 1282.527227]  ? do_wp_page+0x76c/0x1390
[ 1282.531221]  ? lock_downgrade+0x900/0x900
[ 1282.535355]  ? kasan_check_write+0x14/0x20
[ 1282.539575]  ? kasan_check_read+0x11/0x20
[ 1282.543706]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1282.548099]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1282.552666]  ? __pte_alloc_kernel+0x220/0x220
[ 1282.557283]  ? alloc_set_pte+0xafa/0x17d0
[ 1282.561421]  do_wp_page+0x774/0x1390
[ 1282.565132]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1282.569791]  ? lock_downgrade+0x900/0x900
[ 1282.573926]  ? lock_release+0x970/0x970
[ 1282.577883]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1282.583412]  ? check_preemption_disabled+0x48/0x200
[ 1282.588415]  ? kasan_check_read+0x11/0x20
[ 1282.592551]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1282.598075]  ? kasan_check_write+0x14/0x20
[ 1282.602297]  ? do_raw_spin_lock+0xc1/0x200
[ 1282.606519]  __handle_mm_fault+0x2c60/0x53e0
[ 1282.610916]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1282.615744]  ? lock_acquire+0x1ed/0x520
[ 1282.619705]  ? handle_mm_fault+0x42a/0xc70
[ 1282.623930]  ? lock_acquire+0x1ed/0x520
[ 1282.627903]  ? handle_mm_fault+0x42a/0xc70
[ 1282.632123]  ? lock_downgrade+0x900/0x900
[ 1282.636267]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1282.642053]  ? __do_page_fault+0x67d/0xed0
[ 1282.646277]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1282.651715]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1282.657237]  ? check_preemption_disabled+0x48/0x200
[ 1282.662260]  handle_mm_fault+0x54f/0xc70
[ 1282.666309]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1282.670874]  ? find_vma+0x34/0x190
[ 1282.674405]  __do_page_fault+0x67d/0xed0
[ 1282.678455]  ? mm_fault_error+0x380/0x380
[ 1282.682585]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1282.687413]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1282.692159]  do_page_fault+0xf2/0x7e0
[ 1282.695960]  ? vmalloc_sync_all+0x30/0x30
[ 1282.700090]  ? error_entry+0x70/0xd0
[ 1282.703797]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1282.708796]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1282.713711]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1282.718539]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1282.723553]  ? trace_hardirqs_off+0x310/0x310
[ 1282.728057]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1282.733063]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1282.738065]  ? page_fault+0x8/0x30
[ 1282.741602]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1282.746439]  ? page_fault+0x8/0x30
[ 1282.749967]  page_fault+0x1e/0x30
[ 1282.753403] RIP: 0023:0x807ee87
[ 1282.756667] Code: 05 08 89 15 bc 36 46 08 85 c0 74 0c 83 ec 0c 51 e8 ee 71 fd ff 83 c4 10 8b 45 e4 85 c0 0f 85 48 01 00 00 8b 75 e0 31 db 31 c9 <66> 89 1d 0e 47 12 08 c7 05 f8 46 12 08 00 00 00 00 c7 05 fc 46 12
[ 1282.775552] RSP: 002b:000000000845fd80 EFLAGS: 00010246
[ 1282.780903] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 1282.788261] RDX: 00000000000002b1 RSI: 000000000845fd80 RDI: 0000000000000000
[ 1282.795513] RBP: 000000000845fdc8 R08: 0000000000000000 R09: 0000000000000000
[ 1282.802764] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1282.810033] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1282.818778] Memory limit reached of cgroup /syz4
[ 1282.823627] memory: usage 204800kB, limit 204800kB, failcnt 1776
[ 1282.829865] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1282.836678] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1282.842815] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1282.863006] Out of memory and no killable processes...
[ 1282.869009] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1282.880232] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1282.885405] CPU: 0 PID: 25848 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1282.892756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1282.902727] Call Trace:
[ 1282.905306]  dump_stack+0x1c4/0x2b4
[ 1282.908924]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1282.914102]  dump_header+0x27b/0xf72
[ 1282.917804]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1282.923588]  ? pagefault_out_of_memory+0x197/0x197
[ 1282.928510]  ? rcu_read_unlock+0x33/0x60
[ 1282.932552]  ? mem_cgroup_iter+0x514/0x1160
[ 1282.936860]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1282.941608]  ? css_task_iter_end+0x222/0x490
[ 1282.946003]  ? lock_downgrade+0x900/0x900
[ 1282.950136]  ? trace_hardirqs_on+0xbd/0x310
[ 1282.954442]  ? kasan_check_read+0x11/0x20
[ 1282.958579]  ? css_task_iter_end+0x222/0x490
[ 1282.962981]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1282.968413]  ? kasan_check_write+0x14/0x20
[ 1282.972632]  ? do_raw_spin_lock+0xc1/0x200
[ 1282.976868]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1282.981370]  ? css_task_iter_end+0x2ce/0x490
[ 1282.985769]  ? cgroup_procs_next+0x70/0x70
[ 1282.989988]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1282.994465]  ? oom_badness+0xaa0/0xaa0
[ 1282.998339]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1283.003080]  ? mem_cgroup_iter_break+0x30/0x30
[ 1283.007652]  ? cgroup_file_notify+0x226/0x2f0
[ 1283.012136]  out_of_memory.cold.30+0xf/0x184
[ 1283.016528]  ? kasan_check_read+0x11/0x20
[ 1283.020660]  ? oom_killer_disable+0x3a0/0x3a0
[ 1283.025138]  ? kasan_check_write+0x14/0x20
[ 1283.029357]  ? do_raw_spin_lock+0xc1/0x200
[ 1283.033586]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1283.038420]  ? memcg_memory_event+0x40/0x40
[ 1283.042727]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1283.047468]  ? page_counter_try_charge+0x1c1/0x220
[ 1283.052385]  try_charge+0xc43/0x1690
[ 1283.056084]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1283.061177]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1283.067229]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1283.072060]  ? lock_downgrade+0x900/0x900
[ 1283.076191]  ? lock_release+0x970/0x970
[ 1283.080150]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1283.085948]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1283.090777]  ? mem_cgroup_can_attach+0x580/0x580
[ 1283.095621]  ? memcg_check_events+0x93/0x550
[ 1283.100017]  ? __this_cpu_preempt_check+0x1c/0x1f
[ 1283.104848]  ? __might_sleep+0x95/0x190
[ 1283.108813]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1283.113383]  ? mem_cgroup_protected+0xa60/0xa60
[ 1283.118053]  ? swp_swapcount+0x530/0x530
[ 1283.122102]  ? mem_cgroup_uncharge_swap+0x1a0/0x1a0
[ 1283.127117]  ? wp_page_copy+0xad1/0x14f0
[ 1283.131168]  ? lock_downgrade+0x900/0x900
[ 1283.135318]  ? put_page+0x1bb/0x280
[ 1283.138934]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1283.144460]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1283.149378]  wp_page_copy+0x46c/0x14f0
[ 1283.153255]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1283.158780]  ? follow_pfn+0x2e0/0x2e0
[ 1283.162570]  ? do_wp_page+0x76c/0x1390
[ 1283.166462]  ? lock_downgrade+0x900/0x900
[ 1283.170602]  ? kasan_check_write+0x14/0x20
[ 1283.174828]  ? kasan_check_read+0x11/0x20
[ 1283.178970]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1283.183368]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1283.187934]  ? __pte_alloc_kernel+0x220/0x220
[ 1283.192442]  ? alloc_set_pte+0xafa/0x17d0
[ 1283.196594]  do_wp_page+0x774/0x1390
[ 1283.200296]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1283.204951]  ? lock_downgrade+0x900/0x900
[ 1283.209084]  ? lock_release+0x970/0x970
[ 1283.213043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1283.218572]  ? check_preemption_disabled+0x48/0x200
[ 1283.223593]  ? kasan_check_read+0x11/0x20
[ 1283.227726]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1283.233261]  ? kasan_check_write+0x14/0x20
[ 1283.237480]  ? do_raw_spin_lock+0xc1/0x200
[ 1283.241704]  __handle_mm_fault+0x2c60/0x53e0
[ 1283.246122]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1283.250954]  ? lock_acquire+0x1ed/0x520
[ 1283.254916]  ? handle_mm_fault+0x42a/0xc70
[ 1283.259140]  ? lock_acquire+0x1ed/0x520
[ 1283.263112]  ? handle_mm_fault+0x42a/0xc70
[ 1283.267330]  ? lock_downgrade+0x900/0x900
[ 1283.271466]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1283.277249]  ? __do_page_fault+0x67d/0xed0
[ 1283.281469]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1283.286903]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1283.292428]  ? check_preemption_disabled+0x48/0x200
[ 1283.297433]  handle_mm_fault+0x54f/0xc70
[ 1283.301479]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1283.306161]  ? find_vma+0x34/0x190
[ 1283.309689]  __do_page_fault+0x67d/0xed0
[ 1283.313735]  ? mm_fault_error+0x380/0x380
[ 1283.317886]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1283.322709]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.327454]  do_page_fault+0xf2/0x7e0
[ 1283.331249]  ? vmalloc_sync_all+0x30/0x30
[ 1283.335381]  ? error_entry+0x70/0xd0
[ 1283.339081]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1283.344083]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1283.348997]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1283.353825]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1283.358832]  ? trace_hardirqs_off+0x310/0x310
[ 1283.363316]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1283.368425]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1283.373950]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1283.378952]  ? page_fault+0x8/0x30
[ 1283.382476]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1283.387304]  ? page_fault+0x8/0x30
[ 1283.390827]  page_fault+0x1e/0x30
[ 1283.394267] RIP: 0023:0x8052253
[ 1283.397534] Code: 68 3d 12 08 74 21 c7 43 04 70 3d 12 08 a1 6c 3d 12 08 89 08 8b 15 70 3d 12 08 89 42 04 a1 68 3d 12 08 a3 70 3d 12 08 8d 45 60 <a3> 34 00 46 08 8b 4d 64 8b 55 60 89 4a 04 8b 4d 64 89 11 c7 05 34
[ 1283.416420] RSP: 002b:000000000845fd60 EFLAGS: 00010246
[ 1283.421768] RAX: 0000000008eb9960 RBX: 0000000008123d68 RCX: 0000000008123d70
[ 1283.429019] RDX: 00000000080520d0 RSI: 000000000845fd80 RDI: 0000000000000000
[ 1283.436271] RBP: 0000000008eb9900 R08: 0000000000000000 R09: 0000000000000000
[ 1283.443526] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1283.450784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1283.458907] Memory limit reached of cgroup /syz4
[ 1283.463719] memory: usage 204804kB, limit 204800kB, failcnt 1784
[ 1283.469860] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1283.476630] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1283.482773] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1283.502964] Out of memory and no killable processes...
[ 1283.508965] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1283.520168] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1283.525355] CPU: 0 PID: 25848 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1283.532697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1283.542032] Call Trace:
[ 1283.544614]  dump_stack+0x1c4/0x2b4
[ 1283.548239]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1283.553422]  dump_header+0x27b/0xf72
[ 1283.557129]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1283.562920]  ? pagefault_out_of_memory+0x197/0x197
[ 1283.567846]  ? rcu_read_unlock+0x33/0x60
[ 1283.571894]  ? mem_cgroup_iter+0x514/0x1160
[ 1283.576213]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1283.581069]  ? css_task_iter_end+0x222/0x490
[ 1283.585468]  ? lock_downgrade+0x900/0x900
[ 1283.589619]  ? trace_hardirqs_on+0xbd/0x310
[ 1283.593954]  ? kasan_check_read+0x11/0x20
[ 1283.598089]  ? css_task_iter_end+0x222/0x490
[ 1283.602482]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1283.607919]  ? kasan_check_write+0x14/0x20
[ 1283.612139]  ? do_raw_spin_lock+0xc1/0x200
[ 1283.616361]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1283.620849]  ? css_task_iter_end+0x2ce/0x490
[ 1283.625242]  ? cgroup_procs_next+0x70/0x70
[ 1283.629466]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1283.633956]  ? oom_badness+0xaa0/0xaa0
[ 1283.637842]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1283.642595]  ? mem_cgroup_iter_break+0x30/0x30
[ 1283.647171]  ? cgroup_file_notify+0x226/0x2f0
[ 1283.651653]  out_of_memory.cold.30+0xf/0x184
[ 1283.656047]  ? kasan_check_read+0x11/0x20
[ 1283.660181]  ? oom_killer_disable+0x3a0/0x3a0
[ 1283.664660]  ? kasan_check_write+0x14/0x20
[ 1283.668879]  ? do_raw_spin_lock+0xc1/0x200
[ 1283.673112]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1283.677938]  ? memcg_memory_event+0x40/0x40
[ 1283.682259]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1283.687005]  ? page_counter_try_charge+0x1c1/0x220
[ 1283.691921]  try_charge+0xc43/0x1690
[ 1283.695618]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1283.700724]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1283.706766]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1283.711596]  ? lock_downgrade+0x900/0x900
[ 1283.715728]  ? lock_release+0x970/0x970
[ 1283.719689]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1283.725478]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1283.730308]  ? mem_cgroup_can_attach+0x580/0x580
[ 1283.735062]  ? memcg_check_events+0x93/0x550
[ 1283.739466]  ? __this_cpu_preempt_check+0x1c/0x1f
[ 1283.744302]  ? __might_sleep+0x95/0x190
[ 1283.748276]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1283.752853]  ? mem_cgroup_protected+0xa60/0xa60
[ 1283.757509]  ? swp_swapcount+0x530/0x530
[ 1283.761563]  ? mem_cgroup_uncharge_swap+0x1a0/0x1a0
[ 1283.766567]  ? wp_page_copy+0xad1/0x14f0
[ 1283.770612]  ? lock_downgrade+0x900/0x900
[ 1283.774744]  ? put_page+0x1bb/0x280
[ 1283.778359]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1283.783885]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1283.788888]  wp_page_copy+0x46c/0x14f0
[ 1283.792769]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1283.798304]  ? follow_pfn+0x2e0/0x2e0
[ 1283.802112]  ? do_wp_page+0x76c/0x1390
[ 1283.805988]  ? lock_downgrade+0x900/0x900
[ 1283.810121]  ? kasan_check_write+0x14/0x20
[ 1283.814347]  ? kasan_check_read+0x11/0x20
[ 1283.818484]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1283.822881]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1283.827447]  ? __pte_alloc_kernel+0x220/0x220
[ 1283.831927]  ? alloc_set_pte+0xafa/0x17d0
[ 1283.836065]  do_wp_page+0x774/0x1390
[ 1283.839770]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1283.844423]  ? lock_downgrade+0x900/0x900
[ 1283.848557]  ? lock_release+0x970/0x970
[ 1283.852512]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1283.858056]  ? check_preemption_disabled+0x48/0x200
[ 1283.863055]  ? kasan_check_read+0x11/0x20
[ 1283.867190]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1283.872713]  ? kasan_check_write+0x14/0x20
[ 1283.876934]  ? do_raw_spin_lock+0xc1/0x200
[ 1283.881172]  __handle_mm_fault+0x2c60/0x53e0
[ 1283.885568]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1283.890393]  ? lock_acquire+0x1ed/0x520
[ 1283.894354]  ? handle_mm_fault+0x42a/0xc70
[ 1283.898575]  ? lock_acquire+0x1ed/0x520
[ 1283.902541]  ? handle_mm_fault+0x42a/0xc70
[ 1283.906763]  ? lock_downgrade+0x900/0x900
[ 1283.910899]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1283.916686]  ? __do_page_fault+0x67d/0xed0
[ 1283.920908]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1283.926348]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1283.931870]  ? check_preemption_disabled+0x48/0x200
[ 1283.936878]  handle_mm_fault+0x54f/0xc70
[ 1283.940928]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1283.945501]  ? find_vma+0x34/0x190
[ 1283.949037]  __do_page_fault+0x67d/0xed0
[ 1283.953098]  ? mm_fault_error+0x380/0x380
[ 1283.957237]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1283.962065]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.966811]  do_page_fault+0xf2/0x7e0
[ 1283.970595]  ? vmalloc_sync_all+0x30/0x30
[ 1283.974726]  ? error_entry+0x70/0xd0
[ 1283.978427]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1283.983425]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1283.988342]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1283.993167]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1283.998169]  ? trace_hardirqs_off+0x310/0x310
[ 1284.002649]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1284.007652]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1284.013174]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1284.018172]  ? page_fault+0x8/0x30
[ 1284.021699]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1284.026532]  ? page_fault+0x8/0x30
[ 1284.030056]  page_fault+0x1e/0x30
[ 1284.033493] RIP: 0023:0x8052270
[ 1284.036767] Code: a1 68 3d 12 08 a3 70 3d 12 08 8d 45 60 a3 34 00 46 08 8b 4d 64 8b 55 60 89 4a 04 8b 4d 64 89 11 c7 05 34 00 46 08 00 00 00 00 <c7> 05 6c 3d 12 08 68 3d 12 08 31 d2 c7 05 68 3d 12 08 68 3d 12 08
[ 1284.055655] RSP: 002b:000000000845fd60 EFLAGS: 00010246
[ 1284.061004] RAX: 0000000008eb9960 RBX: 0000000008123d68 RCX: 000000000846002c
[ 1284.068258] RDX: 000000000846002c RSI: 000000000845fd80 RDI: 0000000000000000
[ 1284.075518] RBP: 0000000008eb9900 R08: 0000000000000000 R09: 0000000000000000
[ 1284.082770] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1284.090024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1284.097995] Memory limit reached of cgroup /syz4
[ 1284.102928] memory: usage 204808kB, limit 204800kB, failcnt 1792
[ 1284.109148] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1284.116012] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1284.122222] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1284.142368] Out of memory and no killable processes...
[ 1284.148941] syz-executor4 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0
[ 1284.161481] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1284.166675] CPU: 0 PID: 25848 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1284.174141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1284.183474] Call Trace:
[ 1284.186054]  dump_stack+0x1c4/0x2b4
[ 1284.189668]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1284.194967]  ? mark_held_locks+0x130/0x130
[ 1284.199297]  ? mark_held_locks+0x130/0x130
[ 1284.203525]  dump_header+0x27b/0xf72
[ 1284.207227]  ? debug_smp_processor_id+0x1c/0x20
[ 1284.211880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1284.217402]  ? pagefault_out_of_memory+0x197/0x197
[ 1284.222316]  ? debug_smp_processor_id+0x1c/0x20
[ 1284.226968]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1284.231878]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1284.236797]  ? perf_trace_lock+0x7a0/0x7a0
[ 1284.241014]  ? perf_trace_lock+0x7a0/0x7a0
[ 1284.245233]  ? debug_smp_processor_id+0x1c/0x20
[ 1284.249886]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1284.254802]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1284.260326]  ? perf_trace_lock+0x7a0/0x7a0
[ 1284.264549]  ? task_will_free_mem+0x239/0xb30
[ 1284.269035]  ? ___ratelimit+0x36f/0x655
[ 1284.272998]  ? lock_downgrade+0x900/0x900
[ 1284.277247]  ? trace_hardirqs_on+0xbd/0x310
[ 1284.281559]  ? kasan_check_read+0x11/0x20
[ 1284.285690]  ? ___ratelimit+0x36f/0x655
[ 1284.289648]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1284.295085]  ? trace_hardirqs_on+0x310/0x310
[ 1284.299476]  ? lock_downgrade+0x900/0x900
[ 1284.303619]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1284.308710]  ? ___ratelimit+0xaa/0x655
[ 1284.312583]  ? idr_get_free+0xec0/0xec0
[ 1284.316547]  ? kasan_check_write+0x14/0x20
[ 1284.320789]  ? do_raw_spin_lock+0xc1/0x200
[ 1284.325011]  oom_kill_process.cold.27+0x10/0x903
[ 1284.329750]  ? kasan_check_write+0x14/0x20
[ 1284.333978]  ? do_raw_spin_lock+0xc1/0x200
[ 1284.338201]  ? oom_evaluate_task+0x540/0x540
[ 1284.342594]  ? cgroup_procs_next+0x70/0x70
[ 1284.346813]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1284.351291]  ? oom_badness+0xaa0/0xaa0
[ 1284.355162]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1284.359901]  ? mem_cgroup_iter_break+0x30/0x30
[ 1284.364472]  ? cgroup_file_notify+0x226/0x2f0
[ 1284.368962]  out_of_memory+0xa84/0x1430
[ 1284.372922]  ? kasan_check_read+0x11/0x20
[ 1284.377082]  ? oom_killer_disable+0x3a0/0x3a0
[ 1284.381563]  ? kasan_check_write+0x14/0x20
[ 1284.385781]  ? do_raw_spin_lock+0xc1/0x200
[ 1284.390018]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1284.394844]  ? memcg_memory_event+0x40/0x40
[ 1284.399149]  ? memcg_kmem_charge_memcg+0x7c/0x120
[ 1284.403981]  ? page_counter_try_charge+0x1c1/0x220
[ 1284.409013]  try_charge+0xc43/0x1690
[ 1284.412712]  ? lock_downgrade+0x900/0x900
[ 1284.416852]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1284.422894]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1284.428416]  ? should_fail+0x22d/0xd01
[ 1284.432292]  ? percpu_ref_tryget_live+0x168/0x460
[ 1284.437131]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1284.441971]  ? lock_downgrade+0x900/0x900
[ 1284.446109]  ? lock_release+0x970/0x970
[ 1284.450078]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1284.455856]  ? create_empty_buffers+0xdb0/0xdb0
[ 1284.460514]  ? check_preemption_disabled+0x48/0x200
[ 1284.465519]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1284.470345]  ? fs_reclaim_acquire+0x20/0x20
[ 1284.474653]  memcg_kmem_charge_memcg+0x7c/0x120
[ 1284.479319]  ? memcg_kmem_put_cache+0xb0/0xb0
[ 1284.483811]  ? lock_downgrade+0x900/0x900
[ 1284.487949]  memcg_kmem_charge+0x135/0x300
[ 1284.492171]  __alloc_pages_nodemask+0x72e/0xde0
[ 1284.496827]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1284.501827]  ? lock_acquire+0x1ed/0x520
[ 1284.505785]  ? ext4_page_mkwrite+0x211/0x14a0
[ 1284.510270]  ? set_page_dirty_lock+0x190/0x190
[ 1284.514838]  ? ext4_page_mkwrite+0xcd9/0x14a0
[ 1284.519317]  ? lock_downgrade+0x900/0x900
[ 1284.523450]  ? lock_downgrade+0x900/0x900
[ 1284.527585]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1284.533107]  alloc_pages_current+0x10c/0x210
[ 1284.537501]  pte_alloc_one+0x1b/0x1a0
[ 1284.541285]  __pte_alloc+0x2a/0x350
[ 1284.544897]  alloc_set_pte+0x1352/0x17d0
[ 1284.548958]  ? do_swap_page+0x2c60/0x2c60
[ 1284.553205]  ? ext4_change_inode_journal_flag+0x3e0/0x3e0
[ 1284.558747]  ? up_read+0x1a/0x110
[ 1284.562186]  ? ext4_filemap_fault+0x8d/0xad
[ 1284.566501]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1284.572023]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1284.577544]  ? unlock_page+0x2c2/0x4c0
[ 1284.581417]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1284.586937]  ? do_page_mkwrite+0x380/0x660
[ 1284.591162]  ? lock_page+0x170/0x170
[ 1284.594871]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1284.600480]  ? pud_val+0x88/0x100
[ 1284.603933]  finish_fault+0x179/0x2d0
[ 1284.607729]  __handle_mm_fault+0x361a/0x53e0
[ 1284.612128]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1284.616952]  ? __kasan_slab_free+0x119/0x150
[ 1284.621365]  ? tun_get+0x22d/0x370
[ 1284.624894]  ? tun_chr_close+0x180/0x180
[ 1284.628952]  ? blkcg_maybe_throttle_current+0xa38/0x1080
[ 1284.634409]  ? lock_acquire+0x1ed/0x520
[ 1284.638372]  ? handle_mm_fault+0x42a/0xc70
[ 1284.642592]  ? lock_downgrade+0x900/0x900
[ 1284.646727]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1284.652615]  ? __do_page_fault+0x67d/0xed0
[ 1284.656837]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1284.662272]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1284.667794]  ? check_preemption_disabled+0x48/0x200
[ 1284.672801]  handle_mm_fault+0x54f/0xc70
[ 1284.676859]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1284.681431]  ? find_vma+0x34/0x190
[ 1284.684961]  __do_page_fault+0x67d/0xed0
[ 1284.689015]  ? mm_fault_error+0x380/0x380
[ 1284.693154]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1284.698683]  do_page_fault+0xf2/0x7e0
[ 1284.702478]  ? vmalloc_sync_all+0x30/0x30
[ 1284.706643]  ? error_entry+0x70/0xd0
[ 1284.710344]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1284.715348]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1284.720266]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1284.725098]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1284.730104]  ? trace_hardirqs_off+0x310/0x310
[ 1284.734587]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1284.739592]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1284.744596]  ? page_fault+0x8/0x30
[ 1284.748124]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1284.752955]  ? page_fault+0x8/0x30
[ 1284.756489]  page_fault+0x1e/0x30
[ 1284.759930] RIP: 0023:0x804966e
[ 1284.763201] Code: 02 83 c0 43 e8 83 ff ff ff 8d 76 00 53 83 ec 08 8b 0d 28 00 46 08 8b 15 24 00 46 08 39 ca 8d 99 00 00 00 01 72 15 39 da 73 11 <89> 02 8d 42 04 a3 24 00 46 08 83 c4 08 89 d0 5b c3 53 51 52 68 90
[ 1284.782109] RSP: 002b:000000000845fc30 EFLAGS: 00010287
[ 1284.787469] RAX: 0000000000000000 RBX: 000000002e320000 RCX: 000000002d320000
[ 1284.794731] RDX: 000000002d320000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1284.801985] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1284.809243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1284.816500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1284.824912] Task in /syz4 killed as a result of limit of /syz4
[ 1284.830948] memory: usage 204812kB, limit 204800kB, failcnt 1808
[ 1284.837171] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1284.843954] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1284.850084] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:72KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1284.870255] Memory cgroup out of memory: Kill process 25848 (syz-executor4) score 160 or sacrifice child
[ 1284.879934] Killed process 25848 (syz-executor4) total-vm:69988kB, anon-rss:100kB, file-rss:32768kB, shmem-rss:0kB
[ 1284.891557] oom_reaper: reaped process 25848 (syz-executor4), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB
[ 1284.891588] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1284.913043] syz-executor4 cpuset=syz4 mems_allowed=0
[ 1284.918144] CPU: 1 PID: 8628 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1284.925403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1284.934822] Call Trace:
[ 1284.937396]  dump_stack+0x1c4/0x2b4
[ 1284.941007]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1284.946182]  dump_header+0x27b/0xf72
[ 1284.949882]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1284.955663]  ? pagefault_out_of_memory+0x197/0x197
[ 1284.960582]  ? rcu_read_unlock+0x33/0x60
[ 1284.964625]  ? mem_cgroup_iter+0x514/0x1160
[ 1284.968955]  ? oom_unkillable_task+0x422/0x580
[ 1284.973521]  ? lock_downgrade+0x900/0x900
[ 1284.977651]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1284.982388]  ? css_task_iter_end+0x222/0x490
[ 1284.986780]  ? lock_downgrade+0x900/0x900
[ 1284.990915]  ? trace_hardirqs_on+0xbd/0x310
[ 1284.995232]  ? kasan_check_read+0x11/0x20
[ 1284.999364]  ? css_task_iter_end+0x222/0x490
[ 1285.003766]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1285.009197]  ? kasan_check_write+0x14/0x20
[ 1285.013422]  ? do_raw_spin_lock+0xc1/0x200
[ 1285.017645]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1285.022121]  ? css_task_iter_end+0x2ce/0x490
[ 1285.026513]  ? cgroup_procs_next+0x70/0x70
[ 1285.030742]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1285.035322]  ? oom_badness+0xaa0/0xaa0
[ 1285.039194]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1285.043941]  ? mem_cgroup_iter_break+0x30/0x30
[ 1285.048513]  ? cgroup_file_notify+0x226/0x2f0
[ 1285.052992]  out_of_memory.cold.30+0xf/0x184
[ 1285.057384]  ? kasan_check_read+0x11/0x20
[ 1285.061515]  ? oom_killer_disable+0x3a0/0x3a0
[ 1285.066005]  ? kasan_check_write+0x14/0x20
[ 1285.070224]  ? do_raw_spin_lock+0xc1/0x200
[ 1285.074451]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1285.079277]  ? memcg_memory_event+0x40/0x40
[ 1285.083581]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1285.088324]  ? page_counter_try_charge+0x1c1/0x220
[ 1285.093240]  try_charge+0xc43/0x1690
[ 1285.096946]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1285.102035]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1285.108075]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1285.112902]  ? lock_downgrade+0x900/0x900
[ 1285.117032]  ? lock_release+0x970/0x970
[ 1285.121016]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1285.126810]  ? mark_held_locks+0x130/0x130
[ 1285.131040]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1285.135612]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1285.140447]  ? mem_cgroup_can_attach+0x580/0x580
[ 1285.145303]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.149956]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1285.154871]  ? __might_sleep+0x95/0x190
[ 1285.158842]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1285.163423]  ? mem_cgroup_protected+0xa60/0xa60
[ 1285.168079]  ? swp_swapcount+0x530/0x530
[ 1285.172131]  ? mark_held_locks+0x130/0x130
[ 1285.176355]  ? lock_downgrade+0x900/0x900
[ 1285.180501]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1285.186027]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1285.190943]  wp_page_copy+0x46c/0x14f0
[ 1285.194816]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.200432]  ? follow_pfn+0x2e0/0x2e0
[ 1285.204220]  ? page_move_anon_rmap+0x33f/0x620
[ 1285.208788]  ? do_wp_page+0x76c/0x1390
[ 1285.212660]  ? lock_downgrade+0x900/0x900
[ 1285.216793]  ? kasan_check_write+0x14/0x20
[ 1285.221010]  ? kasan_check_read+0x11/0x20
[ 1285.225153]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1285.229543]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1285.234126]  ? __pte_alloc_kernel+0x220/0x220
[ 1285.238621]  do_wp_page+0x774/0x1390
[ 1285.242322]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1285.246980]  ? lock_release+0x970/0x970
[ 1285.250944]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.256470]  ? check_preemption_disabled+0x48/0x200
[ 1285.261472]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1285.266992]  ? kasan_check_write+0x14/0x20
[ 1285.271208]  ? do_raw_spin_lock+0xc1/0x200
[ 1285.275434]  __handle_mm_fault+0x2c60/0x53e0
[ 1285.279830]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1285.284650]  ? save_stack+0xa9/0xd0
[ 1285.288257]  ? save_stack+0x43/0xd0
[ 1285.291861]  ? __kasan_slab_free+0x102/0x150
[ 1285.296250]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1285.301769]  ? common_perm+0x1f6/0x7b0
[ 1285.305640]  ? __ia32_compat_sys_open+0x79/0xb0
[ 1285.310295]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1285.314775]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1285.319460]  ? lock_acquire+0x1ed/0x520
[ 1285.323424]  ? handle_mm_fault+0x42a/0xc70
[ 1285.327814]  ? lock_downgrade+0x900/0x900
[ 1285.331948]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1285.337731]  ? __do_page_fault+0x67d/0xed0
[ 1285.342066]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1285.347504]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1285.353025]  ? check_preemption_disabled+0x48/0x200
[ 1285.358041]  handle_mm_fault+0x54f/0xc70
[ 1285.362102]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1285.366666]  ? find_vma+0x34/0x190
[ 1285.370200]  __do_page_fault+0x67d/0xed0
[ 1285.374250]  ? mm_fault_error+0x380/0x380
[ 1285.378386]  do_page_fault+0xf2/0x7e0
[ 1285.382180]  ? vmalloc_sync_all+0x30/0x30
[ 1285.386312]  ? error_entry+0x70/0xd0
[ 1285.390008]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1285.395007]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1285.399920]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1285.404742]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1285.409739]  ? trace_hardirqs_off+0x310/0x310
[ 1285.414216]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.419734]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1285.424742]  ? page_fault+0x8/0x30
[ 1285.428263]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1285.433086]  ? page_fault+0x8/0x30
[ 1285.436613]  page_fault+0x1e/0x30
[ 1285.440055] RIP: 0023:0x8066042
[ 1285.443317] Code: f6 8d bc 27 00 00 00 00 8b 7c 24 0c 31 c9 29 f8 81 fd 40 42 12 08 8d 1c 3a 0f 95 c1 83 cf 01 83 c8 01 c1 e1 02 89 5d 30 09 f9 <89> 4a 04 89 43 04 8d 5a 08 a1 5c 27 46 08 85 c0 0f 84 8e f9 ff ff
[ 1285.462199] RSP: 002b:000000000845fca0 EFLAGS: 00010206
[ 1285.467545] RAX: 0000000000018e51 RBX: 0000000008ec21b0 RCX: 0000000000008021
[ 1285.474795] RDX: 0000000008eba190 RSI: 0000000000000000 RDI: 0000000000008021
[ 1285.482058] RBP: 0000000008124240 R08: 0000000000000000 R09: 0000000000000000
[ 1285.489309] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000
[ 1285.496558] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
15:26:36 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xf401000000000000}, 0x6)

15:26:36 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0xb00000000000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:36 executing program 5:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550c, &(0x7f0000000100))
syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1, 0x400000)

15:26:36 executing program 3 (fault-call:0 fault-nth:0):
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:36 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000440), &(0x7f0000000480)=0x8)
fcntl$notify(r3, 0x402, 0x10)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f00000002c0)={0x9, 0x1})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x1, &(0x7f0000000240)={0xffffffff}, &(0x7f0000000280), 0x8)
socket$inet6(0xa, 0x1000000000002, 0x0)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x1)
unshare(0x40000000)
connect(r2, &(0x7f0000000380)=@pptp={0x18, 0x2, {0x3, @remote}}, 0x80)
fdatasync(r4)
fsetxattr$trusted_overlay_redirect(r4, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x0)
fcntl$setflags(r3, 0x2, 0x0)
write$eventfd(r4, &(0x7f0000000300)=0x1, 0x8)
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000200))
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000340)={0x80, 0x0, 0x3f, 0x3, 0x6, 0xfffffffffffffffc, 0x3, 0x3ff, 0x1f, 0x2})
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000400))
ioctl$FS_IOC_FSGETXATTR(r5, 0x4004550c, &(0x7f0000000100))

15:26:36 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x420000)
write$FUSE_STATFS(r0, &(0x7f0000000000)={0x60, 0x0, 0x3, {{0x4, 0x7, 0x3, 0x800, 0x10001, 0x0, 0x0, 0x5}}}, 0x60)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

[ 1285.507526] Memory limit reached of cgroup /syz4
[ 1285.512319] memory: usage 204656kB, limit 204800kB, failcnt 1809
[ 1285.518491] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1285.525271] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1285.531404] Memory cgroup stats for /syz4: cache:152KB rss:48KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1285.552368] Out of memory and no killable processes...
[ 1285.574909] FAULT_INJECTION: forcing a failure.
[ 1285.574909] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1285.623003] CPU: 0 PID: 25863 Comm: syz-executor3 Not tainted 4.19.0-rc6+ #175
[ 1285.630508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1285.632094] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1285.639870] Call Trace:
[ 1285.639899]  dump_stack+0x1c4/0x2b4
[ 1285.639920]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1285.639937]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1285.639957]  should_fail.cold.4+0xa/0x17
[ 1285.639975]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1285.639991]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1285.640009]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1285.640023]  ? kasan_unpoison_shadow+0x35/0x50
[ 1285.640039]  ? preempt_count_add+0x7d/0x160
[ 1285.640055]  ? get_page_from_freelist+0x17ae/0x5340
[ 1285.640069]  ? rcu_bh_qs+0xc0/0xc0
[ 1285.640081]  ? unwind_dump+0x190/0x190
[ 1285.640101]  ? is_bpf_text_address+0xd3/0x170
[ 1285.682262]  ? unwind_get_return_address+0x61/0xa0
[ 1285.682284]  ? mark_held_locks+0x130/0x130
[ 1285.692377]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.692405]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1285.707903] IPVS: ftp: loaded support on port[0] = 21
[ 1285.709140]  ? mark_held_locks+0x130/0x130
[ 1285.709154]  ? save_stack+0xa9/0xd0
[ 1285.709178]  __alloc_pages_nodemask+0x34b/0xde0
[ 1285.709196]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.718610]  ? check_preemption_disabled+0x48/0x200
[ 1285.718634]  ? __alloc_pages_slowpath+0x2d80/0x2d80
[ 1285.738213]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.738228]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1285.738246]  ? perf_trace_lock+0x7a0/0x7a0
[ 1285.744839] syz-executor4 cpuset=
[ 1285.746087]  ? mark_held_locks+0x130/0x130
[ 1285.746103]  ? perf_trace_lock+0x7a0/0x7a0
[ 1285.755388] syz4
[ 1285.756283]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1285.780937]  mems_allowed=0
[ 1285.783524]  alloc_pages_current+0x10c/0x210
[ 1285.783546]  skb_page_frag_refill+0x45f/0x6a0
[ 1285.783564]  ? sock_kzfree_s+0x60/0x60
[ 1285.783584]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1285.815177]  ? ima_match_policy+0x848/0x1560
[ 1285.825351]  ? lock_downgrade+0x900/0x900
[ 1285.825371]  tun_build_skb.isra.51+0x358/0x2230
[ 1285.825394]  ? __wake_up_common+0x7d0/0x7d0
[ 1285.825413]  ? tun_device_event+0x1070/0x1070
[ 1285.842998]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.848550]  ? check_preemption_disabled+0x48/0x200
[ 1285.853582]  ? mem_cgroup_update_lru_size+0xd0/0xd0
[ 1285.858606]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.863292]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1285.868266]  ? mark_held_locks+0x130/0x130
[ 1285.872516]  ? mark_held_locks+0x130/0x130
[ 1285.876765]  ? mark_held_locks+0x130/0x130
[ 1285.881004]  ? check_preemption_disabled+0x48/0x200
[ 1285.886030]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.890709]  ? check_preemption_disabled+0x48/0x200
[ 1285.895738]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.901286]  ? check_preemption_disabled+0x48/0x200
[ 1285.906316]  ? check_preemption_disabled+0x48/0x200
[ 1285.911344]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.916025]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1285.916037]  ? __lru_cache_add+0x2ff/0x4e0
[ 1285.916054]  ? perf_trace_lock+0x7a0/0x7a0
[ 1285.916070]  ? mark_held_locks+0x130/0x130
[ 1285.933667]  ? mark_held_locks+0x130/0x130
[ 1285.937933]  tun_get_user+0xc0b/0x4250
[ 1285.941825]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1285.946756]  ? debug_smp_processor_id+0x1c/0x20
[ 1285.951425]  ? aa_file_perm+0x469/0x1060
[ 1285.951452]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1285.961394]  ? tun_build_skb.isra.51+0x2230/0x2230
[ 1285.961418]  ? aa_file_perm+0x490/0x1060
[ 1285.961438]  ? aa_path_link+0x5e0/0x5e0
[ 1285.974380]  ? tun_get+0x206/0x370
[ 1285.977926]  ? lock_downgrade+0x900/0x900
[ 1285.982085]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1285.987897]  ? lock_downgrade+0x900/0x900
[ 1285.992140]  ? tun_get+0x22d/0x370
[ 1285.992155]  ? tun_chr_close+0x180/0x180
[ 1285.992174]  ? common_file_perm+0x236/0x7f0
[ 1286.004062]  tun_chr_write_iter+0xb9/0x154
[ 1286.008307]  do_iter_readv_writev+0x8b0/0xa80
[ 1286.012813]  ? vfs_dedupe_file_range+0x670/0x670
[ 1286.017576]  ? apparmor_file_permission+0x24/0x30
[ 1286.022426]  ? rw_verify_area+0x118/0x360
[ 1286.022443]  do_iter_write+0x185/0x5f0
[ 1286.022460]  ? iov_iter_get_pages+0x1210/0x1210
[ 1286.035147]  ? proc_cwd_link+0x1d0/0x1d0
[ 1286.039224]  compat_writev+0x233/0x410
[ 1286.043118]  ? do_pwritev+0x280/0x280
[ 1286.046925]  ? fget_raw+0x20/0x20
[ 1286.050394]  ? wait_for_completion+0x8a0/0x8a0
[ 1286.054985]  ? lock_release+0x970/0x970
[ 1286.058965]  ? fsnotify_first_mark+0x350/0x350
[ 1286.063551]  ? __fsnotify_parent+0xcc/0x420
[ 1286.067885]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
15:26:36 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2202, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:36 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
write$FUSE_DIRENT(r0, &(0x7f0000000140)={0x118, 0xfffffffffffffff5, 0x4, [{0x5, 0x1, 0x15, 0xfffffffffffffffa, '/dev/bus/usb/00#/00#\x00'}, {0x3, 0x2, 0x15, 0x2, '/dev/bus/usb/00#/00#\x00'}, {0x0, 0x6, 0x15, 0x0, '/dev/bus/usb/00#/00#\x00'}, {0x3, 0x5, 0x15, 0x1, '/dev/bus/usb/00#/00#\x00'}, {0x5, 0x8, 0x15, 0xfffffffffffffff9, '/dev/bus/usb/00#/00#\x00'}, {0x2, 0x9822, 0x0, 0x5}]}, 0x118)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x800000a0})

15:26:36 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x700, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:36 executing program 2:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/mixer\x00', 0x1, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f00000003c0), &(0x7f0000000400)=0x4)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1)
r2 = getpid()
perf_event_open(&(0x7f0000000040)={0x7, 0x70, 0xfffffffffffffffb, 0x2, 0x5, 0x8, 0x0, 0x51f2848e, 0x10000, 0x2, 0x80000001, 0x6, 0x2ebc, 0x400, 0x9, 0x9, 0x3ff, 0x101, 0x16, 0x1, 0x7f, 0x75b, 0x38, 0x80000001, 0x53f2, 0xfffffffffffffbff, 0x10001, 0xfffffffffffffffd, 0x10000, 0x4, 0x7, 0x101, 0x80000000, 0x2, 0x8, 0x6, 0x7, 0x1aba20000000000, 0x0, 0x3, 0x7, @perf_config_ext={0x1, 0x8}, 0x2, 0x1, 0xde, 0x4, 0x8, 0x1, 0x3}, r2, 0x3, 0xffffffffffffff9c, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000280)='/dev/snd/controlC#\x00', 0x10000, 0x280a40)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0x800000a3, 0x3f, 0xfffffffffffffffc, 0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f00000002c0)={<r3=>0x0, 0x1e}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={r3, 0xb579}, 0x8)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000140)={{{@in=@remote}}, {{@in6=@ipv4={[], [], @rand_addr}}, 0x0, @in=@broadcast}}, &(0x7f0000000240)=0xe8)
connect$netlink(r1, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfd, 0x200}, 0xc)

15:26:37 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x2c, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

15:26:37 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x600000000000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1286.073429]  ? __fdget_pos+0xde/0x200
[ 1286.077234]  ? __fdget_raw+0x20/0x20
[ 1286.077250]  ? __sb_end_write+0xd9/0x110
[ 1286.077270]  do_compat_writev+0x119/0x250
[ 1286.077287]  ? compat_writev+0x410/0x410
[ 1286.085044]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1286.085060]  ? mm_fault_error+0x380/0x380
[ 1286.085079]  __ia32_compat_sys_writev+0x74/0xb0
[ 1286.085095]  do_fast_syscall_32+0x34d/0xfb2
[ 1286.085112]  ? do_int80_syscall_32+0x890/0x890
[ 1286.102975]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1286.102992]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1286.103007]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1286.103020]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1286.103033]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1286.103050]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1286.116593]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1286.116613]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1286.116640]  entry_SYSENTER_compat+0x70/0x7f
[ 1286.135845] RIP: 0023:0xf7f04ca9
15:26:37 executing program 0:
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x222, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x1000000, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x7ffff}}}}}}, 0x0)

[ 1286.135862] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1286.135870] RSP: 002b:00000000f5f00054 EFLAGS: 00000292 ORIG_RAX: 0000000000000092
[ 1286.135893] RAX: ffffffffffffffda RBX: 00000000000000f0 RCX: 00000000f5f000a4
[ 1286.182495] RDX: 0000000000000001 RSI: 0000000020007000 RDI: 0000000000000003
[ 1286.182505] RBP: 00000000f5f00168 R08: 0000000000000000 R09: 0000000000000000
[ 1286.182513] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1286.182522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1286.183448] CPU: 0 PID: 25870 Comm: syz-executor4 Not tainted 4.19.0-rc6+ #175
[ 1286.191519] vhci_hcd: invalid port number 63
[ 1286.197510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1286.197515] Call Trace:
[ 1286.197538]  dump_stack+0x1c4/0x2b4
[ 1286.197554]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1286.197574]  dump_header+0x27b/0xf72
[ 1286.226645]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1286.226668]  ? pagefault_out_of_memory+0x197/0x197
[ 1286.226691]  ? rcu_read_unlock+0x33/0x60
[ 1286.235590] ==================================================================
[ 1286.238482]  ? mem_cgroup_iter+0x514/0x1160
[ 1286.247834] BUG: KASAN: use-after-free in vhci_hub_control+0x1b6d/0x1be0
[ 1286.250398]  ? mem_cgroup_nr_lru_pages+0x80/0x80
[ 1286.253996] Read of size 4 at addr ffff8801ce136e9c by task syz-executor2/25885
[ 1286.254003] 
[ 1286.259182]  ? css_task_iter_end+0x222/0x490
[ 1286.314442]  ? lock_downgrade+0x900/0x900
[ 1286.318588]  ? trace_hardirqs_on+0xbd/0x310
[ 1286.322919]  ? kasan_check_read+0x11/0x20
[ 1286.327061]  ? css_task_iter_end+0x222/0x490
[ 1286.331478]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1286.336921]  ? kasan_check_write+0x14/0x20
[ 1286.341154]  ? do_raw_spin_lock+0xc1/0x200
[ 1286.345401]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1286.349892]  ? css_task_iter_end+0x2ce/0x490
[ 1286.354298]  ? cgroup_procs_next+0x70/0x70
[ 1286.358529]  ? _raw_spin_unlock_irq+0x60/0x80
[ 1286.363021]  ? oom_badness+0xaa0/0xaa0
[ 1286.366906]  ? mem_cgroup_scan_tasks+0x1c3/0x1e0
[ 1286.371919]  ? mem_cgroup_iter_break+0x30/0x30
[ 1286.376502]  ? cgroup_file_notify+0x226/0x2f0
[ 1286.381008]  out_of_memory.cold.30+0xf/0x184
[ 1286.385410]  ? kasan_check_read+0x11/0x20
[ 1286.389551]  ? oom_killer_disable+0x3a0/0x3a0
[ 1286.394042]  ? kasan_check_write+0x14/0x20
[ 1286.398273]  ? do_raw_spin_lock+0xc1/0x200
[ 1286.402508]  mem_cgroup_out_of_memory+0x15e/0x210
[ 1286.407352]  ? memcg_memory_event+0x40/0x40
[ 1286.411671]  ? mem_cgroup_try_charge+0x5ea/0xe10
[ 1286.416430]  ? page_counter_try_charge+0x1c1/0x220
[ 1286.421362]  try_charge+0xc43/0x1690
[ 1286.425074]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1286.430180]  ? mem_cgroup_count_precharge_pte_range+0x760/0x760
[ 1286.436232]  ? get_mem_cgroup_from_mm+0x1e9/0x440
[ 1286.441068]  ? lock_downgrade+0x900/0x900
[ 1286.445214]  ? lock_release+0x970/0x970
[ 1286.449186]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1286.454981]  ? rcu_sched_force_quiescent_state+0x20/0x20
[ 1286.460435]  ? get_mem_cgroup_from_mm+0x206/0x440
[ 1286.465275]  ? mem_cgroup_can_attach+0x580/0x580
[ 1286.470026]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1286.475562]  ? check_preemption_disabled+0x48/0x200
[ 1286.480584]  ? __might_sleep+0x95/0x190
[ 1286.484560]  mem_cgroup_try_charge+0x5ea/0xe10
[ 1286.489147]  ? mem_cgroup_protected+0xa60/0xa60
[ 1286.493810]  ? swp_swapcount+0x530/0x530
[ 1286.497878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1286.503410]  ? check_preemption_disabled+0x48/0x200
[ 1286.508421]  ? mark_held_locks+0x130/0x130
[ 1286.512653]  ? debug_smp_processor_id+0x1c/0x20
[ 1286.517317]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1286.522251]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1286.527785]  mem_cgroup_try_charge_delay+0x1d/0xa0
[ 1286.532713]  wp_page_copy+0x46c/0x14f0
[ 1286.536600]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1286.542137]  ? follow_pfn+0x2e0/0x2e0
[ 1286.545933]  ? perf_trace_lock+0x7a0/0x7a0
[ 1286.550167]  ? do_wp_page+0x76c/0x1390
[ 1286.554051]  ? lock_downgrade+0x900/0x900
[ 1286.558193]  ? kasan_check_write+0x14/0x20
[ 1286.562420]  ? kasan_check_read+0x11/0x20
[ 1286.566561]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1286.570971]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1286.575550]  ? __pte_alloc_kernel+0x220/0x220
[ 1286.580049]  do_wp_page+0x774/0x1390
[ 1286.583761]  ? finish_mkwrite_fault+0x4f0/0x4f0
[ 1286.588429]  ? lock_release+0x970/0x970
[ 1286.592398]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1286.597932]  ? check_preemption_disabled+0x48/0x200
[ 1286.602947]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1286.608478]  ? kasan_check_write+0x14/0x20
[ 1286.612708]  ? do_raw_spin_lock+0xc1/0x200
[ 1286.616942]  __handle_mm_fault+0x2c60/0x53e0
[ 1286.621359]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[ 1286.626205]  ? debug_smp_processor_id+0x1c/0x20
[ 1286.630866]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1286.635800]  ? lock_acquire+0x1ed/0x520
[ 1286.639769]  ? handle_mm_fault+0x42a/0xc70
[ 1286.643997]  ? lock_downgrade+0x900/0x900
[ 1286.648143]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1286.653941]  ? __do_page_fault+0x67d/0xed0
[ 1286.658174]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1286.663620]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1286.669152]  ? check_preemption_disabled+0x48/0x200
[ 1286.674169]  handle_mm_fault+0x54f/0xc70
[ 1286.678227]  ? __handle_mm_fault+0x53e0/0x53e0
[ 1286.682806]  ? find_vma+0x34/0x190
[ 1286.686345]  __do_page_fault+0x67d/0xed0
[ 1286.690406]  ? mm_fault_error+0x380/0x380
[ 1286.694550]  ? trace_hardirqs_on+0x310/0x310
[ 1286.699050]  do_page_fault+0xf2/0x7e0
[ 1286.702863]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1286.708400]  ? vmalloc_sync_all+0x30/0x30
[ 1286.712542]  ? error_entry+0x70/0xd0
[ 1286.716254]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1286.721264]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1286.726190]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1286.731029]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1286.736048]  ? trace_hardirqs_off+0x310/0x310
[ 1286.740540]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1286.745551]  ? page_fault+0x8/0x30
[ 1286.749091]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1286.753928]  ? page_fault+0x8/0x30
[ 1286.757462]  page_fault+0x1e/0x30
[ 1286.760910] RIP: 0023:0x8052253
[ 1286.764188] Code: 68 3d 12 08 74 21 c7 43 04 70 3d 12 08 a1 6c 3d 12 08 89 08 8b 15 70 3d 12 08 89 42 04 a1 68 3d 12 08 a3 70 3d 12 08 8d 45 60 <a3> 34 00 46 08 8b 4d 64 8b 55 60 89 4a 04 8b 4d 64 89 11 c7 05 34
[ 1286.783087] RSP: 002b:000000000845fd60 EFLAGS: 00010246
[ 1286.788446] RAX: 0000000008eb9960 RBX: 0000000008123d68 RCX: 0000000008123d70
[ 1286.795708] RDX: 00000000080520d0 RSI: 000000000845fd80 RDI: 0000000000000000
[ 1286.802969] RBP: 0000000008eb9900 R08: 0000000000000000 R09: 0000000000000000
[ 1286.810234] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000000
[ 1286.817498] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1286.824781] CPU: 1 PID: 25885 Comm: syz-executor2 Not tainted 4.19.0-rc6+ #175
[ 1286.832152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1286.841510] Call Trace:
[ 1286.844108]  dump_stack+0x1c4/0x2b4
[ 1286.847749]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1286.848226] Memory limit reached of cgroup 
[ 1286.852936]  ? printk+0xa7/0xcf
[ 1286.852949]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 1286.852973]  print_address_description.cold.8+0x9/0x1ff
[ 1286.857341] /syz4
[ 1286.860578]  kasan_report.cold.9+0x242/0x309
[ 1286.870662]  ? vhci_hub_control+0x1b6d/0x1be0
[ 1286.870680]  __asan_report_load4_noabort+0x14/0x20
[ 1286.874345] memory: usage 204800kB, limit 204800kB, failcnt 1823
[ 1286.877128]  vhci_hub_control+0x1b6d/0x1be0
[ 1286.877146]  ? vhci_hcd_probe+0x240/0x240
[ 1286.881652] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1286.886541]  ? kasan_unpoison_shadow+0x35/0x50
[ 1286.886555]  ? kasan_kmalloc+0xc7/0xe0
[ 1286.886578]  ? __kmalloc+0x31c/0x760
[ 1286.893249] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1286.897499]  ? kasan_check_write+0x14/0x20
[ 1286.897518]  ? do_raw_spin_lock+0xc1/0x200
[ 1286.901664] Memory cgroup stats for 
[ 1286.908383]  ? usb_hcd_submit_urb+0x6fc/0x20a0
[ 1286.908399]  usb_hcd_submit_urb+0x17bb/0x20a0
[ 1286.908416]  ? vhci_hcd_probe+0x240/0x240
[ 1286.913015] /syz4
[ 1286.916855]  ? usb_create_hcd+0x40/0x40
[ 1286.920996] :
[ 1286.926675]  ? __ia32_compat_sys_ioctl+0x20e/0x630
[ 1286.926691]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1286.926709]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1286.930965]  cache:152KB
[ 1286.935159]  ? ___might_sleep+0x1ed/0x300
[ 1286.935171]  ? lock_release+0x970/0x970
[ 1286.935188]  ? arch_local_save_flags+0x40/0x40
[ 1286.938869]  rss:48KB rss_huge:0KB
[ 1286.943445]  ? lock_downgrade+0x900/0x900
[ 1286.943464]  ? __lockdep_init_map+0x105/0x590
[ 1286.947963]  shmem:0KB
[ 1286.952070]  ? __lockdep_init_map+0x105/0x590
[ 1286.952092]  usb_submit_urb+0x893/0x14e0
[ 1286.954168]  mapped_file:0KB
[ 1286.958099]  usb_start_wait_urb+0x13d/0x370
[ 1286.958115]  ? sg_clean+0x240/0x240
[ 1286.959832]  dirty:132KB
[ 1286.964738]  usb_control_msg+0x332/0x4e0
[ 1286.964756]  ? usb_start_wait_urb+0x370/0x370
[ 1286.969302]  writeback:132KB
[ 1286.973799]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1286.973820]  proc_control+0x99b/0xef0
[ 1286.973839]  ? proc_bulk+0xa70/0xa70
[ 1286.976520]  swap:0KB
[ 1286.980615]  ? futex_wake+0x304/0x760
[ 1286.980637]  usbdev_do_ioctl+0x1eb8/0x3b50
[ 1286.984642]  inactive_anon:0KB
[ 1286.989160]  ? processcompl_compat+0x680/0x680
[ 1286.989178]  ? perf_trace_lock+0x7a0/0x7a0
[ 1286.992727]  active_anon:80KB
[ 1286.996941]  ? mark_held_locks+0x130/0x130
[ 1286.996960]  ? do_futex+0x249/0x26d0
[ 1286.996975]  ? kasan_check_write+0x14/0x20
[ 1287.001474]  inactive_file:0KB
[ 1287.003936]  ? do_raw_spin_lock+0xc1/0x200
[ 1287.003952]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1287.003972]  ? check_preemption_disabled+0x48/0x200
[ 1287.008440]  active_file:0KB
[ 1287.012501]  ? check_preemption_disabled+0x48/0x200
[ 1287.015557]  unevictable:0KB
[ 1287.019808]  ? debug_smp_processor_id+0x1c/0x20
[ 1287.019825]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1287.026092]  ? __fget+0x4aa/0x740
[ 1287.026109]  ? lock_downgrade+0x900/0x900
[ 1287.030182] Out of memory and no killable processes...
[ 1287.034630]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1287.034645]  ? rcu_is_watching+0x30/0x30
[ 1287.034660]  ? __kasan_slab_free+0x119/0x150
[ 1287.038807] syz-executor4 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000
[ 1287.043185]  ? kzfree+0x28/0x30
[ 1287.043205]  ? __fget+0x4d1/0x740
[ 1287.047028] syz-executor4 cpuset=
[ 1287.050684]  ? ksys_dup3+0x680/0x680
[ 1287.050702]  ? __might_fault+0x12b/0x1e0
[ 1287.053145] syz4
[ 1287.056877]  ? lock_downgrade+0x900/0x900
[ 1287.061141]  mems_allowed=0
[ 1287.064267]  ? lock_release+0x970/0x970
[ 1287.064289]  ? arch_local_save_flags+0x40/0x40
[ 1287.064307]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1287.205979]  ? trace_hardirqs_on+0xbd/0x310
[ 1287.210300]  ? __fget_light+0x2e9/0x430
[ 1287.214261]  ? fget_raw+0x20/0x20
[ 1287.217714]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1287.223250]  ? compat_put_timespec64+0x110/0x280
[ 1287.228003]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1287.232743]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1287.237667]  ? usbdev_do_ioctl+0x3b50/0x3b50
[ 1287.242074]  usbdev_compat_ioctl+0x24/0x30
[ 1287.246301]  __ia32_compat_sys_ioctl+0x20e/0x630
[ 1287.251055]  do_fast_syscall_32+0x34d/0xfb2
[ 1287.255370]  ? do_int80_syscall_32+0x890/0x890
[ 1287.259946]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1287.264517]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1287.269528]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1287.274370]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1287.279199]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1287.284205]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1287.289211]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1287.294219]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1287.299063]  entry_SYSENTER_compat+0x70/0x7f
[ 1287.303455] RIP: 0023:0xf7ff0ca9
[ 1287.306812] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1287.325698] RSP: 002b:00000000f5fec0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1287.333481] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0185500
[ 1287.340735] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1287.347990] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1287.355245] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1287.362504] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1287.369767] 
[ 1287.371383] Allocated by task 25515:
[ 1287.375085]  save_stack+0x43/0xd0
[ 1287.378527]  kasan_kmalloc+0xc7/0xe0
[ 1287.382229]  kmem_cache_alloc_trace+0x152/0x750
[ 1287.386889]  perf_event_mmap+0x77b/0x1350
[ 1287.391027]  mprotect_fixup+0x6d1/0xc60
[ 1287.394988]  do_mprotect_pkey+0x5d2/0xa60
[ 1287.399123]  __x64_sys_mprotect+0x78/0xb0
[ 1287.403265]  do_syscall_64+0x1b9/0x820
[ 1287.407142]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.412320] 
[ 1287.413930] Freed by task 25515:
[ 1287.417280]  save_stack+0x43/0xd0
[ 1287.420716]  __kasan_slab_free+0x102/0x150
[ 1287.424948]  kasan_slab_free+0xe/0x10
[ 1287.428732]  kfree+0xcf/0x230
[ 1287.431825]  perf_event_mmap+0xd4f/0x1350
[ 1287.435955]  mprotect_fixup+0x6d1/0xc60
[ 1287.439915]  do_mprotect_pkey+0x5d2/0xa60
[ 1287.444047]  __x64_sys_mprotect+0x78/0xb0
[ 1287.448180]  do_syscall_64+0x1b9/0x820
[ 1287.452055]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.457222] 
[ 1287.458841] The buggy address belongs to the object at ffff8801ce136740
[ 1287.458841]  which belongs to the cache kmalloc-4096 of size 4096
[ 1287.471657] The buggy address is located 1884 bytes inside of
[ 1287.471657]  4096-byte region [ffff8801ce136740, ffff8801ce137740)
[ 1287.483686] The buggy address belongs to the page:
[ 1287.488600] page:ffffea0007384d80 count:1 mapcount:0 mapping:ffff8801da800dc0 index:0x0 compound_mapcount: 0
[ 1287.498554] flags: 0x2fffc0000008100(slab|head)
[ 1287.503215] raw: 02fffc0000008100 ffffea00070b0788 ffffea00063ba608 ffff8801da800dc0
[ 1287.511093] raw: 0000000000000000 ffff8801ce136740 0000000100000001 0000000000000000
[ 1287.518965] page dumped because: kasan: bad access detected
[ 1287.524654] 
[ 1287.526264] Memory state around the buggy address:
[ 1287.531179]  ffff8801ce136d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1287.538523]  ffff8801ce136e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1287.545866] >ffff8801ce136e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1287.553205]                             ^
[ 1287.557380]  ffff8801ce136f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1287.564736]  ffff8801ce136f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1287.572076] ==================================================================
[ 1287.579522] Kernel panic - not syncing: panic_on_warn set ...
[ 1287.579522] 
[ 1287.586877] CPU: 1 PID: 25885 Comm: syz-executor2 Tainted: G    B             4.19.0-rc6+ #175
[ 1287.595620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1287.604956] Call Trace:
[ 1287.607534]  dump_stack+0x1c4/0x2b4
[ 1287.611154]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1287.616442]  ? lock_downgrade+0x900/0x900
[ 1287.620579]  panic+0x238/0x4e7
[ 1287.623760]  ? add_taint.cold.5+0x16/0x16
[ 1287.627923]  ? print_shadow_for_address+0xb6/0x116
[ 1287.632843]  ? trace_hardirqs_off+0xaf/0x310
[ 1287.637248]  kasan_end_report+0x47/0x4f
[ 1287.641210]  kasan_report.cold.9+0x76/0x309
[ 1287.645527]  ? vhci_hub_control+0x1b6d/0x1be0
[ 1287.650017]  __asan_report_load4_noabort+0x14/0x20
[ 1287.654934]  vhci_hub_control+0x1b6d/0x1be0
[ 1287.659254]  ? vhci_hcd_probe+0x240/0x240
[ 1287.663392]  ? kasan_unpoison_shadow+0x35/0x50
[ 1287.667962]  ? kasan_kmalloc+0xc7/0xe0
[ 1287.671842]  ? __kmalloc+0x31c/0x760
[ 1287.675555]  ? kasan_check_write+0x14/0x20
[ 1287.679864]  ? do_raw_spin_lock+0xc1/0x200
[ 1287.684087]  ? usb_hcd_submit_urb+0x6fc/0x20a0
[ 1287.688659]  usb_hcd_submit_urb+0x17bb/0x20a0
[ 1287.693142]  ? vhci_hcd_probe+0x240/0x240
[ 1287.697280]  ? usb_create_hcd+0x40/0x40
[ 1287.701259]  ? __ia32_compat_sys_ioctl+0x20e/0x630
[ 1287.706184]  ? do_fast_syscall_32+0x34d/0xfb2
[ 1287.710675]  ? entry_SYSENTER_compat+0x70/0x7f
[ 1287.715256]  ? ___might_sleep+0x1ed/0x300
[ 1287.719402]  ? lock_release+0x970/0x970
[ 1287.723869]  ? arch_local_save_flags+0x40/0x40
[ 1287.728442]  ? lock_downgrade+0x900/0x900
[ 1287.732592]  ? __lockdep_init_map+0x105/0x590
[ 1287.737073]  ? __lockdep_init_map+0x105/0x590
[ 1287.741566]  usb_submit_urb+0x893/0x14e0
[ 1287.745623]  usb_start_wait_urb+0x13d/0x370
[ 1287.749934]  ? sg_clean+0x240/0x240
[ 1287.753559]  usb_control_msg+0x332/0x4e0
[ 1287.757609]  ? usb_start_wait_urb+0x370/0x370
[ 1287.762198]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1287.767736]  proc_control+0x99b/0xef0
[ 1287.771528]  ? proc_bulk+0xa70/0xa70
[ 1287.775340]  ? futex_wake+0x304/0x760
[ 1287.779133]  usbdev_do_ioctl+0x1eb8/0x3b50
[ 1287.783358]  ? processcompl_compat+0x680/0x680
[ 1287.787941]  ? perf_trace_lock+0x7a0/0x7a0
[ 1287.792173]  ? mark_held_locks+0x130/0x130
[ 1287.796397]  ? do_futex+0x249/0x26d0
[ 1287.800207]  ? kasan_check_write+0x14/0x20
[ 1287.804438]  ? do_raw_spin_lock+0xc1/0x200
[ 1287.808671]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1287.814198]  ? check_preemption_disabled+0x48/0x200
[ 1287.819208]  ? check_preemption_disabled+0x48/0x200
[ 1287.824230]  ? debug_smp_processor_id+0x1c/0x20
[ 1287.828898]  ? perf_trace_lock_acquire+0x15b/0x800
[ 1287.833819]  ? __fget+0x4aa/0x740
[ 1287.837258]  ? lock_downgrade+0x900/0x900
[ 1287.841401]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1287.847188]  ? rcu_is_watching+0x30/0x30
[ 1287.851238]  ? __kasan_slab_free+0x119/0x150
[ 1287.855639]  ? kzfree+0x28/0x30
[ 1287.858910]  ? __fget+0x4d1/0x740
[ 1287.862352]  ? ksys_dup3+0x680/0x680
[ 1287.866054]  ? __might_fault+0x12b/0x1e0
[ 1287.870112]  ? lock_downgrade+0x900/0x900
[ 1287.874248]  ? lock_release+0x970/0x970
[ 1287.878212]  ? arch_local_save_flags+0x40/0x40
[ 1287.882790]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1287.888232]  ? trace_hardirqs_on+0xbd/0x310
[ 1287.892560]  ? __fget_light+0x2e9/0x430
[ 1287.896521]  ? fget_raw+0x20/0x20
[ 1287.899978]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1287.905535]  ? compat_put_timespec64+0x110/0x280
[ 1287.910280]  ? compat_get_timespec64+0x2a0/0x2a0
[ 1287.915035]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[ 1287.919956]  ? usbdev_do_ioctl+0x3b50/0x3b50
[ 1287.924359]  usbdev_compat_ioctl+0x24/0x30
[ 1287.928582]  __ia32_compat_sys_ioctl+0x20e/0x630
[ 1287.933332]  do_fast_syscall_32+0x34d/0xfb2
[ 1287.937642]  ? do_int80_syscall_32+0x890/0x890
[ 1287.942221]  ? entry_SYSENTER_compat+0x68/0x7f
[ 1287.946802]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1287.951809]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1287.956639]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1287.961466]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1287.966472]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1287.971479]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1287.976489]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1287.981333]  entry_SYSENTER_compat+0x70/0x7f
[ 1287.985726] RIP: 0023:0xf7ff0ca9
[ 1287.989191] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[ 1288.008088] RSP: 002b:00000000f5fec0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1288.015789] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0185500
[ 1288.023051] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1288.030304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1288.037559] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1288.044814] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1288.053296] Kernel Offset: disabled
[ 1288.056939] Rebooting in 86400 seconds..